www.govinfosecurity.com Open in urlscan Pro
50.56.167.254 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Effective URL:
https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Submission: On July 29 via api (July 29th 2021, 4:27:50 pm UTC) from US

Summary HTTP 238 Redirects Links 66 Behaviour Indicators

Summary

This website contacted 41 IPs in 6 countries across 36 domains to perform 238 HTTP transactions. The main IP is 50.56.167.254, located in United States and belongs to RMH-14, US. The main domain is www.govinfosecurity.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 28th 2021. Valid for: a year.

This is the only time www.govinfosecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 34	50.56.167.254 50.56.167.254	33070 (RMH-14) (RMH-14)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	184.30.24.121 184.30.24.121	16625 (AKAMAI-AS) (AKAMAI-AS)
3	18.197.253.20 18.197.253.20	16509 (AMAZON-02) (AMAZON-02)
76	2.18.233.88 2.18.233.88	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.130.251.6 104.130.251.6	33070 (RMH-14) (RMH-14)
8	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	23.45.104.85 23.45.104.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.12.134 151.101.12.134	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	54.229.143.145 54.229.143.145	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2af::3adf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
15	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
4	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
12	2600:9000:219... 2600:9000:2190:d200:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	151.101.192.134 151.101.192.134	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	54.198.5.108 54.198.5.108	14618 (AMAZON-AES) (AMAZON-AES)
20	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	151.101.12.64 151.101.12.64	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2 3	13.224.96.52 13.224.96.52	16509 (AMAZON-02) (AMAZON-02)
4 6	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3 3	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1 2	34.255.110.255 34.255.110.255	16509 (AMAZON-02) (AMAZON-02)
3 3	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	178.79.242.16 178.79.242.16	22822 (LLNW) (LLNW)
2 5	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 2	52.49.107.116 52.49.107.116	16509 (AMAZON-02) (AMAZON-02)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	184.31.88.106 184.31.88.106	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.208.103.128 52.208.103.128	16509 (AMAZON-02) (AMAZON-02)
238	41

34 50.56.167.254 (United States) 1 redirects

ASN33070 (RMH-14, US)

www.govinfosecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

76 2.18.233.88 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-88.deploy.static.akamaitechnologies.com

130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.130.251.6 (United States)

ASN33070 (RMH-14, US)

worker.ismgcorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.104.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-104-85.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

bankinfosecurity.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.143.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-143-145.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2af::3adf (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

sjs.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:2190:d200:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.192.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f3e6a9158a21d21127dcd302a7a41058.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.198.5.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-5-108.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.64 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

glitter.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.96.52 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-52.zrh50.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.174.68 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

ejp.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.110.255 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-110-255.eu-west-1.compute.amazonaws.com

io.narrative.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.241 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.16 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net

cdn01.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 66.155.71.25 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-a.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.107.116 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.88.106 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-88-106.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.103.128 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
76	rackcdn.com 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com 0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com 4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com 75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com 6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com 21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com 752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com	9 MB
34	govinfosecurity.com 1 redirects www.govinfosecurity.com	465 KB
27	googlesyndication.com f3e6a9158a21d21127dcd302a7a41058.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	675 KB
22	doubleclick.net 3 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	139 KB
13	disquscdn.com c.disquscdn.com a.disquscdn.com	519 KB
8	disqus.com bankinfosecurity.disqus.com disqus.com glitter.services.disqus.com referrer.disqus.com	58 KB
8	googletagservices.com www.googletagservices.com	276 KB
7	google.com 1 redirects adservice.google.com www.google.com fcmatch.google.com	2 KB
6	rlcdn.com 4 redirects ejp.rlcdn.com idsync.rlcdn.com	2 KB
6	google-analytics.com www.google-analytics.com	20 KB
5	twimg.com pbs.twimg.com	16 KB
5	gstatic.com fonts.gstatic.com	72 KB
4	sitescout.com 1 redirects pixel.sitescout.com	3 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	4 KB
3	adnxs.com 3 redirects ib.adnxs.com	3 KB
3	rezync.com 2 redirects live.rezync.com	2 KB
3	ml314.com ml314.com in.ml314.com	14 KB
3	ensighten.com nexus.ensighten.com	10 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	565 B
2	tapad.com 1 redirects pixel.tapad.com	900 B
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	basis.net 1 redirects cdn01.basis.net pixel-a.basis.net	1 KB
2	rfihub.com 2 redirects p.rfihub.com	2 KB
2	narrative.io 1 redirects io.narrative.io	810 B
2	marketo.net munchkin.marketo.net	6 KB
1	teads.tv sync.teads.tv	287 B
1	exelator.com loadm.exelator.com	324 B
1	youtube.com fcmatch.youtube.com
1	google.de adservice.google.de	853 B
1	addthisedge.com v1.addthisedge.com	325 B
1	bizographics.com sjs.bizographics.com	2 KB
1	moatads.com z.moatads.com	1 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
1	ismgcorp.com worker.ismgcorp.com	201 B
1	addthis.com s7.addthis.com	114 KB
1	googleapis.com fonts.googleapis.com	1 KB
238	36

	Domain	Requested by
34	www.govinfosecurity.com	1 redirects www.govinfosecurity.com
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
17	dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com	www.govinfosecurity.com
17	130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com	www.govinfosecurity.com
15	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.govinfosecurity.com
12	c.disquscdn.com	bankinfosecurity.disqus.com disqus.com c.disquscdn.com
11	0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com	www.govinfosecurity.com
8	www.googletagservices.com	www.govinfosecurity.com securepubads.g.doubleclick.net
6	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	www.google-analytics.com	www.govinfosecurity.com www.google-analytics.com
6	6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com	www.govinfosecurity.com
6	75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com	www.govinfosecurity.com
5	www.google.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	disqus.com	bankinfosecurity.disqus.com c.disquscdn.com
5	pbs.twimg.com	www.govinfosecurity.com
5	fonts.gstatic.com	fonts.googleapis.com
5	752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com	www.govinfosecurity.com
4	pixel.sitescout.com	1 redirects www.govinfosecurity.com
4	idsync.rlcdn.com	2 redirects live.rezync.com
4	stats.g.doubleclick.net	www.google-analytics.com
4	21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com	www.govinfosecurity.com
4	fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com	www.govinfosecurity.com
4	4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com	www.govinfosecurity.com
3	ib.adnxs.com	3 redirects
3	cm.g.doubleclick.net	3 redirects
3	live.rezync.com	2 redirects c.disquscdn.com
3	nexus.ensighten.com	www.govinfosecurity.com nexus.ensighten.com
2	bcp.crwdcntrl.net	1 redirects
2	pixel.tapad.com	1 redirects
2	dpm.demdex.net	1 redirects
2	p.rfihub.com	2 redirects
2	io.narrative.io	1 redirects www.govinfosecurity.com
2	ejp.rlcdn.com	2 redirects
2	px.ads.linkedin.com	2 redirects
2	ml314.com	www.govinfosecurity.com ml314.com
2	munchkin.marketo.net	www.govinfosecurity.com munchkin.marketo.net
2	f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com	www.govinfosecurity.com
1	sync.teads.tv
1	loadm.exelator.com
1	pixel-a.basis.net	1 redirects
1	cdn01.basis.net	www.googletagmanager.com
1	fcmatch.youtube.com	c.disquscdn.com
1	fcmatch.google.com	1 redirects
1	referrer.disqus.com	www.govinfosecurity.com
1	glitter.services.disqus.com	c.disquscdn.com
1	a.disquscdn.com	www.govinfosecurity.com
1	in.ml314.com	ml314.com
1	f3e6a9158a21d21127dcd302a7a41058.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	px4.ads.linkedin.com	www.govinfosecurity.com
1	www.linkedin.com	1 redirects
1	v1.addthisedge.com	s7.addthis.com
1	sjs.bizographics.com	www.govinfosecurity.com
1	bankinfosecurity.disqus.com	www.govinfosecurity.com
1	z.moatads.com	s7.addthis.com
1	www.googletagmanager.com	www.govinfosecurity.com
1	worker.ismgcorp.com	www.govinfosecurity.com
1	s7.addthis.com	www.govinfosecurity.com
1	fonts.googleapis.com	www.govinfosecurity.com
238	60

This site contains links to these domains. Also see Links.

Domain
www.bankinfosecurity.com
www.cuinfosecurity.com
www.healthcareinfosecurity.com
www.inforisktoday.com
www.careersinfosecurity.com
www.databreachtoday.com
www.devicesecurity.io
www.fraudtoday.io
www.paymentsecurity.io
ffiec.bankinfosecurity.com
omnibus.healthcareinfosecurity.com
ddos.inforisktoday.com
ransomware.databreachtoday.com
gdpr.inforisktoday.com
covid19.inforisktoday.com
events.ismg.io
www.facebook.com
twitter.com
www.linkedin.com
blogs.blackberry.com
www.databreachtoday.in
t.co
www.bankinfosecurity.asia
securityintelligence.inforisktoday.com
ismg.io

Subject Issuer	Validity	Valid
ismg.io Go Daddy Secure Certificate Authority - G2	`2021-05-28` - `2022-06-29`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-05` - `2021-09-27`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
nexus.ensighten.com DigiCert SHA2 Secure Server CA	`2020-09-09` - `2021-10-11`	a year	crt.sh
*.ssl.cf1.rackcdn.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
worker.ismgcorp.com Go Daddy Secure Certificate Authority - G2	`2021-02-12` - `2022-03-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2021-03-29` - `2022-04-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
js.bizographics.com DigiCert SHA2 Secure Server CA	`2020-03-23` - `2022-03-28`	2 years	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
a.disquscdn.com Amazon	`2020-11-30` - `2021-12-29`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-26` - `2022-05-28`	a year	crt.sh
*.rezync.com Amazon	`2021-01-26` - `2022-02-23`	a year	crt.sh
*.narrative.io Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
cdn01.basis.net GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-06-14` - `2022-06-14`	a year	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
teads.tv R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Frame ID: 1846265D23699CC5F0C64409404F0C9A
Requests: 163 HTTP requests in this frame

Frame: https://f3e6a9158a21d21127dcd302a7a41058.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8FD5B8441150DB7BF304F6D4A430337A
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&t_d=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&t_t=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&s_o=default
Frame ID: 4D73AD0BB3CE997D2ACAEBE812863377
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5H9ON5tiuvgxH9KP5QLdqefDxYx4b7Ap9KjxP9TiIUVcbR0lxmf9Z-IrDPgFQNYjwpc2KiMCzXBqxGVxFSqO7Z5eRq0XxSJBxDf6t_--J4CavN0Vcgm8Vsws8eiiAwDw9XKtbUt66sQCSb50C-FxIE9RkBQBLvkT2qh6P3F6pJ5DQv4G_EzT1zkSICrPiJWFzDN0xl_RJoDgptVZXykg_kaAJlXHhM1YHxaiPAjF7KiWoff6kCjIuWKa0iBgU8apxMLr1lT2pV1grMnEoTMEnBokyNsEtrS6VNukNGE8SgmrkiG_dRISZIu0vhAWvhw&sai=AMfl-YSVIqe0TmQSwvkZj7Mc_nCcrj6fMZTQVjmzKSL0vb4L8pqKrzDmytWke4lscmFN76kGETS3jJEz_rPQZ5McQOk3pUqNYPY7pOOozVaQG61uemWXSwqd_yFBgkw0_So&sig=Cg0ArKJSzMndC3901Qb_EAE&adurl=
Frame ID: 352D622F539DB0BD01DAEA02FC8FBCC1
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIbzu2oQ4KKB_ipYAUQ2okSALuVDRoBzd5kPcofrIW5_J0nV64yKkIiu-l8Q5Skt8h8UEjDKxqLnlkSG9XX5g6MrN1_KZdslml7m50tYzqUkOd6tSxOMbHv3A_ShVdRuPpt4Zx_tS85PedQA4JcmTe-PN4uu18690JivZOd2ss1NQqimCQ8ktkZrSE7EDzrnMgcd5aE9iAOz_dEIdH1w_VqpxXmxXRDahhExe842kV4FB_tBV3si5Zi8SVH3tEs29ImfGefbLcW-Kbn8c41wondO-XYA0op4k2YyZeFNOYZgUzroSEBIIviBCI8UiYeAxzuzY&sai=AMfl-YS5Qzm64n6ijxMZNpToXXFzCl4Yjv0o-_2bQm_EwyhkGAJLUk84NLQBqdnP5sf35KE5UKAplXfFC_9x0mayRu45nX6zl5gdA9-XiBOts-hmQYJktXxVwPBsegIOuEM&sig=Cg0ArKJSzAweRICHc8BvEAE&adurl=
Frame ID: DBEE9E218FC143C1950671A19DD843A8
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2LR23UWnMCHirCtgiI9LkBAw6ZLgf0wUipuuDosVIhm5g4lyojG79FRWrDxWGIAZECPpVoSAA2i50NiIu_gqORlExsh-KOs_sfrDazukq09YHwGRSZO1gqhXvb_HYAldi97nykT7ZVZ5Fg3iAkehrEtgR8BJj7DCXgpwd15F-UYSrSOguQuNjIeZxob9_gtKDeOnkqsa-zbsq8iOaBYioo9tKgr9DgFUXPmH3wWOVg6qmSymsU9M0omuaScYX1CXegy8jWzDg-eBLFsTwbhfxCC5IU-rxMBtl4_shaL6qT3m4X97NPtOOXUE-QxMWBYV3RwqP_Q&sai=AMfl-YTuizuAtDu231FOd05v5xA0APJVcucyMj3d08U_KKrDrKKMrMFeceTp9G5cYKRhkpAo6OGYlLmmzEPDaA9Rm8wUSQHN8BQBP9xvHEI-qi352eMBAgn1nS8IQmPX8Ps&sig=Cg0ArKJSzMAmp5QqJz2REAE&adurl=
Frame ID: EE5EAD3CCA18DD5BFAB3B30443F9757F
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXeBdAjoNl6_YuuQm5sXnFqUuzwfNx7VIjfTVVl-s32UnUMT1EK2TzJk-unkLgYJFv3hKNEqGbg_w70XYwATkk2uLIbjVTnk7DJ6BkuSqRuWKZrXbpfx_VpNCFBUUnfTXl_7rf7wYv6OMxyx__pBw8v7ysmShmCES_1rkfn2ZHOjS0DZjzyF3_GZFJC0EYCD-WtoaG7P4hU53wKinGBeQCxPsadGm7sads-J__LG8e7VkMGKKKmx9Jw_Nsh-CHM_rZ97bVkoF_T3Y3qszQe2SKy9l-Z9rTjHQ9fpRKyHJgEFXoLJaprtar5WedYf3KRYJfCl4&sai=AMfl-YQ4QaEl1FkyhZ2ickQwctrVURWiHzsuQiAOKNRbnhyVEL4rDppZs0DJJXkKk0Dh9kCstVbK8uYg8KdQxCz06XBmGPPQ6Ftd8MaYQSOpsk6Ue8KeUJKIEnEj73g-7Aw&sig=Cg0ArKJSzJZUT0AVgsboEAE&adurl=
Frame ID: 82C4AB8AB383E5AC61A95FA514E6E07C
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLMYr6fXlm2xZkgYNuEo01c3Vx3x1cSH9VQU2MrKQZEKsG-s6LXNgR6P_L2rBzS7UrRAgqBmATQSz2i6m8J9VlntAGp81yfo33PKam-Ogyr1TeAiT5dNh4QFNVRdB8j6uDiqkp6KRTmBWiTAu_dq2t5eDWyNp0i64IROJG6bEm9bk5la7Oe9K3DlBnSPP2f6waj5LZa9p-Qo_jijgDUm34b8AeeUOcNCL3unpvirn6p8GWdRyWNSLPcBSWEp62v6TLMaZSJKNKgQcxkkI-iv-OHLLIyT3Rj1Mxam22qNuPgmJWE5FiXSvY5kiquewxZIwAwg&sai=AMfl-YQ5_PX-h4apq_OQZZk9tIQSgGtqxsRaMS8JXF__PGuTSeBije4s5CP3oXdqTuCAQXaYkCodILKA2ZmrjE200-2yt6S-2nhYOsjyPx2U1FwNUui-y23fC5EpRbodB4Y&sig=Cg0ArKJSzB3siQrTAEBpEAE&adurl=
Frame ID: 0A9030242B32AC53C51428633941CD8A
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTd-eBC7s42it556-JZZEg97HgPb3FbsAHec4kYVgs-UsgaP2PwTzSnolBjgDcl-bikcIgt5wy-gW1ASfK5hGnmsiG58jZww1Un0goPJc2Oe2cSSNucKcNiLHLLJkUNrvq_QZLEimIp42OPjpIAcHPRo6Eug4INy1NRmF_l3DjQchqfmU3wVrUMtjpNEda1Rg0nw0Dmxv-P2vivvd7ZcA5gC34yuYLsoVKTHdwhbbuCZJII9XlkBNfFgau8weMwShOyNqABrhCUsAAAPnpYqCtztEpM7X10xUHvKS2CDs3sTwIE8MeyJS_eU2kOeoJAzCQ&sai=AMfl-YTciYqxXWXwNR3f4mpHermU-K7tsEdZeB0m2JAJ_wymevC6WrA68Zfk7rc0oysfht0vD5f5dpR5SlPcfhLpMwnlfntrrWmw_AlIRtfkO-ZtkfE9VX_MfF43x4gMQpI&sig=Cg0ArKJSzKh4baZPiHVSEAE&adurl=
Frame ID: B429CA434CA96C304354B5A7423301F2
Requests: 9 HTTP requests in this frame

Frame: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c70ba62f1cjc7n6&pctry=CH&referrer=https%3A%2F%2Fwww.govinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142
Frame ID: DC745EF62D9E79F7DB86DCE9E4042361
Requests: 3 HTTP requests in this frame

Frame: https://fcmatch.youtube.com/pixel?google_gm=AMnCDorNpTbws-0ZkjPTqABxtFavlW6ocGM1-0yniSGMBdifk_FpfBEmn6C_wE2wydi3_RR0baf57xOLFzwyGwMdlu34EDVUId9cYKGcKV1D5Kge3sEzuWpkcRPeAwFWpV_FutgGZuT4bHgrCKgNeoWYRsfeWaVytQ
Frame ID: 837C651C81FE3D5D9610AEB9327DAA52
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 354037B04B23D6526A6BE62BA5F35192
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6146FA03769CE19C8D26B02447C56C3D
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 8379968BC5EEFF3ED6C1DEBD1FFB2E16
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142 HTTP 301
https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142 Page URL

Detected technologies

TinyMCE (Rich Text Editors) Expand

Overall confidence: 100%
Detected patterns

script /\/tiny_?mce(?:\.min)?\.js/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

AddThis (Widgets) Expand

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

script /\/\/nexus\.ensighten\.com\//i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

ShareThis (Widgets) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui.*\.js/i
html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

prettyPhoto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i

Page Statistics

238
Requests

100 %
HTTPS

39 %
IPv6

36
Domains

60
Subdomains

41
IPs

6
Countries

11426 kB
Transfer

18048 kB
Size

2
Cookies

66 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bankinfosecurity.com/
Title: BankInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.cuinfosecurity.com/
Title: CUInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.healthcareinfosecurity.com/
Title: HealthcareInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.inforisktoday.com/
Title: InfoRiskToday

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/
Title: CareersInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.com/
Title: DataBreachToday

Search URL Search Domain Scan URL

URL: https://www.devicesecurity.io/
Title: DeviceSecurity

Search URL Search Domain Scan URL

URL: https://www.fraudtoday.io/
Title: FraudToday

Search URL Search Domain Scan URL

URL: https://www.paymentsecurity.io/
Title: PaymentSecurity

Search URL Search Domain Scan URL

URL: https://ffiec.bankinfosecurity.com/
Title: FFIEC

Search URL Search Domain Scan URL

URL: https://omnibus.healthcareinfosecurity.com/
Title: HIPAA Omnibus

Search URL Search Domain Scan URL

URL: https://ddos.inforisktoday.com/
Title: DDoS

Search URL Search Domain Scan URL

URL: https://ransomware.databreachtoday.com/
Title: Ransomware

Search URL Search Domain Scan URL

URL: https://gdpr.inforisktoday.com/
Title: GDPR

Search URL Search Domain Scan URL

URL: https://covid19.inforisktoday.com/
Title: COVID-19

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/virtual-cybersecurity-summit-fraud-and-payments-2021/

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/cybersecurity-and-fraud-summit-london-2021/

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/cybersecurity-summit-brazil-2021/

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/cybersecurity-and-fraud-summit-toronto-2021/

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/virtual-cybersecurity-summit-africa-2021/

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/employer-center
Title: Post a Job

Search URL Search Domain Scan URL

URL: http://www.facebook.com/govinfosec

Search URL Search Domain Scan URL

URL: http://twitter.com/ISMG_News

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/information-security-media-group-corp-ismg/?viewAsMember=true

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/virtual-cybersecurity-summit-fraud-and-payments-2021/?rf=trending
Title: Fraud & Payments Security Summit: Aug. 17-18

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142#disqus_thread

Search URL Search Domain Scan URL

URL: https://blogs.blackberry.com/en/2021/07/old-dogs-new-tricks-attackers-adopt-exotic-programming-languages
Title: BlackBerry

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.com/attackers-increasingly-using-cobalt-strike-a-16959
Title: Cobalt Strike

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.com/electrorat-malware-targets-cryptocurrency-wallets-a-15716
Title: ElectroRAT

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.com/how-ekans-ransomware-targets-industrial-control-systems-a-14561
Title: Ekans

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.com/how-mespinoza-ransomware-group-hits-targets-a-17086
Title: How Mespinoza Ransomware Group Hits Targets

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.in/espionage-campaign-using-updated-variant-bandook-spyware-a-17060
Title: Delphi

Search URL Search Domain Scan URL

URL: http://twitter.com/netsecu
Title: netsecu

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/search?q=%23cybersecurity
Title: #cybersecurity

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1420781192933220357
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/shah_sheikh
Title: shah_sheikh

Search URL Search Domain Scan URL

URL: https://t.co/3j2w0ywSIo
Title: https://t.co/3j2w0ywSIo

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1420781049018126337
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/dantechservices
Title: dantechservices

Search URL Search Domain Scan URL

URL: https://t.co/sTtu6UPPbX
Title: https://t.co/sTtu6UPPbX

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/search?q=%23ProtectTheClick
Title: #ProtectTheClick

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1420781048795828224
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/GetCalCISO
Title: GetCalCISO

Search URL Search Domain Scan URL

URL: https://t.co/Y4Gx3ANC3E
Title: https://t.co/Y4Gx3ANC3E

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1420781048502259714
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/HealthITsec
Title: HealthITsec

Search URL Search Domain Scan URL

URL: https://t.co/IVd3CQACil
Title: https://t.co/IVd3CQACil

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1420781046170152962
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/search/realtime?q=bankinfosecurity%20OR%20inforisktoday%20OR%20healthcareinfosecurity%20OR%20govinfosecurity%20OR%20careersinfosecurity%20OR%20databreachtoday%20OR%20cuinfosecurity%20OR%20from:euroinfosec%20OR%20from:ISMG_asia%20OR%20from:bnkinfosecurity%20OR%20from:cuinfosecurity%20OR%20from:fraudblogger%20OR%20from:govinfosecurity%20OR%20from:mariannemcgee%20OR%20from:gen_sec%20OR%20from:securityeditor%20OR%20from:healthinfosec%20OR%20from:careersinfosec%20OR%20from:databreachtoday%20OR%20from:inforisktoday%20OR%20from:ISMG_news%20OR%20from:ismg_press&src=hash
Title: Follow us on Twitter

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/audit-technology-risk-management-principal-matrix-resources-deerfield-il-i-2131797
Title: IT Audit - Technology Risk Management Principal - MATRIX Resources - Deerfield, IL

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/quality-assurance-coordinator-fedex-logistics-memphis-tn-memphis-i-2131769
Title: Quality Assurance Coordinator - FedEx Logistics - Memphis, TN

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/senior-manager-data-risk-management-testing-monitoring-people-leader-i-2131798
Title: Senior Manager, Data Risk Management Testing & Monitoring (People Leader) - Charles Schwab - Westlake, TX

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/expert-analysis-battle-against-ransomware-i-4927
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/waging-war-on-cybercrime-big-data-ai-i-4938
Title:

Search URL Search Domain Scan URL

URL: https://www.healthcareinfosecurity.com/interviews/telehealth-emerging-security-privacy-issues-i-4916
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/educating-training-future-cybersecurity-pros-i-4930
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/kaseya-ransomware-largest-attack-ive-witnessed-so-far-i-4926
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/alert-for-ransomware-attack-victims-heres-how-to-respond-i-4937
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/moving-forward-identity-centric-security-i-4928
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.com/interviews/overcoming-cyberthreat-intelligence-sharing-hurdles-i-4935
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/analysis-implications-pegasus-spyware-investigation-i-4936
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/analysis-changing-nature-ransomware-attacks-i-4934
Title:

Search URL Search Domain Scan URL

URL: https://securityintelligence.inforisktoday.com/
Title: Security Intelligence

Search URL Search Domain Scan URL

URL: https://ismg.io/
Title: Information Security Media Group, Corp.

Search URL Search Domain Scan URL

URL: https://ismg.io/about-us
Title: About ISMG

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142 HTTP 301
https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 133

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1627576049721&url=https%3A%2F%2Fwww.govinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D749%26time%3D1627576049721%26url%3Dhttps%253A%252F%252Fwww.govinfosecurity.com%252Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1627576049721&url=https%3A%2F%2Fwww.govinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1627576049721&url=https%3A%2F%2Fwww.govinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&liSync=true&e_ipv6=AQJCSrs2gKL2GQAAAXrzF6bS01qBcZk0PFeKbPtxm12jxK-jjlEvrRUsS3piJm6Hsl4NJdTJ

Request Chain 217

https://ejp.rlcdn.com/501709.html HTTP 307
https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCPSti4gGEgUI6AcQAEIASgA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwVWNLZHJuaGU1bHNUWTVtck5EUVYxRlUzYjJxRXFKRWFiU2l5REl6N2NKUQ==&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwVWNLZHJuaGU1bHNUWTVtck5EUVYxRlUzYjJxRXFKRWFiU2l5REl6N2NKUQ==&google_cm=&google_tc= HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDorNpTbws-0ZkjPTqABxtFavlW6ocGM1-0yniSGMBdifk_FpfBEmn6C_wE2wydi3_RR0baf57xOLFzwyGwMdlu34EDVUId9cYKGcKV1D5Kge3sEzuWpkcRPeAwFWpV_FutgGZuT4bHgrCKgNeoWYRsfeWaVytQ HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDorNpTbws-0ZkjPTqABxtFavlW6ocGM1-0yniSGMBdifk_FpfBEmn6C_wE2wydi3_RR0baf57xOLFzwyGwMdlu34EDVUId9cYKGcKV1D5Kge3sEzuWpkcRPeAwFWpV_FutgGZuT4bHgrCKgNeoWYRsfeWaVytQ

Request Chain 218

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac70ba62f1cjc7n6&ret=img&ref=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142 HTTP 302
https://io.narrative.io/?io.narrative.guid.v2=dfefc2b0-f089-11eb-a833-0aa6849ebafd&companyId=19&id=disqus_id%3Ac70ba62f1cjc7n6&ret=img&ref=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142

Request Chain 219

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=9101034011554319966 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=767353da-0340-4c02-ac48-f0d48f2c0ec2%3A1627576052.27&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc70ba62f1cjc7n6 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=c70ba62f1cjc7n6 HTTP 307
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=9101034011554319966

Request Chain 220

https://p.rfihub.com/cm?pub=39342&in=1&userid=767353da-0340-4c02-ac48-f0d48f2c0ec2%3A1627576052.27&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D%7Buserid%7D HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1871316022003905597 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=c70ba62f1cjc7n6 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESECluy8K7MAHu0TIH3E01rDs&google_cver=1

Request Chain 225

https://pixel-a.basis.net/iap/64ead273d1f41aa7 HTTP 301
https://pixel.sitescout.com/iap/64ead273d1f41aa7 HTTP 302
https://pixel.sitescout.com/iap/64ead273d1f41aa7?cookieQ=1

Request Chain 237

https://dpm.demdex.net/ibs:dpid=82530&dpuuid=59b6e270-e65c-49e2-a95d-e82779e7acfc-6102d6f5-4348&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=59b6e270-e65c-49e2-a95d-e82779e7acfc-6102d6f5-4348&gdpr=0&gdpr_consent=

Request Chain 238

https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=59b6e270-e65c-49e2-a95d-e82779e7acfc-6102d6f5-4348 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=59b6e270-e65c-49e2-a95d-e82779e7acfc-6102d6f5-4348

Request Chain 241

https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=59b6e270-e65c-49e2-a95d-e82779e7acfc-6102d6f5-4348 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=59b6e270-e65c-49e2-a95d-e82779e7acfc-6102d6f5-4348

238 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set attackers-rely-on-exotic-languages-for-malware-creation-a-17142 Show response
www.govinfosecurity.com/
Redirect Chain

http://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

368 KB
53 KB

692ms
255ms

Document
text/html

50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

79514142569a1d9b7625448a1a32c90aa95f468df252c3bbe69dce07a6e1294c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Host: www.govinfosecurity.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:26 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=gm35rtqiiib2telgqq29qnqvia; expires=Thu, 29-Jul-2021 20:27:26 GMT; Max-Age=14400; path=/; SameSite=None; Secure _advert=false; expires=Fri, 30-Jul-2021 16:27:26 GMT; Max-Age=86400; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Thu, 29 Jul 2021 16:27:26 GMT
Server: Apache
Location: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Content-Length: 303
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK jquery-ui.min.css
www.govinfosecurity.com/css-responsive/vendor/ 25 KB
5 KB 152ms
149ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/css-responsive/vendor/jquery-ui.min.css?s=1627576046.8412

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

fc54c09a7a71615ec35a22ed20afa4034588986ed88c3fc184b2c0bc637c33fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Cookie: PHPSESSID=gm35rtqiiib2telgqq29qnqvia; _advert=false
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4896

GET
H/1.1 200
OK mediaelementplayer-updated.css
www.govinfosecurity.com/css-responsive/vendor/ 11 KB
3 KB 300ms
148ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/css-responsive/vendor/mediaelementplayer-updated.css?s=1627576046.8412

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

1a0bbdba57f90a60fef89419fc940d8eae55c5b0d12ecbadde2beaef32ab2d90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Cookie: PHPSESSID=gm35rtqiiib2telgqq29qnqvia; _advert=false
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2622

GET
H2 200 css
fonts.googleapis.com/ 20 KB
1 KB 20ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

176bf34c69ad4b716195073e854bcb902e052f159870b34de9886245f48bec6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 14:27:27 GMT
server: ESF
date: Thu, 29 Jul 2021 16:27:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jul 2021 16:27:27 GMT

GET
H/1.1 200
OK main.css
www.govinfosecurity.com/css-responsive/ 231 KB
42 KB 452ms
157ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/css-responsive/main.css?s=1627576046.8412

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

ba45c4b9710b1386b82a4354f829ee2f201e70742a2e646ffbedfa889e43d41f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Cookie: PHPSESSID=gm35rtqiiib2telgqq29qnqvia; _advert=false
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 43006

GET
H/1.1 200
OK prettyPhoto.css
www.govinfosecurity.com/css-responsive/ 21 KB
3 KB 444ms
148ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/css-responsive/prettyPhoto.css?s=1627576046.8412

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

7d0bada0d9b66aa1ca8eb906bb9736ca96e3859e9c05287a8f0cf5ffa9ff8760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Cookie: PHPSESSID=gm35rtqiiib2telgqq29qnqvia; _advert=false
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2840

GET
H/1.1 200
OK bis-hdr.desktop.r2.css
www.govinfosecurity.com/css-responsive/vendor/ 8 KB
2 KB 445ms
148ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/css-responsive/vendor/bis-hdr.desktop.r2.css?s=1627576046.8412

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

eefc2533a82b69fab9b19b9e316bb606e70d17d61b57f9ea841b26c59624bc20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Cookie: PHPSESSID=gm35rtqiiib2telgqq29qnqvia; _advert=false
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1956

GET
H/1.1 200
OK bis-hdr.mobile.r2.css
www.govinfosecurity.com/css-responsive/vendor/ 9 KB
2 KB 449ms
149ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/css-responsive/vendor/bis-hdr.mobile.r2.css?s=1627576046.8412

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

77c36fad51d04a56e55d1d454094c4312c3b11443f42b456c3f5082d66696be1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Cookie: PHPSESSID=gm35rtqiiib2telgqq29qnqvia; _advert=false
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2133

GET
H/1.1 200
OK font-awesome.min.css
www.govinfosecurity.com/css-responsive/vendor/ 22 KB
5 KB 449ms
149ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/css-responsive/vendor/font-awesome.min.css?s=1627576046.8412

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

93f466f6b1a81c848140e51c839a5372034ab22182601e86dd86947ad3a7fe94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Cookie: PHPSESSID=gm35rtqiiib2telgqq29qnqvia; _advert=false
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5049

GET
H/1.1 200
OK jquery.min.js Show response
www.govinfosecurity.com/javascripts-responsive/vendor/ 91 KB
33 KB 484ms
167ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/javascripts-responsive/vendor/jquery.min.js?s=1627576046.8412

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

eccabf5cc7613433c3ddc71ff34391ae850d304d3aceb5666868c4947134f3b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Cookie: PHPSESSID=gm35rtqiiib2telgqq29qnqvia; _advert=false
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 33094

GET
H/1.1 404
Not Found modernizr.js
www.govinfosecurity.com/javascripts-responsive/vendor/ 0
0 640ms
196ms Script
text/html 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/javascripts-responsive/vendor/modernizr.js?s=1627576046.8412

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Cookie: PHPSESSID=gm35rtqiiib2telgqq29qnqvia; _advert=false
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jul 2021 16:27:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
www.govinfosecurity.com/javascripts-responsive/vendor/ 35 KB
9 KB 597ms
152ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/javascripts-responsive/vendor/bootstrap.min.js?s=1627576046.8412

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

3fede2d0c0a8c93b0c5d0ab0c38289a5743bb88720255b8298c520d2e3d90939

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Cookie: PHPSESSID=gm35rtqiiib2telgqq29qnqvia; _advert=false
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9328

GET
H/1.1 200
OK jquery.validate.min.js Show response
www.govinfosecurity.com/javascripts-responsive/vendor/ 21 KB
7 KB 602ms
153ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/javascripts-responsive/vendor/jquery.validate.min.js?s=1627576046.8412

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

e51831d751ef667b1f703a47bb05802b681e6a30816f5cce0d56c3552a4eaa31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Cookie: PHPSESSID=gm35rtqiiib2telgqq29qnqvia; _advert=false
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6689

GET
H/1.1 200
OK mediaelement-and-player-updated.min.js Show response
www.govinfosecurity.com/javascripts-responsive/vendor/ 154 KB
38 KB 604ms
155ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/javascripts-responsive/vendor/mediaelement-and-player-updated.min.js?s=1627576046.8412

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

4e7304371ef9bcaea396e8928a9647f8306c296b9195c8763848d70c7f6f1390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Cookie: PHPSESSID=gm35rtqiiib2telgqq29qnqvia; _advert=false
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 38476

GET
H/1.1 200
OK tinymce.min.js Show response
www.govinfosecurity.com/javascripts-responsive/vendor/ 295 KB
101 KB 785ms
187ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/javascripts-responsive/vendor/tinymce.min.js?s=1627576046.8412

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

247d04c4d14c60a79c16245a74a792a662f9e7adf784d68edd4520a35ec90251

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Cookie: PHPSESSID=gm35rtqiiib2telgqq29qnqvia; _advert=false
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK jquery.validate.bootstrap.popover.js Show response
www.govinfosecurity.com/javascripts-responsive/vendor/ 2 KB
1 KB 766ms
164ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/javascripts-responsive/vendor/jquery.validate.bootstrap.popover.js?s=1627576046.8412

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

04d304d7ee49ac157f146382a46f02a666279bd7f29074f50e863b88f2affae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Cookie: PHPSESSID=gm35rtqiiib2telgqq29qnqvia; _advert=false
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 926

GET
H/1.1 200
OK jquery.placeholder.js Show response
www.govinfosecurity.com/javascripts-responsive/vendor/ 2 KB
1 KB 785ms
167ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/javascripts-responsive/vendor/jquery.placeholder.js?s=1627576046.8412

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

256a489beea4a14eca458f6e5436758f1fcb8dd34034d3c36dd21b22a5841f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Cookie: PHPSESSID=gm35rtqiiib2telgqq29qnqvia; _advert=false
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 922

GET
H/1.1 200
OK jquery-ui.min.js Show response
www.govinfosecurity.com/javascripts-responsive/vendor/ 222 KB
60 KB 797ms
172ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/javascripts-responsive/vendor/jquery-ui.min.js?s=1627576046.8412

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

78cf63898c91ce3b95e37bc53e07adba5c2ee705ff28c2dd1dd784173c264ad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Cookie: PHPSESSID=gm35rtqiiib2telgqq29qnqvia; _advert=false
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 61345

GET
H/1.1 200
OK crypt_des.js Show response
www.govinfosecurity.com/javascripts-responsive/vendor/ 9 KB
3 KB 848ms
159ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/javascripts-responsive/vendor/crypt_des.js?s=1627576046.8412

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

aed1d71b7280c09f06dc1f8e87795f9d89f7a1a8ab1af32ff8c92037ddeed6ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Cookie: PHPSESSID=gm35rtqiiib2telgqq29qnqvia; _advert=false
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2857

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/250/ 353 KB
114 KB 152ms
47ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/250/addthis_widget.js

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Thu, 29 Jul 2021 16:27:28 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/choozle/12567/ 28 KB
9 KB 115ms
44ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/12567/Bootstrap.js
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: feb6a4829cc0a55f2fed1d3aaceb83b52e6823f15c649c5ef1c14a7e86e4988b

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:27 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 15:40:46 GMT
server: nginx
etag: W/"603d0afe-7076"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300

GET
H/1.1 200
OK headerlogo-gis.png
www.govinfosecurity.com/images-responsive/logos/ 4 KB
4 KB 151ms
149ms Image
image/png 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.govinfosecurity.com/images-responsive/logos/headerlogo-gis.png

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

76a852b386ea5b109659b7ab8cb868776964805cf395e277fce009fd95acf8a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3685

GET
H/1.1 200
OK 9-ransomware-enablers-plus-tactics-for-combating-them-showcase_image-1-a-17172.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 63 KB
63 KB 229ms
79ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/9-ransomware-enablers-plus-tactics-for-combating-them-showcase_image-1-a-17172.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 88a83e46f1ee21591f113b400d53776dfecf5fdae68cecedb55de80a06078c6f

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Thu, 29 Jul 2021 15:15:39 GMT
X-Trans-Id: txfc8da012383f4cdb8b301-006102d0f9dfw1
ETag: d465bdc1235a5aefae2a03333575a2a5
Content-Type: image/jpeg
X-Timestamp: 1627571738.78851
Cache-Control: public, max-age=84783
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64310
Expires: Fri, 30 Jul 2021 16:00:31 GMT

GET
H/1.1 200
OK israeli-government-visits-nso-group-amidst-spyware-claims-showcase_image-4-a-17170.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 38 KB
38 KB 245ms
81ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/israeli-government-visits-nso-group-amidst-spyware-claims-showcase_image-4-a-17170.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1a94ec3c882740b5520aa5125fa321ca407e6124c700a90a41c8fec34ce56138

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Thu, 29 Jul 2021 02:41:18 GMT
X-Trans-Id: txf665f737502a4b6fa62a9-0061026501dfw1
ETag: bf1c08a2d84472bad209eb2618aed9d0
Content-Type: image/jpeg
X-Timestamp: 1627526477.56730
Cache-Control: public, max-age=57233
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38637
Expires: Fri, 30 Jul 2021 08:21:21 GMT

GET
H/1.1 200
OK biden-calls-for-critical-infrastructure-security-standards-showcase_image-6-a-17164.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 218 KB
219 KB 234ms
64ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/biden-calls-for-critical-infrastructure-security-standards-showcase_image-6-a-17164.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d21f1993edf096a3ce726f6ace4e754c9e864658cc32095c4d760d06c083ca61

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Wed, 28 Jul 2021 17:48:01 GMT
X-Trans-Id: tx6d8098aafdbe45aeb2b4c-0061019e63dfw1
ETag: 6b662dcd084cb427cb5ec6209a8e431b
Content-Type: image/jpeg
X-Timestamp: 1627494480.91523
Cache-Control: public, max-age=6353
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 223505
Expires: Thu, 29 Jul 2021 18:13:21 GMT

GET
H/1.1 200
OK revil-ransomware-operation-returning-as-blackmatter-showcase_image-6-a-17160.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 43 KB
44 KB 249ms
79ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/revil-ransomware-operation-returning-as-blackmatter-showcase_image-6-a-17160.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e8f857b173fda432ba225c5360dcf9207495fc50a608d41b8977654fa66fc003

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Wed, 28 Jul 2021 09:57:43 GMT
X-Trans-Id: tx6d7dd45aedbe46c9b3350-0061012f72dfw1
ETag: a360da84add07c6a09fc3e0ae18069f8
Content-Type: image/jpeg
X-Timestamp: 1627466262.42575
Cache-Control: public, max-age=55893
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44161
Expires: Fri, 30 Jul 2021 07:59:01 GMT

GET
H/1.1 200
OK waging-war-on-cybercrime-big-data-ai-showcase_image-10-i-4938.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 51 KB
51 KB 221ms
72ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/waging-war-on-cybercrime-big-data-ai-showcase_image-10-i-4938.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8db7ba46b7b41448bc97004217237b7e89feba9f171f6617e8ea091f3968feaf

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Mon, 26 Jul 2021 19:22:01 GMT
X-Trans-Id: tx21da135433624728bfa73-0061015d03dfw1
ETag: 8105541e19f10a6364e9d5a8b5a878c7
Content-Type: image/jpeg
X-Timestamp: 1627327320.23286
Cache-Control: public, max-age=67890
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52081
Expires: Fri, 30 Jul 2021 11:18:58 GMT

GET
H/1.1 200
OK analysis-implications-spyware-investigation-showcase_image-10-i-4936.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 116 KB
117 KB 229ms
80ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/analysis-implications-spyware-investigation-showcase_image-10-i-4936.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e972dd2c1c5cac0aa072cab322c8e093faf062f9af19e045108b83ed34624652

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Thu, 22 Jul 2021 21:39:24 GMT
X-Trans-Id: txb0b4d844459449c2a7ac9-0060fa76f3dfw1
ETag: 3ad962524bfbc18a3502441e3efb1edb
Content-Type: image/jpeg
X-Timestamp: 1626989963.48977
Cache-Control: public, max-age=54408
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 119178
Expires: Fri, 30 Jul 2021 07:34:16 GMT

GET
H/1.1 200
OK alert-for-ransomware-attack-victims-heres-how-to-respond-showcase_image-1-i-4937.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 63 KB
63 KB 209ms
51ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/alert-for-ransomware-attack-victims-heres-how-to-respond-showcase_image-1-i-4937.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8008e3fd85605a0c9134a124f1b189a3959d1276cad1078cdf71a3193add14e9

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Fri, 23 Jul 2021 12:00:27 GMT
X-Trans-Id: txac93841622774f3f87f70-0060fab62adfw1
ETag: 56b28f2ba8833825faf5bdebd5208b23
Content-Type: image/jpeg
X-Timestamp: 1627041626.48487
Cache-Control: public, max-age=52405
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64343
Expires: Fri, 30 Jul 2021 07:00:53 GMT

GET
H/1.1 200
OK analysis-changing-nature-ransomware-attacks-showcase_image-8-i-4934.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 87 KB
88 KB 228ms
69ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/analysis-changing-nature-ransomware-attacks-showcase_image-8-i-4934.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 897c7522965f4c1daf7181c1685acd97a69a8ff0bb049ce36ec52deeaee950a3

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Thu, 15 Jul 2021 15:25:11 GMT
X-Trans-Id: tx3f8852868db14c21800a3-0060f13586dfw1
ETag: 7d2883aff81566bf9d5566e0cf312e7d
Content-Type: image/jpeg
X-Timestamp: 1626362710.06495
Cache-Control: public, max-age=59819
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89400
Expires: Fri, 30 Jul 2021 09:04:27 GMT

GET
H/1.1 200
OK sase-building-migration-strategy-showcase_image-3-p-3073.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 144 KB
144 KB 200ms
76ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/sase-building-migration-strategy-showcase_image-3-p-3073.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c6b49792885495c59727f16e625684256915a9ff99153362b79bdd0876623cee

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Tue, 27 Jul 2021 01:46:54 GMT
X-Trans-Id: txaa08042d32e9439a9234e-0060ff6c90dfw1
ETag: f2df95a4300ae8a185e16f62a36eade1
Content-Type: image/jpeg
X-Timestamp: 1627350413.17559
Cache-Control: public, max-age=40536
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 146952
Expires: Fri, 30 Jul 2021 03:43:04 GMT

GET
H/1.1 200
OK ransomware-average-ransom-payment-drops-to-137000-showcase_image-9-p-3071.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 55 KB
55 KB 161ms
70ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ransomware-average-ransom-payment-drops-to-137000-showcase_image-9-p-3071.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 83d7caca28152596dd6372037924ed2932050e1b124671a8b17c8e9b0f4a495e

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Mon, 26 Jul 2021 12:25:23 GMT
X-Trans-Id: tx82e90365bc4540d4a2dfc-0060feb954dfw1
ETag: 83e09cb46ca0e95301dc2ebba9b6dafd
Content-Type: image/jpeg
X-Timestamp: 1627302322.10579
Cache-Control: public, max-age=55031
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 56379
Expires: Fri, 30 Jul 2021 07:44:39 GMT

GET
H/1.1 200
OK has-revil-disbanded-white-house-says-doesnt-know-showcase_image-2-p-3070.jpeg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 68 KB
69 KB 125ms
57ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/has-revil-disbanded-white-house-says-doesnt-know-showcase_image-2-p-3070.jpeg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fbb1b698bdf6749ea3198bd81ab122eed3d21845c360d7058fa051ce38891318

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Thu, 22 Jul 2021 15:59:30 GMT
X-Trans-Id: txaa906ae59d5d4c47b5d3b-0060f99e72dfw1
ETag: 003910c71e9919d25173a2291cd3e964
Content-Type: image/jpeg
X-Timestamp: 1626969569.86299
Cache-Control: public, max-age=54999
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 69939
Expires: Fri, 30 Jul 2021 07:44:07 GMT

GET
H/1.1 200
OK world-leaders-feature-on-alleged-spyware-targeting-list-showcase_image-8-p-3069.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 62 KB
63 KB 151ms
57ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/world-leaders-feature-on-alleged-spyware-targeting-list-showcase_image-8-p-3069.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dfe417d0a4b1572b16fdfe84bc72962bc26ab8121102e41e2b764887fe56ea8d

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Wed, 21 Jul 2021 17:00:59 GMT
X-Trans-Id: tx829263a9ae0b44d098902-0060f859b6dfw1
ETag: e7f2153a95271d16654d0916996aab51
Content-Type: image/jpeg
X-Timestamp: 1626886858.85204
Cache-Control: public, max-age=40539
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63875
Expires: Fri, 30 Jul 2021 03:43:07 GMT

GET
H/1.1 200
OK tips-for-recruiting-retaining-cybersecurity-staff-showcase_image-3-a-17163.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 70 KB
70 KB 60ms
57ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/tips-for-recruiting-retaining-cybersecurity-staff-showcase_image-3-a-17163.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a36e0ed9c26784d3e77e5688b055d1419247e748b87bc6295afd51feaa16d354

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Wed, 28 Jul 2021 13:51:02 GMT
X-Trans-Id: txd79da400b8894ba1a31c3-006101776adfw1
ETag: 5138a71f1a9cad44d9d02f00b0e6dd42
Content-Type: image/jpeg
X-Timestamp: 1627480261.63843
Cache-Control: public, max-age=74282
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71265
Expires: Fri, 30 Jul 2021 13:05:30 GMT

GET
H/1.1 200
OK ismg-editors-panel-examining-pegasus-project-showcase_image-1-a-17131.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 117 KB
117 KB 71ms
69ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ismg-editors-panel-examining-pegasus-project-showcase_image-1-a-17131.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 389b6f6152fe56f3d23a71961348f6912562e810a6e1943fa0a41534cf22e51c

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Fri, 23 Jul 2021 13:35:05 GMT
X-Trans-Id: tx68a340a4605b48c28b8c2-0060fad115dfw1
ETag: 36cdd78cc92238f8e5d83bd58c25d552
Content-Type: image/jpeg
X-Timestamp: 1627047304.55677
Cache-Control: public, max-age=55414
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 119748
Expires: Fri, 30 Jul 2021 07:51:02 GMT

GET
H/1.1 200
OK incident-response-persistence-vital-showcase_image-1-a-17115.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 45 KB
46 KB 63ms
62ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/incident-response-persistence-vital-showcase_image-1-a-17115.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a8ba536c913a797386c1d9243a9431d821639ef931ccf0ce344baf4edb7b8bfe

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Wed, 21 Jul 2021 15:14:00 GMT
X-Trans-Id: tx768e08d4b5f441ec8dae0-0060f845a5dfw1
ETag: c396f84bf933faa82a438742640d2a6c
Content-Type: image/jpeg
X-Timestamp: 1626880439.28397
Cache-Control: public, max-age=48829
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46430
Expires: Fri, 30 Jul 2021 06:01:17 GMT

GET
H/1.1 200
OK data-analytics-3-critical-questions-showcase_image-7-a-17103.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 89 KB
89 KB 60ms
56ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/data-analytics-3-critical-questions-showcase_image-7-a-17103.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fc14416973416fc7d956f3ff46d497eb028979aafc83c6acc11f6b2ef0741446

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Tue, 20 Jul 2021 02:32:04 GMT
X-Trans-Id: tx9911c4e948f249158ebbb-0060f6c7f3dfw1
ETag: 711539ae99ac097d0f440bbcc684f752
Content-Type: image/jpeg
X-Timestamp: 1626748323.94132
Cache-Control: public, max-age=46044
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91094
Expires: Fri, 30 Jul 2021 05:14:52 GMT

GET
H/1.1 200
OK live-webinar-kaseya-breach-what-you-do-about-supply-chain-attack-showcase_image-9-w-3359.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 100 KB
100 KB 190ms
71ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-kaseya-breach-what-you-do-about-supply-chain-attack-showcase_image-9-w-3359.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 81fcc30623f9165f74d4f32b5aa2f382f14ef0d7e31273ce70037513dc6ea808

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Wed, 21 Jul 2021 02:48:19 GMT
X-Trans-Id: tx630731d381164fa2a9175-0060feedf4dfw1
ETag: 717261b432a7d2f36f15d21c5b2e91ef
Content-Type: image/jpeg
X-Timestamp: 1626835698.02906
Cache-Control: public, max-age=7291
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102066
Expires: Thu, 29 Jul 2021 18:28:59 GMT

GET
H/1.1 200
OK live-webinar-modern-application-development-java-showcase_image-3-w-3357.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 96 KB
96 KB 187ms
67ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-modern-application-development-java-showcase_image-3-w-3357.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 97f75771c2315ddb861efbf1448276c7502a29832eacea69fc87fbcb40e46003

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Fri, 16 Jul 2021 17:12:02 GMT
X-Trans-Id: tx1875d555e3234aee89590-0060f8dcbadfw1
ETag: fcef1a759e45bcb78660de3b25ef7a9e
Content-Type: image/jpeg
X-Timestamp: 1626455521.35015
Cache-Control: public, max-age=44769
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 98063
Expires: Fri, 30 Jul 2021 04:53:37 GMT

GET
H/1.1 200
OK live-webinar-improve-cloud-threat-detection-response-using-mitre-attck-framework-showcase_image-9-w-3356.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 181 KB
181 KB 187ms
67ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-improve-cloud-threat-detection-response-using-mitre-attck-framework-showcase_image-9-w-3356.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 05cf16fa3a600d4f06e5a0738fa0c21c28726b5f989726e8afe1eee348a54d8d

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Tue, 20 Jul 2021 21:10:22 GMT
X-Trans-Id: txf0750a7d0afc40b0897dc-0060f74ddbdfw1
ETag: bebe5b54fbdf793742bcfe4b07041d70
Content-Type: image/jpeg
X-Timestamp: 1626815421.63166
Cache-Control: public, max-age=44779
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 185212
Expires: Fri, 30 Jul 2021 04:53:47 GMT

GET
H/1.1 200
OK live-webinar-mitigating-email-risk-from-your-vendors-ciso-panel-webinar-showcase_image-3-w-3355.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 62 KB
63 KB 168ms
53ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-mitigating-email-risk-from-your-vendors-ciso-panel-webinar-showcase_image-3-w-3355.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 103f0c87f489a78f7f05f034d5f01557af884885357417d1626102966d017bf0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Wed, 14 Jul 2021 03:09:52 GMT
X-Trans-Id: tx3d2eeaf40c8f4f9e82808-0060f06260dfw1
ETag: 5ecc1c1868342063d77bd03216084da1
Content-Type: image/jpeg
X-Timestamp: 1626232191.95243
Cache-Control: public, max-age=40689
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63936
Expires: Fri, 30 Jul 2021 03:45:37 GMT

GET
H/1.1 200
OK managing-ongoing-complexity-multiple-state-level-data-privacy-laws-showcase_image-7-w-3330.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 91 KB
92 KB 176ms
69ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/managing-ongoing-complexity-multiple-state-level-data-privacy-laws-showcase_image-7-w-3330.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1a8a0efd95056cd93e3e2b69a128c0cab77cfd732c3905d7b06c57bb10374dd7

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Fri, 18 Jun 2021 22:23:47 GMT
X-Trans-Id: tx52d6ade61352424997d61-0060ed4d64dfw1
ETag: 9acaee459dae953bd6a2a3b9320d607a
Content-Type: image/jpeg
X-Timestamp: 1624055026.22905
Cache-Control: public, max-age=43711
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93592
Expires: Fri, 30 Jul 2021 04:35:59 GMT

GET
H/1.1 200
OK jessica-corley-largeImage-4-a-1261.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 38 KB
39 KB 182ms
59ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/jessica-corley-largeImage-4-a-1261.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 615098ce6182b61506f5b1f56a90822fccff4ccf2127715074894ee4d9eb316c

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Fri, 01 May 2015 13:30:48 GMT
X-Trans-Id: txfe68a33993a14e6f93cd4-0060d93625dfw1
ETag: f5098346a6b7db5183314728f623e42a
Content-Type: image/jpeg
X-Timestamp: 1430487047.84794
Cache-Control: public, max-age=80349
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39350
Expires: Fri, 30 Jul 2021 14:46:37 GMT

GET
H/1.1 200
OK polly-ralph-largeImage-8-a-2124.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 101 KB
101 KB 189ms
78ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/polly-ralph-largeImage-8-a-2124.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 941e0d685396a4d3aaa9fc1dfa0ae69f6e72fda2cd37f22b227c02b99eb9ca08

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Mon, 30 Sep 2019 15:30:51 GMT
X-Trans-Id: tx1de4251bc73a43e983455-0060e19ddddfw1
ETag: 3fab53b6751f624cbb5b33bd9b3665cb
Content-Type: image/jpeg
X-Timestamp: 1569857450.70796
Cache-Control: public, max-age=57593
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103498
Expires: Fri, 30 Jul 2021 08:27:21 GMT

GET
H/1.1 200
OK andrew-case-largeImage-9-a-1224.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 32 KB
33 KB 189ms
79ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/andrew-case-largeImage-9-a-1224.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 65073abdf7f60ea3781b2fa83a71f67fe9a62ea3dd46e2d61383496243fbc43b

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Tue, 17 Mar 2015 18:48:46 GMT
X-Trans-Id: tx3edf3de3ebe44c3f8d51d-0060fa80a6dfw1
ETag: b5a08c4f74b87abd9a310804b81b741d
Content-Type: image/jpeg
X-Timestamp: 1426618125.34775
Cache-Control: public, max-age=86227
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33186
Expires: Fri, 30 Jul 2021 16:24:35 GMT

GET
H/1.1 200
OK peter-chronis-largeImage-8-a-1223.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 26 KB
26 KB 167ms
76ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/peter-chronis-largeImage-8-a-1223.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d9d1a2acf40b9ec510c473f9a067237815e6174df3aef2bfb4a7c120ab39eb0e

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Mon, 16 Mar 2015 21:08:00 GMT
X-Trans-Id: tx5348d158a00e4dfcb3605-0060db4a52dfw1
ETag: cde898d3d7af4ecb2cfad227d82807f9
Content-Type: image/jpeg
X-Timestamp: 1426540079.22040
Cache-Control: public, max-age=61451
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26137
Expires: Fri, 30 Jul 2021 09:31:39 GMT

GET
H/1.1 200
OK what-elite-threat-hunters-see-that-others-miss-pdf-7-w-8544.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 242 KB
242 KB 246ms
67ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/what-elite-threat-hunters-see-that-others-miss-pdf-7-w-8544.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3ccdbd448e726da8ccc935db4bcb95d904f8d1dcaa23d63475fd4bba5249c68e

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Mon, 26 Jul 2021 19:08:03 GMT
X-Trans-Id: tx8f28f24b8126462bbbf4b-0061000ed4dfw1
ETag: 8ccf3e0729b68e0feda64eb78d49a86b
Content-Type: image/jpeg
X-Timestamp: 1627326482.57179
Cache-Control: public, max-age=59886
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 247617
Expires: Fri, 30 Jul 2021 09:05:35 GMT

GET
H/1.1 200
OK case-study-leading-financial-institutions-pdf-6-w-8545.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 262 KB
263 KB 189ms
72ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/case-study-leading-financial-institutions-pdf-6-w-8545.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 59b3977909a7c2bcc00e8a0d0a57eb71df8b242e9d00c73de601b0adee1b7759

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Mon, 26 Jul 2021 19:20:39 GMT
X-Trans-Id: tx41563c08e66445509614f-0061000ee3dfw1
ETag: d939d9ef90e5738887d6859bedabbcc4
Content-Type: image/jpeg
X-Timestamp: 1627327238.13169
Cache-Control: public, max-age=59916
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 268416
Expires: Fri, 30 Jul 2021 09:06:05 GMT

GET
H/1.1 200
OK upgrade-your-native-microsoft-365-email-protection-logo-10-w-8546.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 46 KB
46 KB 207ms
78ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/upgrade-your-native-microsoft-365-email-protection-logo-10-w-8546.JPG
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: affea135f6c0618a9056dd8976cf881522a5967cec71184adecc74299e76a6d9

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Mon, 26 Jul 2021 21:39:33 GMT
X-Trans-Id: txf3c0834aca0a4be4aa898-0060ff2e04dfw1
ETag: c8f80a0ed63b7468215fac6c241ac33a
Content-Type: image/jpeg
X-Timestamp: 1627335572.53622
Cache-Control: public, max-age=16605
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46895
Expires: Thu, 29 Jul 2021 21:04:14 GMT

GET
H/1.1 200
OK driving-immediate-value-cloud-siem-pdf-6-w-8536.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 236 KB
236 KB 212ms
48ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/driving-immediate-value-cloud-siem-pdf-6-w-8536.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1383f61e2a1adaa70a05a930807cd1011ff1f27995d349568d7e929a7dfc1d25

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Mon, 26 Jul 2021 05:57:50 GMT
X-Trans-Id: tx4da38cedc4ca49879b67f-0060fe50c2dfw1
ETag: cbf4ff1ffada5a433e87fe06d8b2ab75
Content-Type: image/jpeg
X-Timestamp: 1627279069.01340
Cache-Control: public, max-age=40676
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 241616
Expires: Fri, 30 Jul 2021 03:45:25 GMT

GET
H/1.1 200
OK combatting-cybercrime-pdf-9-h-103.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 358 KB
358 KB 192ms
62ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/combatting-cybercrime-pdf-9-h-103.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7ff5b98c09ec9d2af43d4108160ea0455f91f415f83031cc79fbe24a3a765bb8

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Tue, 26 Nov 2019 19:37:47 GMT
X-Trans-Id: tx3f2c2399ab6d42cba3b4b-00605ccba9dfw1
ETag: 11a3adb400c0ff282a505428b1d7be73
Content-Type: image/jpeg
X-Timestamp: 1574797066.57975
Cache-Control: public, max-age=15903
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 366322
Expires: Thu, 29 Jul 2021 20:52:32 GMT

GET
H/1.1 200
OK top-canadian-cyber-threats-expected-in-2020-logo-9-h-102.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 76 KB
77 KB 196ms
66ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/top-canadian-cyber-threats-expected-in-2020-logo-9-h-102.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eb9ec684a7198fded61e248eaff2d28d0c9f8a15dfee8d9afff66aa6ff200461

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Mon, 28 Oct 2019 13:57:45 GMT
X-Trans-Id: tx529fbe8bd614429184765-00605cc59bdfw1
ETag: 69913c61181f1fc9d730d6c8298e55c4
Content-Type: image/jpeg
X-Timestamp: 1572271064.63410
Cache-Control: public, max-age=16606
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78320
Expires: Thu, 29 Jul 2021 21:04:15 GMT

GET
H/1.1 200
OK leveraging-new-technologies-in-fraud-investigations-logo-7-h-101.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 197 KB
198 KB 199ms
70ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/leveraging-new-technologies-in-fraud-investigations-logo-7-h-101.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c70242480ad0a0ecc7c305d659f1fdb3a9cb1eb480927b46f8bd62d33ed0f8b2

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Tue, 15 Oct 2019 14:06:53 GMT
X-Trans-Id: tx61c71f812a9c4bae867a2-00605cc93edfw1
ETag: e3e068e355cdbfaa15e88b627d7ebc55
Content-Type: image/jpeg
X-Timestamp: 1571148412.42493
Cache-Control: public, max-age=53226
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 202154
Expires: Fri, 30 Jul 2021 07:14:35 GMT

GET
H/1.1 200
OK collaboration-avoiding-operational-conflicts-taking-on-new-roles-logo-10-h-100.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 87 KB
88 KB 183ms
55ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/collaboration-avoiding-operational-conflicts-taking-on-new-roles-logo-10-h-100.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4c57a77761f2639985b760e69c5bbaffceb6100559dcf3296d3cc96ea6a0d305

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Wed, 02 Oct 2019 13:41:41 GMT
X-Trans-Id: tx9d4215489ef340ce9f0f0-00605cc93edfw1
ETag: 36c70127fa172aa8ce8cd235fddf4c97
Content-Type: image/jpeg
X-Timestamp: 1570023700.81183
Cache-Control: public, max-age=17606
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89481
Expires: Thu, 29 Jul 2021 21:20:55 GMT

GET
H/1.1 200
OK 2021-cybersecurity-complexity-study-showcase_image-9-s-89.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 105 KB
105 KB 207ms
72ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/2021-cybersecurity-complexity-study-showcase_image-9-s-89.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d51200edbbab41dcb94dc000f55bb92d8c61e7b36cd7af374a3842e1ca1c4c5b

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Tue, 22 Jun 2021 14:17:42 GMT
X-Trans-Id: txa022b39f936643bbbc191-0060d1f90adfw1
ETag: 9e16160217ef94431d88dd3ae3570b37
Content-Type: image/jpeg
X-Timestamp: 1624371461.43195
Cache-Control: public, max-age=59891
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 107366
Expires: Fri, 30 Jul 2021 09:05:40 GMT

GET
H/1.1 200
OK fraud-transformation-detecting-preventing-emerging-schemes-showcase_image-2-s-88.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 468 KB
468 KB 167ms
53ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/fraud-transformation-detecting-preventing-emerging-schemes-showcase_image-2-s-88.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 126d16a8991aa8d1ed69b13e49f309951d6d6a85d6fb1b9d5692a4c3dfda17e1

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Mon, 14 Jun 2021 16:49:56 GMT
X-Trans-Id: tx3a5da4dacf7a47d795247-0060df3852dfw1
ETag: a56ff7c07a8112f1323946eaf5e036a0
Content-Type: image/jpeg
X-Timestamp: 1623689395.48442
Cache-Control: public, max-age=51603
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 479250
Expires: Fri, 30 Jul 2021 06:47:32 GMT

GET
H/1.1 200
OK 2021-faces-fraud-survey-showcase_image-6-s-87.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 114 KB
114 KB 107ms
50ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/2021-faces-fraud-survey-showcase_image-6-s-87.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 523f5196a2aff08aed1204bb2a4d3a8705dad3bae87e964d89464d827b715b30

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Wed, 17 Mar 2021 00:22:26 GMT
X-Trans-Id: txca33eeeb59094514b692b-0060628ba9dfw1
ETag: 3d202b18b60d66aee6402e6b01914bb4
Content-Type: image/jpeg
X-Timestamp: 1615940545.53744
Cache-Control: public, max-age=54981
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 116534
Expires: Fri, 30 Jul 2021 07:43:50 GMT

GET
H/1.1 200
OK securing-mission-critical-mobile-banking-application-channel-showcase_image-2-s-86.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 431 KB
431 KB 139ms
49ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/securing-mission-critical-mobile-banking-application-channel-showcase_image-2-s-86.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f8df7dd0e3baca655de170f3eebe91162e317583ae37a0ba7036743f3d8809f8

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Fri, 05 Feb 2021 22:48:51 GMT
X-Trans-Id: txde12eb0c023f4c3897613-00605ba62cdfw1
ETag: b53909ce444679e1622042864ba57f84
Content-Type: image/jpeg
X-Timestamp: 1612565330.16326
Cache-Control: public, max-age=52745
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 441137
Expires: Fri, 30 Jul 2021 07:06:34 GMT

GET
H/1.1 200
OK how-iam-empowers-business-to-securely-work-from-anywhere-logo-6-w-8541.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 40 KB
41 KB 55ms
53ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/how-iam-empowers-business-to-securely-work-from-anywhere-logo-6-w-8541.JPG
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 06d32bacb149a5f695cdf265c8600ec7bd7ef806e74dc12858b9e9a40d3bc397

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Mon, 26 Jul 2021 15:17:58 GMT
X-Trans-Id: tx60da56879ad149c084614-00610161cadfw1
ETag: c497a8797daa5b878011cee58d45dd89
Content-Type: image/jpeg
X-Timestamp: 1627312677.79979
Cache-Control: public, max-age=69016
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41194
Expires: Fri, 30 Jul 2021 11:37:45 GMT

GET
H/1.1 200
OK forrester-total-economic-impact-white-paper-pdf-1-w-8543.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 133 KB
133 KB 47ms
46ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/forrester-total-economic-impact-white-paper-pdf-1-w-8543.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9ac4755b23fca19625a9eb941fd5a704abb72d194bd442e838606237a7bf4285

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Mon, 26 Jul 2021 18:59:31 GMT
X-Trans-Id: txe9b4dd0d6e24413894f48-0061000ec9dfw1
ETag: 8940673057d15619469557a678f4f9a7
Content-Type: image/jpeg
X-Timestamp: 1627325970.01682
Cache-Control: public, max-age=59918
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 135788
Expires: Fri, 30 Jul 2021 09:06:07 GMT

GET
H/1.1 200
OK virtual-cybersecurity-summit-fraud-payments-security-showcase_image-7-e-344.jpg
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/ 69 KB
69 KB 189ms
66ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/virtual-cybersecurity-summit-fraud-payments-security-showcase_image-7-e-344.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 172dc1853d10592cdf7933b278509cda2dbff7882358f74b897e7ede7f5f79b8

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Mon, 11 Jan 2021 16:10:55 GMT
X-Trans-Id: tx916808639fbf4df0a3981-00605d19e2dfw1
ETag: 8479793cf075f2857118157509cb2758
Content-Type: image/jpeg
X-Timestamp: 1610381454.76520
Cache-Control: public, max-age=41966
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70165
Expires: Fri, 30 Jul 2021 04:06:55 GMT

GET
H/1.1 200
OK cybersecurity-fraud-summit-london-showcase_image-5-e-345.jpg
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/ 56 KB
57 KB 191ms
70ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/cybersecurity-fraud-summit-london-showcase_image-5-e-345.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d746f76a0030d3a8f2159934f173eb66433e91bec4507a90d01b1e24d9db562

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Mon, 11 Jan 2021 16:14:53 GMT
X-Trans-Id: tx245b37721e8349a1824fa-006074c720dfw1
ETag: da2f7067e45b93173c7c134a94ffdac8
Content-Type: image/jpeg
X-Timestamp: 1610381692.16651
Cache-Control: public, max-age=42037
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57520
Expires: Fri, 30 Jul 2021 04:08:06 GMT

GET
H/1.1 200
OK cybersecurity-summit-brazil-showcase_image-3-e-343.jpg
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/ 52 KB
52 KB 182ms
74ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/cybersecurity-summit-brazil-showcase_image-3-e-343.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 75948ae6925f81864df2fe98620ba764c91b536e177e6efe810550966f9706c0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Mon, 11 Jan 2021 16:07:35 GMT
X-Trans-Id: txa08b730d30124609b914d-006081238edfw1
ETag: 4259e7523f11cd058f72fb5be5fcbf45
Content-Type: image/jpeg
X-Timestamp: 1610381254.50843
Cache-Control: public, max-age=43703
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53326
Expires: Fri, 30 Jul 2021 04:35:52 GMT

GET
H/1.1 200
OK cybersecurity-fraud-summit-toronto-showcase_image-7-e-346.jpg
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/ 50 KB
51 KB 175ms
69ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/cybersecurity-fraud-summit-toronto-showcase_image-7-e-346.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eed95b442a60d4bae7404822c2b83e25a5f10f9d0d2d05281577e16b7ec317fd

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Mon, 11 Jan 2021 16:20:30 GMT
X-Trans-Id: tx1b5e33ac061a41e387353-0060bef65ddfw1
ETag: 8f1961aad5acb7448c39c757c72a6be1
Content-Type: image/jpeg
X-Timestamp: 1610382029.73112
Cache-Control: public, max-age=48511
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51326
Expires: Fri, 30 Jul 2021 05:56:00 GMT

GET
H/1.1 200
OK virtual-cybersecurity-summit-africa-showcase_image-9-e-347.jpg
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/ 63 KB
63 KB 246ms
49ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/virtual-cybersecurity-summit-africa-showcase_image-9-e-347.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 19f9682f95350f5a9f44af621ad8e643e3dc6e5caac267f897c391709563f9b6

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Mon, 11 Jan 2021 16:22:34 GMT
X-Trans-Id: tx9eaab7d83c4e411fb285e-0060d16370dfw1
ETag: 79d6a6f6c687fa58579934489170ad3e
Content-Type: image/jpeg
X-Timestamp: 1610382153.90992
Cache-Control: public, max-age=43707
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64130
Expires: Fri, 30 Jul 2021 04:35:56 GMT

GET
H/1.1 200
OK empty_menu_image.png
www.govinfosecurity.com/images/navigation/generic/ 5 KB
4 KB 150ms
149ms Image
image/png 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.govinfosecurity.com/images/navigation/generic/empty_menu_image.png

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

69278fe35261286939e10f3832f461f9bf6addf267ffe0134e26be3d313dbd7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Cookie: visitorip=217.138.203.164; __atuvc=1%7C30; __atuvs=6102d6f02574966d000; PHPSESSID=6k7jks6eo5mv10dedhelda5m6e
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 3692

GET
H/1.1 200
OK best-virtual-rsa-conference-2021-showcase_image-2-a-16877.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 246 KB
247 KB 57ms
56ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/best-virtual-rsa-conference-2021-showcase_image-2-a-16877.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4e038124df0c30dc173fff44912f119f3318f93197f082bb98cddacd2e1e2e00

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Tue, 15 Jun 2021 17:19:03 GMT
X-Trans-Id: tx7163510291484184b47ad-0060c8f7a2dfw1
ETag: 6fe1bde30830126d3e1d1361cfb2b773
Content-Type: image/jpeg
X-Timestamp: 1623777542.69955
Cache-Control: public, max-age=40613
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 252213
Expires: Fri, 30 Jul 2021 03:44:22 GMT

GET
H/1.1 200
OK eyes-wide-open-visibility-in-digital-risk-protection-showcase_image-9-a-16745.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 67 KB
68 KB 62ms
61ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/eyes-wide-open-visibility-in-digital-risk-protection-showcase_image-9-a-16745.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0bee57e2de6644c6b1d78c450389bfbaa4de968bb942ee7fb48b7df2d39b41e5

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Wed, 26 May 2021 18:10:50 GMT
X-Trans-Id: tx08295b47b3a74922b06f7-0060af94f1dfw1
ETag: 51534089f4373df509551a14f5d8857d
Content-Type: image/jpeg
X-Timestamp: 1622052649.32488
Cache-Control: public, max-age=40546
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68761
Expires: Fri, 30 Jul 2021 03:43:15 GMT

GET
H/1.1 200
OK ismgs-editors-panel-improving-hiring-practices-more-showcase_image-3-a-16715.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 135 KB
135 KB 60ms
59ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ismgs-editors-panel-improving-hiring-practices-more-showcase_image-3-a-16715.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c47f11b814fc6f1e7dce6f7d94333aacc647cef2b6eaedeb273ca3a0fc662643

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Fri, 21 May 2021 13:07:17 GMT
X-Trans-Id: txce291c172ce54cb7b1d63-0060a7b5c6dfw1
ETag: a942ad0afe7c52c648629385844ba71f
Content-Type: image/jpeg
X-Timestamp: 1621602436.45046
Cache-Control: public, max-age=59932
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 138089
Expires: Fri, 30 Jul 2021 09:06:21 GMT

GET
H/1.1 200
OK data-risk-governance-bisos-perspective-showcase_image-5-a-16714.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 46 KB
47 KB 59ms
57ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/data-risk-governance-bisos-perspective-showcase_image-5-a-16714.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cbe43dc55d5f2ba122c9491e0fde758d380da483ba3381f30575263381b00347

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Fri, 21 May 2021 11:59:40 GMT
X-Trans-Id: txd9dfcbae69c84ca590a29-0060d2aab3dfw1
ETag: 791ac76d08dc36eef6245528a6080af2
Content-Type: image/jpeg
X-Timestamp: 1621598379.80691
Cache-Control: public, max-age=58545
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47458
Expires: Fri, 30 Jul 2021 08:43:14 GMT

GET
H/1.1 200
OK improving-iot-risk-management-showcase_image-10-a-12689.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 60 KB
61 KB 50ms
49ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/improving-iot-risk-management-showcase_image-10-a-12689.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6ec9288103b5919c36e28909faf04364cdf19cf7687e234663d0d9daab65a3c0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Fri, 28 Jun 2019 14:04:32 GMT
X-Trans-Id: tx02bfa77783654d38ad8e9-006033d15bdfw1
ETag: 7f5fdd9cf37f980ea13c12c231815e13
Content-Type: image/jpeg
X-Timestamp: 1561730671.53151
Cache-Control: public, max-age=40572
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61807
Expires: Fri, 30 Jul 2021 03:43:41 GMT

GET
H/1.1 200
OK gdpr-where-do-we-go-from-here-showcase_image-1-a-12681.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 62 KB
62 KB 66ms
65ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/gdpr-where-do-we-go-from-here-showcase_image-1-a-12681.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8bc7f122cae9e9efd75cd58076d06fb057d8f50abf07ffc1716e17d87682b9cf

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Tue, 25 Jun 2019 19:30:48 GMT
X-Trans-Id: tx780eb42c426f415ca59d8-00605cd0addfw1
ETag: bba47bed092092a1c82b09a86a3a0e40
Content-Type: image/jpeg
X-Timestamp: 1561491047.60933
Cache-Control: public, max-age=40609
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63007
Expires: Fri, 30 Jul 2021 03:44:18 GMT

GET
H/1.1 200
OK reinventing-application-security-showcase_image-10-a-12671.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 53 KB
53 KB 59ms
59ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/reinventing-application-security-showcase_image-10-a-12671.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4179815331b1b050e45da1ccf1d1a8cb50904e1cbb92228b32d55d545d4aaf7c

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Tue, 25 Jun 2019 19:54:35 GMT
X-Trans-Id: tx5993f37ecbce42fa89e1b-006033d7acdfw1
ETag: 89521d60b07d7e85acabbf0301821f45
Content-Type: image/jpeg
X-Timestamp: 1561492474.52472
Cache-Control: public, max-age=40600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54026
Expires: Fri, 30 Jul 2021 03:44:09 GMT

GET
H/1.1 200
OK risk-resilience-finding-right-balance-showcase_image-5-i-4361.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 64 KB
65 KB 53ms
49ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/risk-resilience-finding-right-balance-showcase_image-5-i-4361.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6223b2c109c05820bf8c234dfa1b60e799a424c28480f455b965e10d3b1d8927

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Mon, 24 Jun 2019 17:07:51 GMT
X-Trans-Id: tx2eff020d216c484885758-0060d01d12dfw1
ETag: 7762f568fb60ddb2fe5fae624e206784
Content-Type: image/jpeg
X-Timestamp: 1561396070.41600
Cache-Control: public, max-age=64988
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65929
Expires: Fri, 30 Jul 2021 10:30:37 GMT

GET
H/1.1 200
OK attackers-rely-on-exotic-languages-for-malware-creation-showcase_image-4-a-17142.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 93 KB
93 KB 58ms
58ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/attackers-rely-on-exotic-languages-for-malware-creation-showcase_image-4-a-17142.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dd247b49b92229fab7ace2c4e8922898b864cb40afb9f7a9ced373cbcaa2d2db

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Mon, 26 Jul 2021 17:37:12 GMT
X-Trans-Id: txf10358ffa9a44760abe0a-0060fef4fddfw1
ETag: 20f9e55b347d489b361cdc4c7bc76045
Content-Type: image/jpeg
X-Timestamp: 1627321031.31412
Cache-Control: public, max-age=78289
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95191
Expires: Fri, 30 Jul 2021 14:12:17 GMT

GET
H/1.1 200
OK rashmi-ramesh-largeImage-6-a-4224.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 47 KB
47 KB 51ms
49ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/rashmi-ramesh-largeImage-6-a-4224.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 82278cf6922511881fe499fa75dbb036ee171da12bc061b1c5498f03f14d341b

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Fri, 04 Jun 2021 14:15:05 GMT
X-Trans-Id: tx39c3655d21bf4d8381bf8-0060f29a67dfw1
ETag: cfc7e3c8029c022d10bf897b7a5ba542
Content-Type: image/jpeg
X-Timestamp: 1622816104.11947
Cache-Control: public, max-age=52867
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48028
Expires: Fri, 30 Jul 2021 07:08:36 GMT

GET
H/1.1 200
OK essential-guide-to-security-pdf-3-w-6542.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 120 KB
120 KB 53ms
46ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/essential-guide-to-security-pdf-3-w-6542.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 99f0cea6d5bacd8feafc9573735ba60065ae4dd0a08b917046376e55747f3dca

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Mon, 10 Aug 2020 14:09:56 GMT
X-Trans-Id: tx57a1f0af67a649ac8a9ce-0060cddf88dfw1
ETag: 6da5d59b0c12bd6dea45b711a4ce94ae
Content-Type: image/jpeg
X-Timestamp: 1597068595.74595
Cache-Control: public, max-age=52809
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 122560
Expires: Fri, 30 Jul 2021 07:07:38 GMT

GET
H/1.1 200
OK soar-buyers-guide-pdf-4-w-6563.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 400 KB
401 KB 53ms
47ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/soar-buyers-guide-pdf-4-w-6563.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 07d2e3bd017505f88698e8237afaaa73e8200ada50fd97185bfd72b22eacb3ec

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Mon, 10 Aug 2020 18:12:06 GMT
X-Trans-Id: tx6db514f7d6b04d8099814-0060e55194dfw1
ETag: 027defc7da9f046dd41fedc69e2684c7
Content-Type: image/jpeg
X-Timestamp: 1597083125.09769
Cache-Control: public, max-age=64955
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 410089
Expires: Fri, 30 Jul 2021 10:30:04 GMT

GET
H/1.1 200
OK forrester-tech-tide-threat-intelligence-q2-2021-from-anomali-pdf-8-w-8434.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 68 KB
68 KB 52ms
46ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/forrester-tech-tide-threat-intelligence-q2-2021-from-anomali-pdf-8-w-8434.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6311d25f9e3c662ff21c595541d79908d20c613da012ec2448bd1df00fd4cd33

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Wed, 14 Jul 2021 19:50:43 GMT
X-Trans-Id: txdc31679e2d43467884534-0060f1e5ecdfw1
ETag: 0d13c6dc65e458b1eb002b6958e59253
Content-Type: image/jpeg
X-Timestamp: 1626292242.07167
Cache-Control: public, max-age=40633
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 69669
Expires: Fri, 30 Jul 2021 03:44:42 GMT

GET
H/1.1 200
OK adopting-defense-in-depth-approach-to-security-pdf-8-w-8254.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 286 KB
287 KB 64ms
58ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/adopting-defense-in-depth-approach-to-security-pdf-8-w-8254.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cdce62618fd2a106a9f7293bd0bc944409cca92a2cdbaa86889d188b70dfd412

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Sat, 12 Jun 2021 18:19:53 GMT
X-Trans-Id: txfb806e94fab04babbe29c-0060dd1733dfw1
ETag: 95d19a9a14d608d551ee1ebdcc885652
Content-Type: image/jpeg
X-Timestamp: 1623521992.36261
Cache-Control: public, max-age=64919
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 293114
Expires: Fri, 30 Jul 2021 10:29:28 GMT

GET
H/1.1 200
OK how-to-stay-ahead-ransomware-review-combining-edr-epm-pdf-5-w-8294.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 150 KB
150 KB 71ms
65ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/how-to-stay-ahead-ransomware-review-combining-edr-epm-pdf-5-w-8294.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 20b553d235668204a66b9e68842ce9affd0fc856d239caee9e781bebf4b4d4b7

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Wed, 16 Jun 2021 17:32:54 GMT
X-Trans-Id: tx8c5a6b278f264ccda7607-0060ce819adfw1
ETag: a84d4260ea4111afea8498c9f394b1c2
Content-Type: image/jpeg
X-Timestamp: 1623864773.13223
Cache-Control: public, max-age=64938
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 153588
Expires: Fri, 30 Jul 2021 10:29:47 GMT

GET
H/1.1 200
OK revisiting-ransomware-protection-assume-breach-perspective-pdf-10-w-8295.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 176 KB
177 KB 63ms
58ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/revisiting-ransomware-protection-assume-breach-perspective-pdf-10-w-8295.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 95d751a305a7addde5ff21b84c84ad791f1d2af816885ff0b00b03da6a2dac3a

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Wed, 16 Jun 2021 17:40:59 GMT
X-Trans-Id: txb785f762d9d54470bc9c0-006102b758dfw1
ETag: 84613bdcfcd39555c4e887d75d0e0b65
Content-Type: image/jpeg
X-Timestamp: 1623865258.77790
Cache-Control: public, max-age=78312
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 180610
Expires: Fri, 30 Jul 2021 14:12:41 GMT

GET
H/1.1 200
OK you-need-modern-regulatory-framework-pdf-6-w-8227.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 129 KB
130 KB 57ms
55ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/you-need-modern-regulatory-framework-pdf-6-w-8227.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3cd3496561d578b546c0bc39e94b64a825fcb9726da5b667099e75314565b8b

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Fri, 04 Jun 2021 15:05:32 GMT
X-Trans-Id: tx146c5526d6ac4e288ef10-0060c8b50cdfw1
ETag: a563dab3071666b92b5cbd5ea2be28da
Content-Type: image/jpeg
X-Timestamp: 1622819131.68521
Cache-Control: public, max-age=46887
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 132346
Expires: Fri, 30 Jul 2021 05:28:56 GMT

GET
H/1.1 200
OK automating-security-operations-pdf-1-w-7742.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 110 KB
111 KB 52ms
50ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/automating-security-operations-pdf-1-w-7742.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d03bb95aabd87262b4f1107d21adf0a9ab6f6249d2668c9b52370dab9fe3e41f

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Sat, 06 Mar 2021 03:13:44 GMT
X-Trans-Id: tx1706b8fd7c7b4f54b6f07-0060c7480edfw1
ETag: 2f8fcd43bb57ad64f6dec548cb82a78a
Content-Type: image/jpeg
X-Timestamp: 1615000423.96287
Cache-Control: public, max-age=44822
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 113094
Expires: Fri, 30 Jul 2021 04:54:31 GMT

GET
H/1.1 200
OK expert-analysis-battle-against-ransomware-showcase_image-9-i-4927.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 109 KB
109 KB 51ms
51ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/expert-analysis-battle-against-ransomware-showcase_image-9-i-4927.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 84c53683047ffcc4f5c2a4310dc7ddbccdd82bd022e8506492827f9e6af957da

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Thu, 08 Jul 2021 18:25:38 GMT
X-Trans-Id: tx3e956cccc3614cb1a72c6-0060e801d5dfw1
ETag: a10f1402d8bcb99f0bd893bf46eb3749
Content-Type: image/jpeg
X-Timestamp: 1625768737.93871
Cache-Control: public, max-age=45446
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111414
Expires: Fri, 30 Jul 2021 05:04:55 GMT

GET
H/1.1 200
OK live-panel-how-organizations-should-think-about-zero-trust-showcase_image-9-w-3339.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 155 KB
155 KB 60ms
58ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-panel-how-organizations-should-think-about-zero-trust-showcase_image-9-w-3339.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 17bd792b9177948d5256b32b74d9801898dd8bb86833811409ebd7d8288b6918

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Mon, 28 Jun 2021 22:19:29 GMT
X-Trans-Id: tx9f96b3de231d4ec398c8f-0060fbc5d1dfw1
ETag: bc2f628fcb75fa582a9d07f567e9b5e7
Content-Type: image/jpeg
X-Timestamp: 1624918768.02357
Cache-Control: public, max-age=52535
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 158629
Expires: Fri, 30 Jul 2021 07:03:03 GMT

GET
H/1.1 200
OK top-50-security-threats-pdf-3-w-7197.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 133 KB
133 KB 101ms
67ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/top-50-security-threats-pdf-3-w-7197.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9b17ef8136ff4490261985a5fa3797823003fa9b6215927406320ffc6dd0454f

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Thu, 26 Nov 2020 03:25:12 GMT
X-Trans-Id: tx41d16bad254743b7a9981-006033c64edfw1
ETag: 3ab548d81e0bea84e6676e4b83ebf800
Content-Type: image/jpeg
X-Timestamp: 1606361111.12978
Cache-Control: public, max-age=48804
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 135741
Expires: Fri, 30 Jul 2021 06:00:53 GMT

GET
H/1.1 200
OK combating-hacking-techniques-how-to-defend-against-ddos-ransomware-cryptojacking-pdf-8-w-8198.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 165 KB
165 KB 134ms
53ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/combating-hacking-techniques-how-to-defend-against-ddos-ransomware-cryptojacking-pdf-8-w-8198.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 264c5659549d0b381b7cdf6299a76e82f865984e4b09782f3c2947787227d107

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Thu, 03 Jun 2021 11:57:53 GMT
X-Trans-Id: tx8cc572d77b86484f99186-0060c0f318dfw1
ETag: 8f0c22d92eb799eea07f8349e37290d1
Content-Type: image/jpeg
X-Timestamp: 1622721472.46366
Cache-Control: public, max-age=52589
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 168573
Expires: Fri, 30 Jul 2021 07:03:58 GMT

GET
H/1.1 200
OK assume-breach-mindset-4-steps-to-protect-what-attackers-are-after-pdf-5-w-7723.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 200 KB
200 KB 166ms
85ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/assume-breach-mindset-4-steps-to-protect-what-attackers-are-after-pdf-5-w-7723.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2e77f857d645528c414c68e9b9b12580429bf3d8c915ab5b0dee368bbff79750

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Thu, 04 Mar 2021 03:40:30 GMT
X-Trans-Id: tx7bed200ee3bf4226a02a4-0060d3fc1fdfw1
ETag: c8c2390b8a2e185527125773d617045f
Content-Type: image/jpeg
X-Timestamp: 1614829229.96742
Cache-Control: public, max-age=40646
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 204830
Expires: Fri, 30 Jul 2021 03:44:55 GMT

GET
H/1.1 200
OK office-365-backup-teams-what-you-need-to-know-showcase_image-6-a-15765.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 60 KB
60 KB 61ms
59ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/office-365-backup-teams-what-you-need-to-know-showcase_image-6-a-15765.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 216e5c3467ffca143cc7de00e94c4a16aa028b6be7ad707a35d731b958c1796e

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Fri, 29 Jan 2021 17:04:16 GMT
X-Trans-Id: txe73405d909db4524a3554-0060d7ff20dfw1
ETag: f010368b3294585f1c08aa53f4e52baa
Content-Type: image/jpeg
X-Timestamp: 1611939855.83891
Cache-Control: public, max-age=47040
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61197
Expires: Fri, 30 Jul 2021 05:31:28 GMT

GET
H/1.1 200
OK telehealths-growing-security-privacy-concerns-kayne-mcgladrey-podcast-showcase_image-6-i-4916.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 179 KB
180 KB 53ms
51ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/telehealths-growing-security-privacy-concerns-kayne-mcgladrey-podcast-showcase_image-6-i-4916.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 043845795a60c1ec61fb7f83e4565743139b4dda3f20ee1fa26d2f9f1fdc0bd6

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Thu, 17 Jun 2021 14:52:18 GMT
X-Trans-Id: txca2097a56e0d4e6da5eb5-0060e86a55dfw1
ETag: c95f95bf9266676ab0fb9161833cdb33
Content-Type: image/jpeg
X-Timestamp: 1623941537.12293
Cache-Control: public, max-age=40587
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 183514
Expires: Fri, 30 Jul 2021 03:43:56 GMT

GET
H/1.1 200
OK educating-training-future-cybersecurity-pros-showcase_image-1-i-4930.png
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 39 KB
40 KB 56ms
54ms Image
image/png 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/educating-training-future-cybersecurity-pros-showcase_image-1-i-4930.png
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4211834953959b9f34f04ff5d7c66232a827c9a6e86a28d3ac87359d67b260fd

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Fri, 09 Jul 2021 20:06:27 GMT
X-Trans-Id: txa00fdb4f60fa43588e1b5-0060f032dbdfw1
ETag: eecf5cdd9d3c347deaafa3d1fc8b6755
Content-Type: image/png
X-Timestamp: 1625861186.77418
Cache-Control: public, max-age=44879
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40266
Expires: Fri, 30 Jul 2021 04:55:28 GMT

GET
H/1.1 200
OK kaseya-ransomware-largest-attack-ive-witnessed-so-far-showcase_image-3-i-4926.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 50 KB
50 KB 58ms
56ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/kaseya-ransomware-largest-attack-ive-witnessed-so-far-showcase_image-3-i-4926.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: afaa1d21b898b620f137781915565621fa6926dff02dcfa69bf9986ac4f2cba3

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Sun, 04 Jul 2021 20:36:52 GMT
X-Trans-Id: txd6aa615b17ad41d880076-0060e21c11dfw1
ETag: 9b84a3fc884013440c7005bb029d3afb
Content-Type: image/jpeg
X-Timestamp: 1625431011.30668
Cache-Control: public, max-age=45425
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50854
Expires: Fri, 30 Jul 2021 05:04:34 GMT

GET
H/1.1 200
OK moving-forward-identity-centric-security-showcase_image-3-i-4928.png
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 265 KB
266 KB 62ms
54ms Image
image/png 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/moving-forward-identity-centric-security-showcase_image-3-i-4928.png
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2a7a2572c61c280414d3c640b8df2e58da6d51810b669ea8c06c82207bec26c7

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Thu, 08 Jul 2021 16:50:11 GMT
X-Trans-Id: tx9995ad5e8e3d4dcf93cc3-0060ede222dfw1
ETag: 425dbb581d7ca7c04e956bafb27754cf
Content-Type: image/png
X-Timestamp: 1625763010.29960
Cache-Control: public, max-age=59942
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 271823
Expires: Fri, 30 Jul 2021 09:06:31 GMT

GET
H/1.1 200
OK weissgoel-showcase_image-4-i-4935.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 85 KB
85 KB 60ms
51ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/weissgoel-showcase_image-4-i-4935.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b368f3616d7399dc2bafcd050ab4efe2fbed38128805e2bc0fda31bb57722958

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Fri, 16 Jul 2021 17:24:31 GMT
X-Trans-Id: tx2cd461ac093b480093eab-0060f1daefdfw1
ETag: 701f754ad2b1e544a3fdb7af25fa710b
Content-Type: image/jpeg
X-Timestamp: 1626456270.90159
Cache-Control: public, max-age=54436
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87011
Expires: Fri, 30 Jul 2021 07:34:45 GMT

GET
H/1.1 200
OK logo-ismg-with-text.png
www.govinfosecurity.com/images-responsive/ 4 KB
4 KB 153ms
148ms Image
image/png 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.govinfosecurity.com/images-responsive/logo-ismg-with-text.png

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

4e2db1bef009e01901b4083a153f1607301428277a76f508e659dc2849cefa04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Cookie: visitorip=217.138.203.164; __atuvc=1%7C30; __atuvs=6102d6f02574966d000; PHPSESSID=9h81mg8ejbfl6j8qc52hffarlt
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 4175

GET
H/1.1 200
OK logo-ismg-print.png
www.govinfosecurity.com/images-responsive/ 5 KB
6 KB 151ms
149ms Image
image/png 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.govinfosecurity.com/images-responsive/logo-ismg-print.png

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

5133e2e1a213ca44a8adb1f42f103a2d2e495849dfa4d42bf67c04fcc962e577

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Cookie: visitorip=217.138.203.164; __atuvc=1%7C30; __atuvs=6102d6f02574966d000; PHPSESSID=9h81mg8ejbfl6j8qc52hffarlt
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 5598

GET
H/1.1 200
OK ondemand-preview-w-255.jpg
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ 56 KB
57 KB 190ms
78ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ondemand-preview-w-255.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3059f92e36a564c5cbcedc195f764e3c55c8cf919c84129c5f202870e7026b61

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Fri, 05 Jul 2013 12:55:26 GMT
X-Trans-Id: txd031d40035234bd1b9c5a-006102cf7cdfw1
ETag: 7aece0902995efedc289b7c24037434b
Content-Type: image/jpeg
X-Timestamp: 1373028925.94439
Cache-Control: public, max-age=329
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57633
Expires: Thu, 29 Jul 2021 16:32:58 GMT

GET
H/1.1 200
OK ron-ross-smallImage-a-558.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 10 KB
11 KB 50ms
49ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ron-ross-smallImage-a-558.jpg
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9c8bb391a723e088d163b560afa73f709c42a69df5647c4fefce9d16e4226895

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Fri, 01 Nov 2013 13:09:25 GMT
X-Trans-Id: txf3eaf1749d2b4229aa44c-00605cc514dfw1
ETag: fac8c56390d084c4f1dfaa9b24a58c33
Content-Type: image/jpeg
X-Timestamp: 1383311364.81114
Cache-Control: public, max-age=45979
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10640
Expires: Fri, 30 Jul 2021 05:13:48 GMT

GET
H/1.1 404
Not Found modernizr.js
www.govinfosecurity.com/javascripts-responsive/vendor/ 0
0 270ms
197ms Script
text/html 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/javascripts-responsive/vendor/modernizr.js?s=1627576046.8412

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Cookie: PHPSESSID=gm35rtqiiib2telgqq29qnqvia; _advert=false
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jul 2021 16:27:28 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 ismg-user-ip Show response
worker.ismgcorp.com/ 15 B
201 B 691ms
173ms XHR
text/html 104.130.251.6
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://worker.ismgcorp.com/ismg-user-ip
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/javascripts-responsive/vendor/jquery.min.js?s=1627576046.8412
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.130.251.6 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 44391ed08160fabba8e6680a1d197982535a6dc7d341e9e2683f3290b6be5b1f

Request headers

Accept: */*
Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:28 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
content-length: 35

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 70 KB
25 KB 41ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f78bdcea170d447280c479ebaef5c8525ab171cdc918406db827f1f07fd6caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "943 / 22 of 1000 / last-modified: 1627556977"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24689
x-xss-protection: 0
expires: Thu, 29 Jul 2021 16:27:29 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 118ms
30ms Script
application/x-javascript 23.45.104.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/javascripts-responsive/vendor/jquery.min.js?s=1627576046.8412
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.104.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-104-85.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 026c5db877da222d2316bf1197b8947a96c7623d51a4d462c91bf927dece3429

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 May 2021 01:40:41 GMT
Server: AkamaiNetStorage
ETag: "5379c4a40ff8ae9d2fc6484dd1c57349:1622166041.794746"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 88 KB
35 KB 44ms
21ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5W6LPF

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cada5637864008098963e6da662be4ca10da9f28604544f1f7ca64d7044f76b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35694
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Jul 2021 16:27:29 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 8ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.govinfosecurity.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 18:26:10 GMT
x-content-type-options: nosniff
age: 252078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 18:26:10 GMT

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/choozle/12567/ 274 B
416 B 131ms
129ms Script
text/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/12567/serverComponent.php?r=0.26636002346188903&namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/12567/code/&publishedOn=Mon%20Mar%2001%2015:40:45%20GMT%202021&ClientID=923&PageID=https%3A%2F%2Fwww.govinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/12567/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a4557b499d24fff14c8bf9510c1274f26a487043b97b367323134fde72088aab

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:29 GMT
cache-control: no-cache, no-store
server: nginx
content-type: text/javascript
content-length: 274
expires: Thu, 29 Jul 2021 16:27:28 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.govinfosecurity.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 03:39:05 GMT
x-content-type-options: nosniff
age: 218903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14992
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:24 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 03:39:05 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff
www.govinfosecurity.com/css-responsive/fonts/ 43 KB
44 KB 150ms
149ms Font
application/font-woff 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/css-responsive/fonts/fontawesome-webfont.woff?v=4.2.0

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/css-responsive/vendor/font-awesome.min.css?s=1627576046.8412

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.govinfosecurity.com
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.govinfosecurity.com/css-responsive/vendor/font-awesome.min.css?s=1627576046.8412
Connection: keep-alive
Origin: https://www.govinfosecurity.com
Referer: https://www.govinfosecurity.com/css-responsive/vendor/font-awesome.min.css?s=1627576046.8412
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Last-Modified: Fri, 09 Jul 2021 15:40:37 GMT
Server: Apache
ETag: "ad90-5c6b297dce91d"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 44432

GET
H/1.1 200
OK main.js Show response
www.govinfosecurity.com/javascripts-responsive/ 42 KB
10 KB 170ms
169ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/javascripts-responsive/main.js?s=1627576046.8412

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

378e1773698b5938e8009e8a9b8986b924adb0c2e636188da39164210b4f7b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 9798

GET
H/1.1 200
OK media-transcript-navigation.js Show response
www.govinfosecurity.com/javascripts-responsive/ 26 KB
7 KB 162ms
161ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/javascripts-responsive/media-transcript-navigation.js?s=1627576046.8412

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

ae3c472ff47a96820c1acdf9574b231a88f62a006b84d320eb313af40f32f2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 6519

GET
H/1.1 200
OK bis-hdr.r1.js Show response
www.govinfosecurity.com/javascripts-responsive/ 1 KB
839 B 161ms
159ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/javascripts-responsive/bis-hdr.r1.js?s=1627576046.8412

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

4c92262ff23b2116bad93fc1e36f1a597dc713ad8b3cd03d56f8e49bec4cb186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 455

GET
H/1.1 200
OK jquery.browser.js Show response
www.govinfosecurity.com/javascripts-responsive/ 2 KB
1 KB 185ms
149ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/javascripts-responsive/jquery.browser.js

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

bbe0aa82dca8a36f677fb17025c3baa011d355bd7cb42d4aacea1b0265855d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1022

GET
H/1.1 200
OK jquery.prettyPhoto.js Show response
www.govinfosecurity.com/javascripts-responsive/ 24 KB
7 KB 299ms
154ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/javascripts-responsive/jquery.prettyPhoto.js

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

1edbdbe7dd4c59e2fef20ef8dc4615a18d116fdf43daf018dce46a93e6cb153e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:28 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 6459

GET
H3-29 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.govinfosecurity.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 22:08:26 GMT
x-content-type-options: nosniff
age: 238742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:26 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 22:08:26 GMT

GET
H3-29 200 memnYaGs126MiZpBA-UFUKWyV9hrIqM.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/memnYaGs126MiZpBA-UFUKWyV9hrIqM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9e72fed9f647684a0437f185bf4ed620de7b49f236453256716b639ac56f04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.govinfosecurity.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 21:27:08 GMT
x-content-type-options: nosniff
age: 241220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13916
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 21:27:08 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.govinfosecurity.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 01:25:07 GMT
x-content-type-options: nosniff
age: 226941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 01:25:07 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 147ms
48ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:29 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=38996
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

POST
H/1.1 200
OK Cookie set ajax.php Show response
www.govinfosecurity.com/ 5 B
523 B 173ms
173ms XHR
text/html 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.govinfosecurity.com/ajax.php?json=notificationCookies&action=getNotifications
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/javascripts-responsive/vendor/jquery.min.js?s=1627576046.8412
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Sec-Fetch-Mode: cors
Origin: https://www.govinfosecurity.com
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: visitorip=217.138.203.164
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
Host: www.govinfosecurity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Cache-Control: no-cache
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Sec-Fetch-Site: same-origin
Accept: */*
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jul 2021 16:27:29 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=6k7jks6eo5mv10dedhelda5m6e; expires=Thu, 29-Jul-2021 20:27:29 GMT; Max-Age=14400; path=/; SameSite=None; Secure
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=92
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET ondemand-preview-w-255.mp4
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ 0
0

GET
H/1.1 200
OK embed.js Show response
bankinfosecurity.disqus.com/ 75 KB
25 KB 115ms
30ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bankinfosecurity.disqus.com/embed.js

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

3c46767972a870d1442744261a73fdf737307800231b2d09e363a40372f691bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Content-Encoding: gzip
Server: openresty
Age: 8
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24714

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 24ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 4145
date: Thu, 29 Jul 2021 15:18:24 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Thu, 29 Jul 2021 17:18:24 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 28 KB
13 KB 463ms
55ms Script
application/javascript 54.229.143.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?2962021
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.143.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-143-145.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8036e893559287b0a9982f4476fc16208c7b98a0b0b73622085a1d7a35a62270

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Jul 2021 06:46:27 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=51537
Connection: keep-alive
Content-Length: 12574
Expires: Fri, 30 Jul 2021 06:46:27 GMT

GET
H/1.1 200
OK insight.min.js Show response
sjs.bizographics.com/ 5 KB
2 KB 26ms
7ms Script
application/x-javascript 2a02:26f0:6c00:2af::3adf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sjs.bizographics.com/insight.min.js
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2af::3adf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 15 Jun 2021 01:25:13 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=82447
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2079

GET
H/1.1 200
OK Cookie set ajax.php Show response
www.govinfosecurity.com/ 5 KB
1 KB 172ms
170ms XHR
text/html 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.govinfosecurity.com/ajax.php?json=twitterWidget
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/javascripts-responsive/vendor/jquery.min.js?s=1627576046.8412
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 6278efa234b160faa6c393cedaf2bf813f7dcee8b61e61499bc2f0dc2831054d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: text/html, */*; q=0.01
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: visitorip=217.138.203.164
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Accept: text/html, */*; q=0.01
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jul 2021 16:27:29 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Set-Cookie: PHPSESSID=9h81mg8ejbfl6j8qc52hffarlt; expires=Thu, 29-Jul-2021 20:27:29 GMT; Max-Age=14400; path=/; SameSite=None; Secure
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-4fd2203260ba2141/ 166 B
325 B 77ms
67ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-4fd2203260ba2141/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:29 GMT
content-encoding: gzip
etag: 659743217
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=32, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 154

GET
H/1.1 206
Partial Content ondemand-preview-w-255.mp4
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ 3 MB
0 142ms
55ms Media
video/mp4 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ondemand-preview-w-255.mp4
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://www.govinfosecurity.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Last-Modified: Fri, 05 Jul 2013 12:56:36 GMT
X-Trans-Id: tx4775a76100d14e6f9101b-006080760cdfw1
ETag: e5d65b36cc2f1ee7de6cc53cd6609280
Content-Type: video/mp4
Content-Range: bytes 0-10621769/10621770
X-Timestamp: 1373028995.98411
Cache-Control: public, max-age=673
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10621770
Expires: Thu, 29 Jul 2021 16:38:42 GMT

GET
H2 200 cooltext569749275_normal.png
pbs.twimg.com/profile_images/1569806720/ 7 KB
7 KB 39ms
6ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1569806720/cooltext569749275_normal.png

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6712) /

Resource Hash

437f09cad118b977665bd32d3cfe448e946ff9c54f0246753f1979252474157f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:29 GMT
x-content-type-options: nosniff
age: 430459
x-cache: HIT
content-length: 7190
surrogate-key: profile_images profile_images/bucket/6 profile_images/1569806720
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
server: ECS (frb/6712)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1a6fd2db0002532f5dca5ef3079b842521818448020c72922e7c7fcfd2bb4dbf
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 kl5G4rq7_normal.jpg
pbs.twimg.com/profile_images/1045681989095960577/ 2 KB
2 KB 39ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1045681989095960577/kl5G4rq7_normal.jpg

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6738) /

Resource Hash

7cf9de703df302399230af4bec8005e4f79b0c7187863eef78f5b740942b1b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:29 GMT
x-content-type-options: nosniff
age: 353744
x-cache: HIT
content-length: 2035
surrogate-key: profile_images profile_images/bucket/5 profile_images/1045681989095960577
last-modified: Fri, 28 Sep 2018 14:27:48 GMT
server: ECS (frb/6738)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 25de4892ddf8c10e17c9d0fb0608c96dbb3eff17d5948163175538689a92c93f
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 BDqsH4xQ_normal.jpg
pbs.twimg.com/profile_images/1246205882922201088/ 2 KB
2 KB 35ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1246205882922201088/BDqsH4xQ_normal.jpg

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6762) /

Resource Hash

e988625f007b2e96b5f5796e7ae0619f5348c319851ddffc668c216ff5583a70

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:29 GMT
x-content-type-options: nosniff
age: 281891
x-cache: HIT
content-length: 2111
surrogate-key: profile_images profile_images/bucket/8 profile_images/1246205882922201088
last-modified: Fri, 03 Apr 2020 22:38:10 GMT
server: ECS (frb/6762)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9a27992275c1784c0b413ca9c025598b9c7290b2e460f6d89ed60025f0123f8a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 i1glvKTp_normal.jpg
pbs.twimg.com/profile_images/748960692200361984/ 2 KB
2 KB 10ms
5ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/748960692200361984/i1glvKTp_normal.jpg

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F2) /

Resource Hash

9d4cb85558f6e7ae6b1e6ba21e4e62615bc8b6d87e6ea6deb343a67937512f0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:29 GMT
x-content-type-options: nosniff
age: 424698
x-cache: HIT
content-length: 2187
surrogate-key: profile_images profile_images/bucket/8 profile_images/748960692200361984
last-modified: Fri, 01 Jul 2016 19:23:18 GMT
server: ECS (frb/67F2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f297ca52aaaf7c7e834aba92f177f459ab738817c522e81b1f444a1c7641e312
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 twQrCWS__normal.jpg
pbs.twimg.com/profile_images/769200327933526016/ 2 KB
2 KB 12ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/769200327933526016/twQrCWS__normal.jpg

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BD) /

Resource Hash

fe0f3362f3b560e6d9d975f7a0898cb216dac638534f73d313373908cb90548b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:29 GMT
x-content-type-options: nosniff
age: 281891
x-cache: HIT
content-length: 2111
surrogate-key: profile_images profile_images/bucket/7 profile_images/769200327933526016
last-modified: Fri, 26 Aug 2016 15:48:23 GMT
server: ECS (frb/67BD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 23da92f05901b178107a30eb57a252c575bd458ea702c29b12f3ed5fe4b2ffa1
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 pubads_impl_2021072403.js Show response
securepubads.g.doubleclick.net/gpt/ 318 KB
112 KB 106ms
40ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

f33472fb0529099b682dcc4b94104ea70cec2d79d8ecca8875754a39a6d227ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Jul 2021 15:22:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113953
x-xss-protection: 0
expires: Thu, 29 Jul 2021 16:27:29 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 42 B
715 B 359ms
40ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.govinfosecurity.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

b63391d0dda1c1833cb9ff52ae97bd9a547db83e228c92968f66431d1d31e187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 16:27:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58
x-xss-protection: 0
expires: Thu, 29 Jul 2021 16:27:30 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1627576049721&url=https%3A%2F%2Fwww.govinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D749%26time%3D1627576049721%26url%3Dhttps%253A%252F%252Fwww.govinfosecurity.com%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1627576049721&url=https%3A%2F%2Fwww.govinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1627576049721&url=https%3A%2F%2Fwww.govinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&liSync=true&e_...

0
371 B

574ms
160ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1627576049721&url=https%3A%2F%2Fwww.govinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&liSync=true&e_ipv6=AQJCSrs2gKL2GQAAAXrzF6bS01qBcZk0PFeKbPtxm12jxK-jjlEvrRUsS3piJm6Hsl4NJdTJ
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:32 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: WpS9ystPlhbwpRwWOCsAAA==

Redirect headers

date: Thu, 29 Jul 2021 16:27:31 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1627576049721&url=https%3A%2F%2Fwww.govinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&liSync=true&e_ipv6=AQJCSrs2gKL2GQAAAXrzF6bS01qBcZk0PFeKbPtxm12jxK-jjlEvrRUsS3piJm6Hsl4NJdTJ
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: 6BoboctPlhbAWiqiqysAAA==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 16ms
16ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1522392585&t=pageview&_s=1&dl=https%3A%2F%2Fwww.govinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&ul=en-us&de=UTF-8&dt=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=602585836&gjid=437489350&cid=1435811443.1627576050&tid=UA-212197-7&_gid=198610742.1627576050&_r=1&_slc=1&z=1104829873

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 16:27:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.govinfosecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 17ms
16ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1522392585&t=pageview&_s=1&dl=https%3A%2F%2Fwww.govinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&ul=en-us&de=UTF-8&dt=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=1569415825&gjid=802168328&cid=1435811443.1627576050&tid=UA-212197-36&_gid=198610742.1627576050&_r=1&_slc=1&z=1249857417

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 16:27:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.govinfosecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
9ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=1522392585&t=event&_s=2&dl=https%3A%2F%2Fwww.govinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&ul=en-us&de=UTF-8&dt=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=dailyemailupdates&ea=impression&el=&_u=IEDAAEABAAAAAC~&jid=&gjid=&cid=1435811443.1627576050&tid=UA-212197-7&_gid=198610742.1627576050&z=525878785

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jul 2021 16:31:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 86161
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/160/ 11 KB
5 KB 31ms
30ms Script
application/x-javascript 23.45.104.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/160/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.104.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-104-85.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 99fa5a280296b5fc7b63433ee121a359fc68c4a37f04a87d363e751164b96ff1

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Feb 2021 02:54:38 GMT
Server: AkamaiNetStorage
ETag: "19a9335fd71267d56e65bc19390f3100:1613703278.138281"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4811
Expires: Sat, 06 Nov 2021 16:27:29 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
466 B 44ms
16ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-212197-7&cid=1435811443.1627576050&jid=602585836&gjid=437489350&_gid=198610742.1627576050&_u=IEBAAEAAAAAAAC~&z=1654090678

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 29 Jul 2021 16:27:29 GMT
content-type: text/plain
access-control-allow-origin: https://www.govinfosecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 35ms
17ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-212197-36&cid=1435811443.1627576050&jid=1569415825&gjid=802168328&_gid=198610742.1627576050&_u=IEDAAEABAAAAAC~&z=1256538993

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 29 Jul 2021 16:27:29 GMT
content-type: text/plain
access-control-allow-origin: https://www.govinfosecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7e3bcccbe9be6061a65a6eb142929580.js Show response
nexus.ensighten.com/choozle/12567/code/ 2 KB
558 B 36ms
35ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/12567/code/7e3bcccbe9be6061a65a6eb142929580.js?conditionId0=421905
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/12567/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9186ad0839410bf3d20f3c5b242b36027562baac85ffb8cba18b50b6e4d7945d

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:29 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 15:40:46 GMT
server: nginx
etag: W/"603d0afe-746"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 lounge.e16bb81d3982e913e07bd7f31be71a6c.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 58ms
13ms Other
text/css 2600:9000:2190:d200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:d200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 19:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1458382
x-cache: Hit from cloudfront
content-length: 25871
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 08 Jul 2021 22:07:43 GMT
server: nginx
etag: "60e7772f-650f"
content-type: text/css; charset=utf-8
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
expires: Tue, 12 Jul 2022 19:21:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: Cs8Ytp7ctZIw1C4i0yX5fShHeNg5ZMo27yNu-lrNV6kjjsVml1_lQg==
x-cache-hits: 0

GET
H2 200 common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
c.disquscdn.com/next/embed/ 0
93 KB 68ms
23ms Other
application/javascript 2600:9000:2190:d200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:d200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 20:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 850816
x-cache: Hit from cloudfront
content-length: 94790
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 19 Jul 2021 19:39:06 GMT
server: nginx
etag: "60f5d4da-17246"
content-type: application/javascript; charset=utf-8
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
expires: Tue, 19 Jul 2022 20:07:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: TO9pDW1lnuvQcXtWFVXSUfdFxvgBAMlhuVypVMxlP4498Zy6ElVLoA==
x-cache-hits: 0

GET
H2 200 lounge.bundle.106faac21c6c76e0298d1a260d46eaf3.js
c.disquscdn.com/next/embed/ 0
119 KB 81ms
38ms Other
application/javascript 2600:9000:2190:d200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.106faac21c6c76e0298d1a260d46eaf3.js

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:d200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 18:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 769277
x-cache: Hit from cloudfront
content-length: 120690
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 20 Jul 2021 18:26:52 GMT
server: nginx
etag: "60f7156c-1d772"
content-type: application/javascript; charset=utf-8
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
expires: Wed, 20 Jul 2022 18:46:12 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: exLkg1JAeFpXhEYHcuTXUJ41BT2WbymphdduL7bkxsH3XZY46tduKw==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
12 KB 105ms
31ms Other
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:29 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 20
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12171
X-XSS-Protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 55ms
18ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.govinfosecurity.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 16:27:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 55ms
18ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.govinfosecurity.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 16:27:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 234 KB
25 KB 155ms
153ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4277878547404435&correlator=341959567867271&output=ldjh&impl=fifs&eid=31061843%2C20211866&vrg=2021072403&ptt=17&sc=1&sfv=1-0-38&ecs=20210729&iu_parts=4444691%2CGIS_TOP_728x90%2CGIS_MID_RB_300x250%2CGIS_MID_RB_2_300x250%2CGIS_MID_RB_3_300x250%2CGIS_MID_RB_300x600%2CGIS_MID_L_180x150%2CGIS_MID_R_180x150%2CGIS_MID2_L_180x150%2CGIS_MID2_R_180x150%2CGIS_TEXT_1%2CGIS_TEXT_2%2CGIS_BOTTOM_728x90%2CGIS_MID_728x90%2CGIS_Interstitial%2CGIS_TOP_320x50%2CGIS_BOTTOM_320x50%2CGIS_MID_320x50%2CGIS_CAT_LOGO&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15%2C%2F0%2F16%2C%2F0%2F17%2C%2F0%2F18&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250%2C300x600%2C180x150%2C180x150%2C180x150%2C180x150%2C280x70%2C280x70%2C728x90%2C728x90%2C640x480%2C320x50%2C320x50%2C320x50%2C216x54&cust_params=category%3D%255B416%252C409%252C410%252C467%252C476%255D%26gated%3Dn&cookie_enabled=1&bc=31&abxe=1&lmt=1627576050&dt=1627576050092&dlt=1627576047215&idt=2749&frm=20&biw=1600&bih=1200&oid=3&adxs=615%2C1025%2C1025%2C-9%2C1010%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C15%2C-9%2C-12245933%2C-12245933%2C-12245933%2C-9%2C-12245933&adys=71%2C582%2C3180%2C-9%2C1867%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C4576%2C-9%2C-12245933%2C-12245933%2C-12245933%2C-9%2C-12245933&adks=1490298058%2C1697196133%2C776991843%2C3537290986%2C15771768%2C2237021215%2C367286997%2C1105490374%2C245841164%2C3961929838%2C1709081091%2C2434423582%2C2225906923%2C1263608855%2C3908970764%2C591082252%2C2396260454%2C3467190630&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.govinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&vis=1&dmc=8&scr_x=0&scr_y=0&psz=800x1%7C360x0%7C360x0%7C0x-1%7C390x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x1%7C0x-1%7C0x-1%7C0x0%7C0x0%7C0x-1%7C780x4217&msz=770x0%7C360x1%7C360x1%7C0x-1%7C390x1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1570x0%7C0x-1%7C0x-1%7C0x0%7C0x0%7C0x-1%7C236x36&ga_vid=1435811443.1627576050&ga_sid=1627576050&ga_hid=1522392585&ga_fc=false&fws=0%2C0%2C0%2C2%2C0%2C2%2C2%2C2%2C2%2C2%2C2%2C0%2C2%2C644%2C128%2C128%2C2%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1600%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C-1%7C2%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C3%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8547b7d24b9032c021adadd0442a17daff20d350bdceaaff36189ed57bd27408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25735
x-xss-protection: 0
google-lineitem-id: 5736341475,5736341475,5736341475,5720595536,5736341475,-2,-2,-2,-2,-2,-2,5736341475,5736341475,5745313804,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138355545518,138355545227,138356188435,138352206448,138355545515,-2,-2,-2,-2,-2,-2,138355564632,138356188312,138357002955,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.govinfosecurity.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f3e6a9158a21d21127dcd302a7a41058.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8FD5 6 KB
3 KB 59ms
13ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f3e6a9158a21d21127dcd302a7a41058.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f3e6a9158a21d21127dcd302a7a41058.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.govinfosecurity.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.govinfosecurity.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 29 Jul 2021 16:27:30 GMT
expires: Fri, 29 Jul 2022 16:27:30 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 4D73 7 KB
4 KB 156ms
155ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&t_d=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&t_t=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&s_o=default

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4314b315ef6c210a73499e7b3d52ae40675a3bd7e155832855117577f947880f

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.govinfosecurity.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.govinfosecurity.com/

Response headers

Connection: keep-alive
Content-Length: 2769
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Mon, 26 Jul 2021 17:30:43 GMT
ETag: W/"lounge:view:8672837985.e38238ecec1a8f9d0393a20e7859a707.2"
Referrer-Policy: no-referrer-when-downgrade
Content-Encoding: gzip
Date: Thu, 29 Jul 2021 16:27:30 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 62 B
572 B 51ms
51ms Script
application/javascript 54.229.143.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=57819&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.govinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&pv=1627576050150_m31xnm9xh&bl=en-us&cb=2934720&return=&ht=&d=&dc=&si=1627576050150_m31xnm9xh&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?2962021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.143.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-143-145.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jul 2021 16:27:29 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 147
Expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ 20 B
482 B 480ms
187ms Script
application/javascript 54.198.5.108
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=2962021
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?2962021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.198.5.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-5-108.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:30 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Fri, 30 Jul 2021 16:27:30 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 352D 0
0 71ms
66ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5H9ON5tiuvgxH9KP5QLdqefDxYx4b7Ap9KjxP9TiIUVcbR0lxmf9Z-IrDPgFQNYjwpc2KiMCzXBqxGVxFSqO7Z5eRq0XxSJBxDf6t_--J4CavN0Vcgm8Vsws8eiiAwDw9XKtbUt66sQCSb50C-FxIE9RkBQBLvkT2qh6P3F6pJ5DQv4G_EzT1zkSICrPiJWFzDN0xl_RJoDgptVZXykg_kaAJlXHhM1YHxaiPAjF7KiWoff6kCjIuWKa0iBgU8apxMLr1lT2pV1grMnEoTMEnBokyNsEtrS6VNukNGE8SgmrkiG_dRISZIu0vhAWvhw&sai=AMfl-YSVIqe0TmQSwvkZj7Mc_nCcrj6fMZTQVjmzKSL0vb4L8pqKrzDmytWke4lscmFN76kGETS3jJEz_rPQZ5McQOk3pUqNYPY7pOOozVaQG61uemWXSwqd_yFBgkw0_So&sig=Cg0ArKJSzMndC3901Qb_EAE&adurl=

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 16:27:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 16:27:30 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/ Frame 352D 18 KB
8 KB 57ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Aug 2021 16:24:54 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/ Frame 352D 2 KB
2 KB 55ms
5ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Aug 2021 16:21:13 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 352D 124 KB
37 KB 41ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:30 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Thu, 29 Jul 2021 16:27:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 352D 0
0 20ms
13ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRcawKL6D2Z4HH3g4QhoJ8tBuFHVjoEwGgQAD4hmZ5injQavkXCMKG0N0hbGhTMjmmg9kZO3W-ZcSsH29l_Utmac45t7w
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 12911655748575787545
tpc.googlesyndication.com/simgad/ Frame 352D 72 KB
72 KB 60ms
11ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12911655748575787545

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3ecaedf89bef82e9cc1ef23caca08d267775a30a66a429c0ec359e059d61308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 16:26:35 GMT
x-content-type-options: nosniff
age: 172855
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73462
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 16:53:25 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 16:26:35 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DBEE 0
0 69ms
65ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIbzu2oQ4KKB_ipYAUQ2okSALuVDRoBzd5kPcofrIW5_J0nV64yKkIiu-l8Q5Skt8h8UEjDKxqLnlkSG9XX5g6MrN1_KZdslml7m50tYzqUkOd6tSxOMbHv3A_ShVdRuPpt4Zx_tS85PedQA4JcmTe-PN4uu18690JivZOd2ss1NQqimCQ8ktkZrSE7EDzrnMgcd5aE9iAOz_dEIdH1w_VqpxXmxXRDahhExe842kV4FB_tBV3si5Zi8SVH3tEs29ImfGefbLcW-Kbn8c41wondO-XYA0op4k2YyZeFNOYZgUzroSEBIIviBCI8UiYeAxzuzY&sai=AMfl-YS5Qzm64n6ijxMZNpToXXFzCl4Yjv0o-_2bQm_EwyhkGAJLUk84NLQBqdnP5sf35KE5UKAplXfFC_9x0mayRu45nX6zl5gdA9-XiBOts-hmQYJktXxVwPBsegIOuEM&sig=Cg0ArKJSzAweRICHc8BvEAE&adurl=

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 16:27:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 16:27:30 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/ Frame DBEE 18 KB
7 KB 59ms
14ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Aug 2021 16:24:54 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/ Frame DBEE 2 KB
1 KB 50ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Aug 2021 16:21:13 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DBEE 124 KB
37 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:30 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Thu, 29 Jul 2021 16:27:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DBEE 0
0 15ms
13ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQNJwegdhsR_LXG_HjEvd80QSOEe8FhcgxDbOjGfcm9k09izMVgq__63sxG751QbsHpCVs-yytU33HXWd8ciL_yiensRA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 17182337868012714017
tpc.googlesyndication.com/simgad/ Frame DBEE 85 KB
85 KB 63ms
20ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17182337868012714017

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faf560bb91cc36ce7b530313cbf705ed6d3b8ea513b29fd32dbb28f97736ede9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 16:26:35 GMT
x-content-type-options: nosniff
age: 172855
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86801
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 16:53:25 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 16:26:35 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

727d06f38b813004baa0b6a9c96c24e2bce04b7be4c05f9486499f4250f9a772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:30 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298829912756"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Thu, 29 Jul 2021 16:27:30 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame EE5E 0
0 67ms
67ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2LR23UWnMCHirCtgiI9LkBAw6ZLgf0wUipuuDosVIhm5g4lyojG79FRWrDxWGIAZECPpVoSAA2i50NiIu_gqORlExsh-KOs_sfrDazukq09YHwGRSZO1gqhXvb_HYAldi97nykT7ZVZ5Fg3iAkehrEtgR8BJj7DCXgpwd15F-UYSrSOguQuNjIeZxob9_gtKDeOnkqsa-zbsq8iOaBYioo9tKgr9DgFUXPmH3wWOVg6qmSymsU9M0omuaScYX1CXegy8jWzDg-eBLFsTwbhfxCC5IU-rxMBtl4_shaL6qT3m4X97NPtOOXUE-QxMWBYV3RwqP_Q&sai=AMfl-YTuizuAtDu231FOd05v5xA0APJVcucyMj3d08U_KKrDrKKMrMFeceTp9G5cYKRhkpAo6OGYlLmmzEPDaA9Rm8wUSQHN8BQBP9xvHEI-qi352eMBAgn1nS8IQmPX8Ps&sig=Cg0ArKJSzMAmp5QqJz2REAE&adurl=

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 16:27:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 17182337868012714017
tpc.googlesyndication.com/simgad/ Frame EE5E 85 KB
85 KB 22ms
19ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17182337868012714017

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faf560bb91cc36ce7b530313cbf705ed6d3b8ea513b29fd32dbb28f97736ede9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 16:26:35 GMT
x-content-type-options: nosniff
age: 172855
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86801
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 16:53:25 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 16:26:35 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/ Frame EE5E 18 KB
7 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Aug 2021 16:24:54 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/ Frame EE5E 2 KB
1 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Aug 2021 16:23:45 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE5E 124 KB
37 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:30 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Thu, 29 Jul 2021 16:27:30 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 82C4 0
0 98ms
64ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXeBdAjoNl6_YuuQm5sXnFqUuzwfNx7VIjfTVVl-s32UnUMT1EK2TzJk-unkLgYJFv3hKNEqGbg_w70XYwATkk2uLIbjVTnk7DJ6BkuSqRuWKZrXbpfx_VpNCFBUUnfTXl_7rf7wYv6OMxyx__pBw8v7ysmShmCES_1rkfn2ZHOjS0DZjzyF3_GZFJC0EYCD-WtoaG7P4hU53wKinGBeQCxPsadGm7sads-J__LG8e7VkMGKKKmx9Jw_Nsh-CHM_rZ97bVkoF_T3Y3qszQe2SKy9l-Z9rTjHQ9fpRKyHJgEFXoLJaprtar5WedYf3KRYJfCl4&sai=AMfl-YQ4QaEl1FkyhZ2ickQwctrVURWiHzsuQiAOKNRbnhyVEL4rDppZs0DJJXkKk0Dh9kCstVbK8uYg8KdQxCz06XBmGPPQ6Ftd8MaYQSOpsk6Ue8KeUJKIEnEj73g-7Aw&sig=Cg0ArKJSzJZUT0AVgsboEAE&adurl=

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 16:27:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/ Frame 82C4 18 KB
7 KB 17ms
12ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Aug 2021 16:24:54 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/ Frame 82C4 2 KB
1 KB 38ms
25ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Aug 2021 16:23:45 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 82C4 124 KB
37 KB 35ms
23ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:30 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Thu, 29 Jul 2021 16:27:30 GMT

GET
H3-29 200 14685068103610242859
tpc.googlesyndication.com/simgad/ Frame 82C4 114 KB
114 KB 60ms
10ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14685068103610242859

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fff2d98a39f2a8bc97391481b68f50e5b19ffc9361c36325633ed4b194ace46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 16:26:35 GMT
x-content-type-options: nosniff
age: 172855
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116791
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 16:53:25 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 16:26:35 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0A90 0
0 95ms
69ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLMYr6fXlm2xZkgYNuEo01c3Vx3x1cSH9VQU2MrKQZEKsG-s6LXNgR6P_L2rBzS7UrRAgqBmATQSz2i6m8J9VlntAGp81yfo33PKam-Ogyr1TeAiT5dNh4QFNVRdB8j6uDiqkp6KRTmBWiTAu_dq2t5eDWyNp0i64IROJG6bEm9bk5la7Oe9K3DlBnSPP2f6waj5LZa9p-Qo_jijgDUm34b8AeeUOcNCL3unpvirn6p8GWdRyWNSLPcBSWEp62v6TLMaZSJKNKgQcxkkI-iv-OHLLIyT3Rj1Mxam22qNuPgmJWE5FiXSvY5kiquewxZIwAwg&sai=AMfl-YQ5_PX-h4apq_OQZZk9tIQSgGtqxsRaMS8JXF__PGuTSeBije4s5CP3oXdqTuCAQXaYkCodILKA2ZmrjE200-2yt6S-2nhYOsjyPx2U1FwNUui-y23fC5EpRbodB4Y&sig=Cg0ArKJSzB3siQrTAEBpEAE&adurl=

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 16:27:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/ Frame 0A90 18 KB
7 KB 32ms
16ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Aug 2021 16:24:54 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/ Frame 0A90 2 KB
1 KB 43ms
27ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Aug 2021 16:23:45 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0A90 124 KB
37 KB 33ms
17ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:30 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Thu, 29 Jul 2021 16:27:30 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 0A90 0
0 61ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQXUSZKeN1twp3qI-2XcvnEajgrJsVVsxoOr6xccWh7CHL3adsvl92Xq94iOC6zoiVkcs_dgyJOZseVSRmkY4zpxCswUw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 9420736926166999060
tpc.googlesyndication.com/simgad/ Frame 0A90 63 KB
63 KB 58ms
11ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9420736926166999060

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5693b4857546df0ae967d1c0c392c146dc2cec9eb909d830df16120575a21e20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 16:26:35 GMT
x-content-type-options: nosniff
age: 172855
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64013
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 16:53:25 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 16:26:35 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B429 0
0 83ms
58ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTd-eBC7s42it556-JZZEg97HgPb3FbsAHec4kYVgs-UsgaP2PwTzSnolBjgDcl-bikcIgt5wy-gW1ASfK5hGnmsiG58jZww1Un0goPJc2Oe2cSSNucKcNiLHLLJkUNrvq_QZLEimIp42OPjpIAcHPRo6Eug4INy1NRmF_l3DjQchqfmU3wVrUMtjpNEda1Rg0nw0Dmxv-P2vivvd7ZcA5gC34yuYLsoVKTHdwhbbuCZJII9XlkBNfFgau8weMwShOyNqABrhCUsAAAPnpYqCtztEpM7X10xUHvKS2CDs3sTwIE8MeyJS_eU2kOeoJAzCQ&sai=AMfl-YTciYqxXWXwNR3f4mpHermU-K7tsEdZeB0m2JAJ_wymevC6WrA68Zfk7rc0oysfht0vD5f5dpR5SlPcfhLpMwnlfntrrWmw_AlIRtfkO-ZtkfE9VX_MfF43x4gMQpI&sig=Cg0ArKJSzKh4baZPiHVSEAE&adurl=

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 16:27:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/ Frame B429 18 KB
7 KB 19ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Aug 2021 16:24:54 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/ Frame B429 2 KB
1 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210727/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Aug 2021 16:23:45 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B429 124 KB
37 KB 23ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:30 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298817379074"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38160
x-xss-protection: 0
expires: Thu, 29 Jul 2021 16:27:30 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame B429 0
0 40ms
15ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTySrdTwpkd1Di7R7VE-ijsM1DY_GN5FKMgBwYQPBlJEBMn9sawLZRDxQBrwaC0pmZLDwx8Ae6C-lhF7HvDkxEVFQ6v3A
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 3770395993772824261
tpc.googlesyndication.com/simgad/ Frame B429 167 KB
167 KB 39ms
13ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3770395993772824261

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b3491b1ad7c0e78c7e513769f6f5a478b444e10a8df3ad8fc4c619fc68b1ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 08:44:14 GMT
x-content-type-options: nosniff
age: 27796
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170709
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 16:55:22 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 08:44:14 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 352D 0
0 73ms
72ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVsPggryQ3ClGNDGUZ6HAHUu54Sqp85COFnO2RCbpm9yuFcUFuDmvKgPpmtGFiVOChRD2PtULbUaNCjj3NLWzsKs9HGFz-UpNOAFu2-QxOjEvGiNuL4ak4goub6nqSUlyRf7V2BnEputTGYaw5EGxLdKAeo3SGMvM6Rh8nA6xLVJtfAklGIeLSFed3JtiAgIZ8wMS0TBvIqCPtWU1Gy1wTN31C8cH-nwmTSemOp5EaoBO0I3WZSy02kudJx67CesdDb4KzHOSj5cYYb3XYTCx8pLR4VQBqmyeqnhErSjBTQrkFOVMbxh6nRylPhRERyo0-&sai=AMfl-YSWtfoInNDhBYc98PWVv61klX-a6BBPjJFlSnGmw3unOkRZRzNMoj1sanRXzVheXehovXo7SgIw1ksn5HhxdUm5zDBH3CJNHETecGKFbzTWj9VoblLUQ19ILAIVnSM&sig=Cg0ArKJSzM4M2bBIiBj3EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 16:27:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 16:27:30 GMT

GET
DATA 200
OK truncated
/ Frame 352D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0113b7bde5eb001694045a1e4b6fb3bd42b81571c095a86c3531b9cf1e98bdfd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DBEE 0
0 66ms
65ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstn9PvxKjCKLSVt38ezGPvoHr7w3G_7gAFdWkFVLi2AaoeL7hDROiPlqFfEhimu6LrA51_Aj6QNH_Xg1BcL2D2Y8GOlZZK36WrmHJtKetUlnSHhdrG5NXmKId5Qc7-q1RSEU7XVNRROaP8L1JG95fQ-UBlv3FlnyGCGP2fLC-xhM1UvOChUCB1FVthYX5A0zNtPak1LvO8hQn1bWkMEnFRDDy1BTagxbw5bnIpbRCHPZGtqL9gicCjBwx6w0Pc0dqwmVi-Bvt9_sL9AcebJq46by98gwIbyIWBLyOMB2uXvlcM_MIup8TPaSAJBhEo4Ap7a6lYFiA&sai=AMfl-YQM22KPYSp7Sce0327eC28NkA49B3uPuzPfLrsYfkmyKy-3bhKm7HnysJaiv2oNu1H5oA4AAGsPzBCiTpmbVMCLchNk6ZNXo-wOOZHg-NN02aGnTGQaF4skgK7H6kw&sig=Cg0ArKJSzENWQF3xcD-sEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 16:27:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 16:27:30 GMT

GET
DATA 200
OK truncated
/ Frame DBEE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d572ca0e284fe7cf080b76d1e94f9b37a5b5bc95b02e1ed0fc42765db83c673

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0A90 0
0 85ms
84ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQa6Pu3M4sLsKkTMScrHD4BXiwpDofdmC4ZfrZCqPlOmAlixRW7hucfbqhuEbdz9B6wekfX9YJuIi4nl1EBiRiDIYXt5h241j-rUzyqo6YHwAdQ8gcSUFnj-BmhnQLurLB-qWU0FsqnqT515KxqWdMYEZubeIarQDL0oYgZBSot7Lj7npcTVV6HmQjK3gS5XrUJrEgL4ATnlU7PCshfWmclGT0anjTZONxAKojxGeJLtWeJK3SzRU3FgokjlFZJU8K3EQWj8RMAQOKUMZI-e5A9Vj92vwa-8Ow0lwshYUg6tCRxfsRzL7Q6sYOa1hOjiuDGMUY&sai=AMfl-YT9wVS7WEktbI7bVtkMGIom5HatevVyIdEr0f-gQ7cIVrdcmf6ajUuRe7XjzPDr4RwkkrdER3OI4FCIKoTu2BPGUq0fV3dYzUe9i-EfCLvI3_iz79_REd8l5I8NM7Y&sig=Cg0ArKJSzIzl2bdbWMvPEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 16:27:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 16:27:31 GMT

GET
DATA 200
OK truncated
/ Frame 0A90 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a36db901b54b209706816e965c0aea6784b36db5256e233dd6798251c3b56dbb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 82C4 0
0 64ms
63ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcCkgoR7DVN7nnHCDxTvzRpPdDEHl5WLNb1Y9-6SdXNm9aQqGFDp0lht9Pcrdp7OvQVZRujigqBdTzUFH4mU2n0YmIARUVif_hD9CTwkcwoH2y98Qxplh-08jWEUnUuemrF0-bYhvUu5B6psr5ol6NNShObli-yQrFQ6_hbTrWWLwscGSIV7vNFgDuVTfwPyhTJ5MRPZFbxQfqXTbxVuXv5DZ1ApenSGQp0XoaDkSuXQsn3YxI-SE3a4DlAD15Ripwxm77n1UKxsBlLfHHPIlQg7Bb-Wuq6yTs6OzWdVaNgsSZ02R2shF6P6mFiHgj0wm7JxQKUw&sai=AMfl-YSjcRwlhNjpehGY--O06S2ISdroZJAFE0YXTMVw5DKnJwFWmnI5RNn0s2cMbS0PXV6xuIaUM7sNLIaNc5oCZ2O2aQ_mCK1N-QrbpoJERvtQ4ymHNVLNrhhiI8p72oU&sig=Cg0ArKJSzAIBYltNd8N7EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 16:27:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 16:27:31 GMT

GET
DATA 200
OK truncated
/ Frame 82C4 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a919ea35c6c07a695efd9982b58807c2c46feb1d4438a69fc125215b311df5a1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame EE5E 0
0 67ms
64ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUOMxKBQKIFdAtYsZWlYGBvTvRVbqf3VtE_uf-7MBAqe4DQcBqLF3JzB2d7yqFf9Yj7A_Kg1kslWG0JzOVfa65CvF9jfKNGf324NBZnzrWDZ_9qdePNuBWjPUQeEKFudBo5nV_syeB3gbGXCrR-fBZtjdwbPbqZoxnIcpkV5PbqxKwtWUsRMkcnrs10mVvzT94ndSFW6VkPpwux3jNUfa1RCDPrix1jgkC29Olk9MvSm3H_OZjKYXEcRQqsFxwmY3WvOFMFmP-k_Rj-RyPR0ouLuuDgN6mPFDBMAY8RhoHqWOskNZM_uKlWrC-XYEGoQur8tbNFVWs&sai=AMfl-YRPzlrT7Qkv4wppLz5-n1uLK2xAyUtkkKJxQSRKXt_tCVrGZ1tbDELhJ093B_a5wiyyRQNaUhWIx8bK1ub29jy9e3Xz3hI7HuW6LxUGUp8QEXIoNiaVgFSG310jAqE&sig=Cg0ArKJSzOpPq0DKaXdMEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 16:27:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 16:27:31 GMT

GET
DATA 200
OK truncated
/ Frame EE5E 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28365c29e5ecd2d05d951cbf8f94e6f7e2802e56f7105c748a5d6f573a04e713

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B429 0
0 70ms
69ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPwdG-I-tfmVtftfJNZk1FzSE6kN8POb4jLLIGWWjaaJmdFQzqR5B5wIq-QpMgW9IGvynUSfPn_p4-EOJzsfEVce5hRFtdDzmo8uxq-zfoIlHcJegi1XetSG-X3IBH-n6VxVtiftsCH07TATOnIVBAdLGi6qgR_4dK2StOvHGW5z_x9s0vSIUGMUtjq4F8VOzAanxiikGS7bpwe1zwipAyArF8BRq-TeNAWAraAAsQ3j6RuM5DzEKIBdYNBLbdnqCXV76qa7d_oTq1uuUtI9w3yu30kcehe9tUocdAYa1y9ayVL8PtH3YKLB9FVLt-huVW1Ls&sai=AMfl-YTvimFawU6vCxJ-LOLzH6j-e6cMVbHqNIcWmDdnS5z6ieR6k9PpwnXxhtuIISicOj_qAkp2XQp8Bjk1aAAZvOixYVDdPMM8fOUTSlXA7NUGNd-a5qnC2yx0Co3kEt4&sig=Cg0ArKJSzDgUDfMYJXJWEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 16:27:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 29 Jul 2021 16:27:31 GMT

GET
H2 200 lounge.load.7302391be467f75d298eac65b5cfa2cc.js Show response
c.disquscdn.com/next/embed/ Frame 4D73 1 KB
1 KB 39ms
11ms Script
application/javascript 2600:9000:2190:d200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.7302391be467f75d298eac65b5cfa2cc.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&t_d=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&t_t=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:d200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

aa9ee4c2caf4f0c4054f1da752a01fec1ff1a656983327b69a75c3c0b63ef270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&t_d=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&t_t=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 18:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 769278
x-cache: Hit from cloudfront
content-length: 534
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 20 Jul 2021 18:26:52 GMT
server: nginx
etag: "60f7156c-216"
content-type: application/javascript; charset=utf-8
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
expires: Wed, 20 Jul 2022 18:46:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: NUGdXrFGdR8nGWdqY4zcKHp7raNICQZ1qcv15JuqrNtdN6hBOXclIA==
x-cache-hits: 0

GET
H2 200 common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js Show response
c.disquscdn.com/next/embed/ Frame 4D73 282 KB
93 KB 14ms
14ms Script
application/javascript 2600:9000:2190:d200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.7302391be467f75d298eac65b5cfa2cc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:d200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

443211c7845e0012dea1dfe8cda1ce659e7fef3c7b5af2b470704ed8186945c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&t_d=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&t_t=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 20:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 850818
x-cache: Hit from cloudfront
content-length: 94790
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 19 Jul 2021 19:39:06 GMT
server: nginx
etag: "60f5d4da-17246"
content-type: application/javascript; charset=utf-8
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
expires: Tue, 19 Jul 2022 20:07:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: IFKRNdAV7LjryUwxHcknmuZIgxsFADagTtObQojiQsQm6XIW8wSq-w==
x-cache-hits: 0

GET
H2 200 lounge.e16bb81d3982e913e07bd7f31be71a6c.css
c.disquscdn.com/next/embed/styles/ Frame 4D73 163 KB
26 KB 17ms
16ms Stylesheet
text/css 2600:9000:2190:d200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:d200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2df50c8c00e4f9f84fc1506798291ba26c73f181154596d3f2d6209978d6bc51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&t_d=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&t_t=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 19:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1458384
x-cache: Hit from cloudfront
content-length: 25871
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 08 Jul 2021 22:07:43 GMT
server: nginx
etag: "60e7772f-650f"
content-type: text/css; charset=utf-8
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
expires: Tue, 12 Jul 2022 19:21:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: UDYBO94yAYXpnqKxBmNXUtp-S4YR22ErtvYcNhaSxjLJBB7AP6aK_g==
x-cache-hits: 0

GET
H2 200 lounge.bundle.106faac21c6c76e0298d1a260d46eaf3.js Show response
c.disquscdn.com/next/embed/ Frame 4D73 468 KB
119 KB 13ms
12ms Script
application/javascript 2600:9000:2190:d200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.106faac21c6c76e0298d1a260d46eaf3.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:d200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

bd3479f3c97c6aa3b27aaaae6eb5407fbdc64a942d876db9fbbb08ce06ad63d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&t_d=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&t_t=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 18:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 769279
x-cache: Hit from cloudfront
content-length: 120690
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 20 Jul 2021 18:26:52 GMT
server: nginx
etag: "60f7156c-1d772"
content-type: application/javascript; charset=utf-8
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
expires: Wed, 20 Jul 2022 18:46:12 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: Lh1Ru1OAzQZAxeeS65ETBjQsmjtmvUM8hBCjgh00RdQ-4JlXPMIlaQ==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 4D73 12 KB
12 KB 31ms
30ms Script
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

afe589efee16e4e0fac361657e77f458e40646e192447a97305a16b0d0cca468

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&t_d=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&t_t=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:31 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 22
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12171
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 4D73 3 KB
3 KB 33ms
31ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=bankinfosecurity&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f240d586e74895b22de006060bba95e64133c30807cf62ef70dc915df82a9af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&t_d=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&t_t=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&s_o=default
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:31 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 25
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3123
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK threadDetails.json Show response
disqus.com/api/3.0/embed/ Frame 4D73 36 B
419 B 133ms
132ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/embed/threadDetails.json?thread=8672837985&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

89f4889eebc36f4ad79abb20ba84c4e8b0dac9bce1c0dfbe779ac8d5022572bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&t_d=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&t_t=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&s_o=default
X-Requested-With: XMLHttpRequest
X-Disqus-Publisher-API-Key: kgLGW0evKY3stsTyDzF6Uv5Etlrt7MzZ7AWQESkvyZPev49GJCrbtByseVYlfQj6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Disqus-Remote-Auth: W10= cfe76aa41d2459a2c4d36789fc461ed0a27be570 1627576046

Response headers

Date: Thu, 29 Jul 2021 16:27:31 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 36
X-XSS-Protection: 1; mode=block

GET
H2 200 noavatar92.png
a.disquscdn.com/1624570071/images/ Frame 4D73 2 KB
2 KB 356ms
63ms Image
image/png 151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1624570071/images/noavatar92.png

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&t_d=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&t_t=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:31 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 1918547
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: image/png
content-length: 1644
x-amz-cf-id: PbMVeM2iWmudwIaI31RBJmSVugFre_LpJLL2G4ilL6tNFDLra-hEMw==
expires: Fri, 06 Aug 2021 11:31:45 GMT

GET
H/1.1 200
OK disqus-sso-login.png
www.govinfosecurity.com/images/ Frame 4D73 4 KB
4 KB 157ms
157ms Image
image/png 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.govinfosecurity.com/images/disqus-sso-login.png

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

c15d7c72b50d4cad5e7a1fcbd75c78ded4c75eaf3ec382783a1903f88e6db1cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&t_d=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&t_t=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&s_o=default
Connection: keep-alive
Referer: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&t_d=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&t_t=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:31 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 3979

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 4D73 13 KB
13 KB 12ms
12ms Image
image/svg+xml 2600:9000:2190:d200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:d200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 7955390
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: hkwgcQO6gF6TcnJVxVoW4EOmDE_vnc1BzO0YH5AYnLGk4hODP_L2vw==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 4D73 3 KB
3 KB 12ms
11ms Image
image/gif 2600:9000:2190:d200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:d200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:58:07 GMT
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 15247764
x-cache: Hit from cloudfront
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 27 Jan 2021 17:23:07 GMT
server: nginx
etag: "6011a17b-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:58:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 2KSVb7Q4OTMhtkGT7fyKc8_UAC_0W5sKUQLWWAgsvgO_M8ZqY5F11g==
x-cache-hits: 0

GET
H2 200 sprite.654110a9206fd22f08cca0798e34a65e.png
c.disquscdn.com/next/embed/assets/img/ Frame 4D73 2 KB
2 KB 12ms
12ms Image
image/png 2600:9000:2190:d200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.654110a9206fd22f08cca0798e34a65e.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:d200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 10:47:19 GMT
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 4167612
x-cache: Hit from cloudfront
content-length: 1862
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 10 Jun 2021 21:33:44 GMT
server: nginx
etag: "60c28538-746"
content-type: image/png
access-control-allow-origin: *
expires: Sat, 11 Jun 2022 10:47:19 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: NWlqSMlJ6iGMm4yJXBPTEG3TtRwYLT9kkL2ev7bP3PkF67WB_JWvcw==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 4D73 8 KB
8 KB 13ms
12ms Font
application/octet-stream 2600:9000:2190:d200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:d200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:33 GMT
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 7457157
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Wed, 04 May 2022 09:01:33 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: OOzcCXNAH_bxJwwxUQ-G_jf9Agii7N74oYQI_iSFRh7R2ONEA4ep6g==
x-cache-hits: 0

GET
H/1.1 200
OK / Show response
glitter.services.disqus.com/urls/ Frame 4D73 457 B
767 B 305ms
157ms Script
application/javascript 151.101.12.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://glitter.services.disqus.com/urls/?callback=dsqGlitterResponseHandler&forum_shortname=bankinfosecurity&thread_id=8672837985&referer=

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

8be8aa8a565d001e59ddf64d4bde905c254d73de3a23c196ec0a06390e14a041

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&t_d=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&t_t=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: openresty
X-Frame-Options: DENY
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: no-cache
transfer-encoding: chunked
X-Service: glitter
Content-Disposition: attachment; filename=f.txt
Strict-Transport-Security: max-age=300; includeSubdomains
Vary: Accept-Encoding, Cookie

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 4D73 13 KB
13 KB 12ms
11ms Image
image/svg+xml 2600:9000:2190:d200:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:d200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 7955390
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 3L61tBcfCHwQSXOaqGyCZwfW1j3OIAwKJTgkqelLPORrT-Pquv3gOw==
x-cache-hits: 0

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 4D73 43 B
295 B 253ms
140ms Image
image/gif 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=310&event=init_embed&thread=8672837985&forum=bankinfosecurity&forum_id=1538940&imp=70ba5uij0r4lu&prev_imp&thread_slug=attackers_rely_on_exotic_languages_for_malware_creation&user_type=anon&referrer=https%3A%2F%2Fwww.govinfosecurity.com%2F&theme=next&dnt=0&tracking_enabled=1&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&t_d=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&t_t=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:32 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 352D 42 B
518 B 35ms
14ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvi9ZIULm3ETIPX1NTVp7QjbGBheBJEghPNEbvUJsyaqISTBB640hCqAwNt4TBd3LStVTtybhdNBh2mLdBnbt4xEy-OPKxGjZgWF5jT_e5fIz8JD_E-&sig=Cg0ArKJSzDBqppwirm4lEAE&id=lidar2&mcvt=1000&p=71,636,161,1364&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210726&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1490298058&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627576050538&rpt=712&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 16:27:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DBEE 42 B
108 B 34ms
18ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssphJTGbcI962wW6sMs0qOH0L-EJoWnes7urztUlMe3nHQIL8PzbSgKpwM28_2xnxjoZnCX5bJDj2LxRo419KgQKoTAXOGG03cYOKBYvBrMPBE3REhG&sig=Cg0ArKJSzOpcpgGzMR6LEAE&id=lidar2&mcvt=1001&p=587,1040,837,1340&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210726&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1697196133&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627576050545&rpt=716&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 16:27:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.html Show response
live.rezync.com/ Frame DC74 507 B
1 KB 226ms
170ms Document
text/html 13.224.96.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c70ba62f1cjc7n6&pctry=CH&referrer=https%3A%2F%2Fwww.govinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-52.zrh50.r.cloudfront.net
Software: lighttpd/1.4.33 /
Resource Hash: 0a9d3a538bb010e79a3e36585488bed047616f300611abf36d10b0d09d5aae64

Request headers

:method: GET
:authority: live.rezync.com
:scheme: https
:path: /pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c70ba62f1cjc7n6&pctry=CH&referrer=https%3A%2F%2Fwww.govinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&t_d=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&t_t=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&t_d=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&t_t=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&s_o=default

Response headers

content-type: text/html; charset=utf-8
content-length: 507
date: Thu, 29 Jul 2021 16:27:32 GMT
server: lighttpd/1.4.33
set-cookie: zync-uuid=767353da-0340-4c02-ac48-f0d48f2c0ec2:1627576052.27; Domain=rezync.com; Expires=Tue, 25-Jan-2022 09:27:32 GMT; Path=/; SameSite=None; Secure sd-session-id=.eJwVi0ELgjAYQP9KfGcP00BB6FBpEfStSyF6EZ2ztnKVm4gT_3vr9h68N0P54X1XKa4MxKYfuAfsJZxpiGdohP4OjoBFpK7CoPWZZJEKYfFAc63FW5Wi-Zer2lXU5mu0N1scU4MJEtwTktvtdM4OkiZ3U8jdkyaPDjsciwyni0wDlMx330ivp8HxBpblB7wTMiI.E-RodA.yvg-2iLjMnUxYiA5KRX82tbC6Lo; Expires=Tue, 25-Jan-2022 16:27:32 GMT; HttpOnly; Path=/; SameSite=None; Secure
x-cache: Miss from cloudfront
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: ZilIPF2in_da6rjPProJjKzEmlii_D6Bq5LkQ49ejHWmLLVIMyqNYg==

GET
H2

200

pixel
fcmatch.youtube.com/ Frame 837C
Redirect Chain

https://ejp.rlcdn.com/501709.html
https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCPSti4gGEgUI6AcQAEIASgA
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwVWNLZHJuaGU1bHNUWTVtck5EUVYxRlUzYjJxRXFKRWFiU2l5REl6N2NKUQ==&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwVWNLZHJuaGU1bHNUWTVtck5EUVYxRlUzYjJxRXFKRWFiU2l5REl6N2NKUQ==&google_cm=&google_tc=
https://fcmatch.google.com/pixel?google_gm=AMnCDorNpTbws-0ZkjPTqABxtFavlW6ocGM1-0yniSGMBdifk_FpfBEmn6C_wE2wydi3_RR0baf57xOLFzwyGwMdlu34EDVUId9cYKGcKV1D5Kge3sEzuWpkcRPeAwFWpV_FutgGZuT4bHgrCKgNeoWYRs...
https://fcmatch.youtube.com/pixel?google_gm=AMnCDorNpTbws-0ZkjPTqABxtFavlW6ocGM1-0yniSGMBdifk_FpfBEmn6C_wE2wydi3_RR0baf57xOLFzwyGwMdlu34EDVUId9cYKGcKV1D5Kge3sEzuWpkcRPeAwFWpV_FutgGZuT4bHgrCKgNeoWYR...

0
0

34ms
14ms

Document
image/png

2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDorNpTbws-0ZkjPTqABxtFavlW6ocGM1-0yniSGMBdifk_FpfBEmn6C_wE2wydi3_RR0baf57xOLFzwyGwMdlu34EDVUId9cYKGcKV1D5Kge3sEzuWpkcRPeAwFWpV_FutgGZuT4bHgrCKgNeoWYRsfeWaVytQ

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:method: GET
:authority: fcmatch.youtube.com
:scheme: https
:path: /pixel?google_gm=AMnCDorNpTbws-0ZkjPTqABxtFavlW6ocGM1-0yniSGMBdifk_FpfBEmn6C_wE2wydi3_RR0baf57xOLFzwyGwMdlu34EDVUId9cYKGcKV1D5Kge3sEzuWpkcRPeAwFWpV_FutgGZuT4bHgrCKgNeoWYRsfeWaVytQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&t_d=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&t_t=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&t_d=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&t_t=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&s_o=default

Response headers

content-type: image/png
date: Thu, 29 Jul 2021 16:27:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDorNpTbws-0ZkjPTqABxtFavlW6ocGM1-0yniSGMBdifk_FpfBEmn6C_wE2wydi3_RR0baf57xOLFzwyGwMdlu34EDVUId9cYKGcKV1D5Kge3sEzuWpkcRPeAwFWpV_FutgGZuT4bHgrCKgNeoWYRsfeWaVytQ
date: Thu, 29 Jul 2021 16:27:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 403
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

/
io.narrative.io/ Frame 4D73
Redirect Chain

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac70ba62f1cjc7n6&ret=img&ref=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142
https://io.narrative.io/?io.narrative.guid.v2=dfefc2b0-f089-11eb-a833-0aa6849ebafd&companyId=19&id=disqus_id%3Ac70ba62f1cjc7n6&ret=img&ref=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on...

35 B
319 B

53ms
53ms

Image
image/gif

34.255.110.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.narrative.io/?io.narrative.guid.v2=dfefc2b0-f089-11eb-a833-0aa6849ebafd&companyId=19&id=disqus_id%3Ac70ba62f1cjc7n6&ret=img&ref=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.110.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-110-255.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&t_d=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&t_t=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:32 GMT
Cache-Control: no-cache
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Redirect headers

Location: https://io.narrative.io/?io.narrative.guid.v2=dfefc2b0-f089-11eb-a833-0aa6849ebafd&companyId=19&id=disqus_id%3Ac70ba62f1cjc7n6&ret=img&ref=https%3A%2F%2Fwww.bankinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142
Date: Thu, 29 Jul 2021 16:27:32 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0

GET
H2

200

52154.gif
idsync.rlcdn.com/ Frame DC74
Redirect Chain

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=9101034011554319966
https://p.rfihub.com/cm?pub=39342&in=1&userid=767353da-0340-4c02-ac48-f0d48f2c0ec2%3A1627576052.27&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc70ba62f1cjc7n6
https://idsync.rlcdn.com/501709.gif?partner_uid=c70ba62f1cjc7n6
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=9101034011554319966

42 B
316 B

40ms
34ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=9101034011554319966
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c70ba62f1cjc7n6&pctry=CH&referrer=https%3A%2F%2Fwww.govinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 16:27:32 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

Pragma: no-cache
Date: Thu, 29 Jul 2021 16:27:32 GMT
X-Proxy-Origin: 217.138.203.164; 217.138.203.164; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4a905648-56df-4173-8c46-d9f22e888eb4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=9101034011554319966
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame DC74
Redirect Chain

https://p.rfihub.com/cm?pub=39342&in=1&userid=767353da-0340-4c02-ac48-f0d48f2c0ec2%3A1627576052.27&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab...
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1871316022003905597
https://idsync.rlcdn.com/501709.gif?partner_uid=c70ba62f1cjc7n6
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESECluy8K7MAHu0TIH3E01rDs&google_cver=1

42 B
327 B

37ms
36ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESECluy8K7MAHu0TIH3E01rDs&google_cver=1
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c70ba62f1cjc7n6&pctry=CH&referrer=https%3A%2F%2Fwww.govinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 16:27:32 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 29 Jul 2021 16:27:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESECluy8K7MAHu0TIH3E01rDs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bis-hdr.desktop.r2.js Show response
www.govinfosecurity.com/javascripts-responsive/ 2 KB
979 B 149ms
149ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.govinfosecurity.com/javascripts-responsive/bis-hdr.desktop.r2.js

Requested by

Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 , United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

a952a44375a3d8c869e96f85505fcbae076f4226021f08676a1b4627152252d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.govinfosecurity.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Connection: keep-alive
Referer: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 16:27:32 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 595

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 17ms
17ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072403&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0220c3518bb225a027681eb6177b836b39b3f1551db537ede847796925b110f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 16:27:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8530
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B429 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94b36a36e3a501e72ceecef512625cd7ccf586bbf4bb7eec5f1797280f865c59

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 up.js Show response
cdn01.basis.net/assets/ 2 KB
1 KB 567ms
186ms Script
application/javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.basis.net/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5W6LPF
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: AC1.1 /
Resource Hash: 5bdf1120c4df8c868092d0bcb7f2540a85456fd94cd1e1a5570c9b63906b1a5b

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:33 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 15:06:26 GMT
server: AC1.1
age: 285821
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1044
x-llid: fd13d6b88d95f1826bc547840b410787

GET
H2

204

64ead273d1f41aa7
pixel.sitescout.com/iap/
Redirect Chain

https://pixel-a.basis.net/iap/64ead273d1f41aa7
https://pixel.sitescout.com/iap/64ead273d1f41aa7
https://pixel.sitescout.com/iap/64ead273d1f41aa7?cookieQ=1

0
341 B

56ms
56ms

Image
text/plain

66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/64ead273d1f41aa7?cookieQ=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 16:27:32 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/iap/64ead273d1f41aa7?cookieQ=1
date: Thu, 29 Jul 2021 16:27:32 GMT
server: AC1.1
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
200 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1522392585&t=timing&_s=3&dl=https%3A%2F%2Fwww.govinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&ul=en-us&de=UTF-8&dt=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=7024&pdt=143&dns=0&rrt=436&srt=255&tcp=437&dit=3216&clt=3216&_gst=3210&_gbt=3858&_u=IEDAAEABAAAAAC~&jid=553366194&gjid=1699066836&cid=1435811443.1627576050&tid=UA-212197-7&_gid=198610742.1627576050&_r=1&z=565744626

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 16:27:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.govinfosecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1522392585&t=timing&_s=2&dl=https%3A%2F%2Fwww.govinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142&ul=en-us&de=UTF-8&dt=Attackers%20Rely%20on%20%27Exotic%27%20Languages%20for%20Malware%20Creation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=7024&pdt=143&dns=0&rrt=436&srt=255&tcp=437&dit=3216&clt=3216&_gst=3210&_gbt=3858&_u=IEDAAEABAAAAAC~&jid=248178499&gjid=483286540&cid=1435811443.1627576050&tid=UA-212197-36&_gid=198610742.1627576050&_r=1&z=1737274462

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 16:27:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.govinfosecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072403.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 29 Jul 2021 16:27:32 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-212197-7&cid=1435811443.1627576050&jid=553366194&gjid=1699066836&_gid=198610742.1627576050&_u=IEDAAEABAAAAAC~&z=951347194

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 29 Jul 2021 16:27:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.govinfosecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-212197-36&cid=1435811443.1627576050&jid=248178499&gjid=483286540&_gid=198610742.1627576050&_u=IEDAAEABAAAAAC~&z=66898468

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 29 Jul 2021 16:27:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.govinfosecurity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3540 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.govinfosecurity.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.govinfosecurity.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 29 Jul 2021 16:22:18 GMT
expires: Fri, 29 Jul 2022 16:22:18 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 314
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6146 783 B
829 B 16ms
15ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ff3064e909605a6115842bec12f707a6bf52a29eb99cdc615fb8960b8f0e722e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CZiMcPFnRuruhyLuEyHr8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.govinfosecurity.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.govinfosecurity.com/

Response headers

expires: Thu, 29 Jul 2021 16:27:32 GMT
date: Thu, 29 Jul 2021 16:27:32 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-CZiMcPFnRuruhyLuEyHr8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3540 35 KB
13 KB 24ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7hxA_QHVtJoFMtElcP81jTEK2mU4ZuLJ84ICjnnObI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb87103f40756d26814cb4495c3fcd634c42b6994e19b8b27ce080a39e739b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 21:33:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13261
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Jul 2022 21:33:44 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072403&jk=4277878547404435&bg=!NTalNnLNAAals0SOpbM7ACkAdvg8WsKRv4Y5ATJIvjxdn1yrWbXje3JBCyZ49fpq_bswGUighIPvtQIAAACPUgAAAA1oAQcKAJSM_Jmk1O8KgYnTapihh2bRShctsh7ujCSPNV5MMBy7HvLtyjN5M6Ov-YrxprCFL2MzAk7FARBymiqEa6EQhh0vGcouVy7ptVc4BotXKFEWHTyX4Ym9muPtrmjZVneIr9P6ooD-66kCFYIPU6igEVLGlbT7EjElTKq_Tst250LCBfQcsj0iP-ROmSyMENICK5TTvTIpmQKGkNhnW8v_QwNgXthD8LfWp4fv-J0I9AK5fnGHeakDNUmbG8BlIg_BcDAZGIjl0Vyfqpl0jJ-rLUNABtc3lLk1E3hrsZ0vleGVDGbHUcBqte11fOJDxBEAQlo4UIKhjU7CXQgmWroOkvbUrA0i44Avr2dO-vowSvKrb4vvjg9tpLQ7_rtOECY_LycaEVn-_-FYiY-Z0MuxHlBilUUDMJKOLXxt1amUD62rROO7Z07Pk_MomPJvXy-Bf_wmrqIviS_uDMoPQdcS_EWfIoWN8Hk6_gPsc1rZTd-cgovd4wSywlqb_V-1Khv3wsNw7kEUr97ubUl4b_QNmI5l9lZv9XnMIAOTtAKd-bofq5gUc3p-BlOhG21doPT_RXi4n1QDctd-HwFPLKD0hswyQR-bpuwwE79M_cXkpEN6nRo7YpHw9QdLDPhD13aHQO6mGib5y76Rqlku2W5KPPwfXfp9gjQHtjhh37NkrMrB5QlH5vEag61p7Ksj4v_N8UvopbimvPu9jVgfIWhHmhH6I6nxDqb7aubAzkxz6ZFsjQN7__nijUaFc7UG8AsnSiyM5UN9Ss7Sc2pzuHnzKbGDc0VBWK04cGRjO9AkimCms62upivEIpuDO4kU2JAqPvgN2g62F1BodiX5lU8_I5j-u0xWj0-oy2LThRs0dAduOmO_FCUORi4cLd37wIqyndg-GYo4F4BPwPu0GYD4dLmNoOZik_cFGl7b3jPAZ8A13WZCb1-ibD6yCQMy33k-fJlY9Fc6rAMFbgksHvruyDY4ELiVCGcw2Cef5RMfVKvFd_kshQw0TD0wituEGpY8XYpF31FyJszQb6paAjs25KuItbte8XvQGkgjrXvFRA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 16:27:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 asyncPixelSync Show response
pixel.sitescout.com/dmp/ Frame 8379 1 KB
2 KB 50ms
49ms Document
text/html 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.govinfosecurity.com
URL: https://www.govinfosecurity.com/attackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: 6b7bfe2b28ac8fbaf3e44588fc4d0575207e826d45647172fdbaa92de7ad6d8e

Request headers

:method: GET
:authority: pixel.sitescout.com
:scheme: https
:path: /dmp/asyncPixelSync
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.govinfosecurity.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ssi=59b6e270-e65c-49e2-a95d-e82779e7acfc#1627576053196
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.govinfosecurity.com/

Response headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
set-cookie: ssi=59b6e270-e65c-49e2-a95d-e82779e7acfc#1627576053196; Domain=.sitescout.com; Expires=Fri, 29-Jul-2022 16:27:33 GMT; Path=/; Secure; SameSite=None _ssuma=eyIzNCI6MTYyNzU3NjA1MzUyMiwiMiI6MTYyNzU3NjA1MzUyMiwiNCI6MTYyNzU3NjA1MzUyMiwiMzkiOjE2Mjc1NzYwNTM1MjIsIjciOjE2Mjc1NzYwNTM1MjJ9; Domain=.sitescout.com; Expires=Sat, 28-Aug-2021 16:27:33 GMT; Path=/; Secure; SameSite=None
content-type: text/html;charset=UTF-8
content-length: 1139
date: Thu, 29 Jul 2021 16:27:33 GMT
server: AC1.1

GET
H2 200 dabbb58b17f5118e
pixel.sitescout.com/up/ 43 B
417 B 52ms
51ms Image
image/gif 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/dabbb58b17f5118e?cntr_url=https%3A%2F%2Fwww.govinfosecurity.com%2Fattackers-rely-on-exotic-languages-for-malware-creation-a-17142
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 16:27:32 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-type: image/gif
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 8379
Redirect Chain

https://dpm.demdex.net/ibs:dpid=82530&dpuuid=59b6e270-e65c-49e2-a95d-e82779e7acfc-6102d6f5-4348&gdpr=0&gdpr_consent=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=59b6e270-e65c-49e2-a95d-e82779e7acfc-6102d6f5-4348&gdpr=0&gdpr_consent=

42 B
958 B

64ms
62ms

Image
image/gif

52.49.107.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=59b6e270-e65c-49e2-a95d-e82779e7acfc-6102d6f5-4348&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.107.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v012-0c7f2393d.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: eqG89GVnQtU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v012-0cc960d1b.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: kr/sswE6Qvg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=59b6e270-e65c-49e2-a95d-e82779e7acfc-6102d6f5-4348&gdpr=0&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 8379
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=59b6e270-e65c-49e2-a95d-e82779e7acfc-6102d6f5-4348
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=59b6e270-e65c-49e2-a95d-e82779e7acfc-6102d6f5-4348

95 B
426 B

41ms
39ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=59b6e270-e65c-49e2-a95d-e82779e7acfc-6102d6f5-4348

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:33 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=59b6e270-e65c-49e2-a95d-e82779e7acfc-6102d6f5-4348
date: Thu, 29 Jul 2021 16:27:33 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 204 /
loadm.exelator.com/load/ Frame 8379 0
324 B 162ms
53ms Image
text/plain 54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=59b6e270-e65c-49e2-a95d-e82779e7acfc-6102d6f5-4348&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 16:27:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2 200 um
sync.teads.tv/ Frame 8379 23 B
287 B 134ms
57ms Image
image/gif 184.31.88.106
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=73&uid=59b6e270-e65c-49e2-a95d-e82779e7acfc-6102d6f5-4348&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.88.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-88-106.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 16:27:33 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 29 Jul 2021 16:27:33 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

GET
H2

200

tpid=59b6e270-e65c-49e2-a95d-e82779e7acfc-6102d6f5-4348
bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/ Frame 8379
Redirect Chain

https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=59b6e270-e65c-49e2-a95d-e82779e7acfc-6102d6f5-4348
https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=59b6e270-e65c-49e2-a95d-e82779e7acfc-6102d6f5-4348

49 B
264 B

55ms
54ms

Image
image/gif

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=59b6e270-e65c-49e2-a95d-e82779e7acfc-6102d6f5-4348
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 16:27:33 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.15.82
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 29 Jul 2021 16:27:33 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=59b6e270-e65c-49e2-a95d-e82779e7acfc-6102d6f5-4348
cache-control: no-cache
x-server: 10.45.9.140
content-length: 0
expires: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B429 42 B
64 B 48ms
47ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6_UvOmVLE3haYigN5231JJKrt-R9lIp3dKo6mR4gcYus6eYS_a6l9G9aHEKsBQQREaoZ5hlJxiWqOXn6eaiD0-m8CsdRQRA-LtDInT73f1dLWxZjY&sig=Cg0ArKJSzN9fm_ZBGeI_EAE&id=lidar2&mcvt=1000&p=181,480,661,1120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210726&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1263608855&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627576050723&rpt=609&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.govinfosecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Jul 2021 16:27:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com
URL: https://f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ondemand-preview-w-255.mp4

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			live.rezync.com/	1970-01-20 00:25:28	Name: sd-session-id Value: .eJwVi0ELgjAYQP9KfGcP00BB6FBpEfStSyF6EZ2ztnKVm4gT_3vr9h68N0P54X1XKa4MxKYfuAfsJZxpiGdohP4OjoBFpK7CoPWZZJEKYfFAc63FW5Wi-Zer2lXU5mu0N1scU4MJEtwTktvtdM4OkiZ3U8jdkyaPDjsciwyni0wDlMx330ivp8HxBpblB7wTMiI.E-RodA.yvg-2iLjMnUxYiA5KRX82tbC6Lo
			.rezync.com/	1970-01-20 00:25:02	Name: zync-uuid Value: 767353da-0340-4c02-ac48-f0d48f2c0ec2:1627576052.27

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://munchkin.marketo.net/160/munchkin.js(Line 22) Message: Munchkin.init("%s") options: 051-ZXI-237 [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com
a.disquscdn.com
adservice.google.com
adservice.google.de
bankinfosecurity.disqus.com
bcp.crwdcntrl.net
c.disquscdn.com
cdn01.basis.net
cm.g.doubleclick.net
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com
disqus.com
dpm.demdex.net
ejp.rlcdn.com
f3e6a9158a21d21127dcd302a7a41058.safeframe.googlesyndication.com
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
fonts.gstatic.com
glitter.services.disqus.com
ib.adnxs.com
idsync.rlcdn.com
in.ml314.com
io.narrative.io
live.rezync.com
loadm.exelator.com
ml314.com
munchkin.marketo.net
nexus.ensighten.com
p.rfihub.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel-a.basis.net
pixel.sitescout.com
pixel.tapad.com
px.ads.linkedin.com
px4.ads.linkedin.com
referrer.disqus.com
s7.addthis.com
securepubads.g.doubleclick.net
sjs.bizographics.com
stats.g.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
v1.addthisedge.com
worker.ismgcorp.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.govinfosecurity.com
www.linkedin.com
z.moatads.com
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com
104.130.251.6
108.174.10.14
13.224.96.52
142.250.184.226
151.101.12.134
151.101.12.64
151.101.14.49
151.101.192.134
172.217.16.130
178.79.242.16
18.197.253.20
184.30.24.121
184.31.88.106
185.33.220.241
193.0.160.129
2.18.233.88
2.18.235.40
23.45.104.85
2600:9000:2190:d200:6:8656:f5c0:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:800::2001
2a00:1450:4001:800::2003
2a00:1450:4001:801::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82f::200e
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9a
2a02:26f0:6c00:2af::3adf
34.255.110.255
35.227.248.159
35.244.174.68
50.56.167.254
52.208.103.128
52.49.107.116
54.198.5.108
54.229.143.145
54.78.254.47
66.155.71.25
0113b7bde5eb001694045a1e4b6fb3bd42b81571c095a86c3531b9cf1e98bdfd
0220c3518bb225a027681eb6177b836b39b3f1551db537ede847796925b110f4
026c5db877da222d2316bf1197b8947a96c7623d51a4d462c91bf927dece3429
043845795a60c1ec61fb7f83e4565743139b4dda3f20ee1fa26d2f9f1fdc0bd6
04d304d7ee49ac157f146382a46f02a666279bd7f29074f50e863b88f2affae9
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05cf16fa3a600d4f06e5a0738fa0c21c28726b5f989726e8afe1eee348a54d8d
06d32bacb149a5f695cdf265c8600ec7bd7ef806e74dc12858b9e9a40d3bc397
07d2e3bd017505f88698e8237afaaa73e8200ada50fd97185bfd72b22eacb3ec
0a9d3a538bb010e79a3e36585488bed047616f300611abf36d10b0d09d5aae64
0b3491b1ad7c0e78c7e513769f6f5a478b444e10a8df3ad8fc4c619fc68b1ff6
0bee57e2de6644c6b1d78c450389bfbaa4de968bb942ee7fb48b7df2d39b41e5
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
103f0c87f489a78f7f05f034d5f01557af884885357417d1626102966d017bf0
126d16a8991aa8d1ed69b13e49f309951d6d6a85d6fb1b9d5692a4c3dfda17e1
1383f61e2a1adaa70a05a930807cd1011ff1f27995d349568d7e929a7dfc1d25
172dc1853d10592cdf7933b278509cda2dbff7882358f74b897e7ede7f5f79b8
176bf34c69ad4b716195073e854bcb902e052f159870b34de9886245f48bec6c
17bd792b9177948d5256b32b74d9801898dd8bb86833811409ebd7d8288b6918
19f9682f95350f5a9f44af621ad8e643e3dc6e5caac267f897c391709563f9b6
1a0bbdba57f90a60fef89419fc940d8eae55c5b0d12ecbadde2beaef32ab2d90
1a8a0efd95056cd93e3e2b69a128c0cab77cfd732c3905d7b06c57bb10374dd7
1a94ec3c882740b5520aa5125fa321ca407e6124c700a90a41c8fec34ce56138
1edbdbe7dd4c59e2fef20ef8dc4615a18d116fdf43daf018dce46a93e6cb153e
20b553d235668204a66b9e68842ce9affd0fc856d239caee9e781bebf4b4d4b7
216e5c3467ffca143cc7de00e94c4a16aa028b6be7ad707a35d731b958c1796e
247d04c4d14c60a79c16245a74a792a662f9e7adf784d68edd4520a35ec90251
256a489beea4a14eca458f6e5436758f1fcb8dd34034d3c36dd21b22a5841f3b
264c5659549d0b381b7cdf6299a76e82f865984e4b09782f3c2947787227d107
28365c29e5ecd2d05d951cbf8f94e6f7e2802e56f7105c748a5d6f573a04e713
2a7a2572c61c280414d3c640b8df2e58da6d51810b669ea8c06c82207bec26c7
2df50c8c00e4f9f84fc1506798291ba26c73f181154596d3f2d6209978d6bc51
2e77f857d645528c414c68e9b9b12580429bf3d8c915ab5b0dee368bbff79750
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3059f92e36a564c5cbcedc195f764e3c55c8cf919c84129c5f202870e7026b61
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
378e1773698b5938e8009e8a9b8986b924adb0c2e636188da39164210b4f7b03
389b6f6152fe56f3d23a71961348f6912562e810a6e1943fa0a41534cf22e51c
3c46767972a870d1442744261a73fdf737307800231b2d09e363a40372f691bb
3ccdbd448e726da8ccc935db4bcb95d904f8d1dcaa23d63475fd4bba5249c68e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fede2d0c0a8c93b0c5d0ab0c38289a5743bb88720255b8298c520d2e3d90939
4179815331b1b050e45da1ccf1d1a8cb50904e1cbb92228b32d55d545d4aaf7c
4211834953959b9f34f04ff5d7c66232a827c9a6e86a28d3ac87359d67b260fd
4314b315ef6c210a73499e7b3d52ae40675a3bd7e155832855117577f947880f
437f09cad118b977665bd32d3cfe448e946ff9c54f0246753f1979252474157f
443211c7845e0012dea1dfe8cda1ce659e7fef3c7b5af2b470704ed8186945c0
44391ed08160fabba8e6680a1d197982535a6dc7d341e9e2683f3290b6be5b1f
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4c57a77761f2639985b760e69c5bbaffceb6100559dcf3296d3cc96ea6a0d305
4c92262ff23b2116bad93fc1e36f1a597dc713ad8b3cd03d56f8e49bec4cb186
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
4e038124df0c30dc173fff44912f119f3318f93197f082bb98cddacd2e1e2e00
4e2db1bef009e01901b4083a153f1607301428277a76f508e659dc2849cefa04
4e7304371ef9bcaea396e8928a9647f8306c296b9195c8763848d70c7f6f1390
4f78bdcea170d447280c479ebaef5c8525ab171cdc918406db827f1f07fd6caa
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fff2d98a39f2a8bc97391481b68f50e5b19ffc9361c36325633ed4b194ace46
5133e2e1a213ca44a8adb1f42f103a2d2e495849dfa4d42bf67c04fcc962e577
523f5196a2aff08aed1204bb2a4d3a8705dad3bae87e964d89464d827b715b30
5693b4857546df0ae967d1c0c392c146dc2cec9eb909d830df16120575a21e20
59b3977909a7c2bcc00e8a0d0a57eb71df8b242e9d00c73de601b0adee1b7759
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5bdf1120c4df8c868092d0bcb7f2540a85456fd94cd1e1a5570c9b63906b1a5b
615098ce6182b61506f5b1f56a90822fccff4ccf2127715074894ee4d9eb316c
6223b2c109c05820bf8c234dfa1b60e799a424c28480f455b965e10d3b1d8927
6278efa234b160faa6c393cedaf2bf813f7dcee8b61e61499bc2f0dc2831054d
6311d25f9e3c662ff21c595541d79908d20c613da012ec2448bd1df00fd4cd33
65073abdf7f60ea3781b2fa83a71f67fe9a62ea3dd46e2d61383496243fbc43b
69278fe35261286939e10f3832f461f9bf6addf267ffe0134e26be3d313dbd7d
6b7bfe2b28ac8fbaf3e44588fc4d0575207e826d45647172fdbaa92de7ad6d8e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d572ca0e284fe7cf080b76d1e94f9b37a5b5bc95b02e1ed0fc42765db83c673
6d746f76a0030d3a8f2159934f173eb66433e91bec4507a90d01b1e24d9db562
6e6e6a03e72a528c28884b50bf296425667f38dd0aaf1dd17ce89199ffc85271
6ec9288103b5919c36e28909faf04364cdf19cf7687e234663d0d9daab65a3c0
727d06f38b813004baa0b6a9c96c24e2bce04b7be4c05f9486499f4250f9a772
75948ae6925f81864df2fe98620ba764c91b536e177e6efe810550966f9706c0
76a852b386ea5b109659b7ab8cb868776964805cf395e277fce009fd95acf8a0
77c36fad51d04a56e55d1d454094c4312c3b11443f42b456c3f5082d66696be1
78cf63898c91ce3b95e37bc53e07adba5c2ee705ff28c2dd1dd784173c264ad1
79514142569a1d9b7625448a1a32c90aa95f468df252c3bbe69dce07a6e1294c
7c9e72fed9f647684a0437f185bf4ed620de7b49f236453256716b639ac56f04
7cf9de703df302399230af4bec8005e4f79b0c7187863eef78f5b740942b1b70
7d0bada0d9b66aa1ca8eb906bb9736ca96e3859e9c05287a8f0cf5ffa9ff8760
7ee596b76772ac1263c57b05c3d05329db5e875cbcec8e917047b5d221fbb1c3
7ff5b98c09ec9d2af43d4108160ea0455f91f415f83031cc79fbe24a3a765bb8
8008e3fd85605a0c9134a124f1b189a3959d1276cad1078cdf71a3193add14e9
8036e893559287b0a9982f4476fc16208c7b98a0b0b73622085a1d7a35a62270
81fcc30623f9165f74d4f32b5aa2f382f14ef0d7e31273ce70037513dc6ea808
82278cf6922511881fe499fa75dbb036ee171da12bc061b1c5498f03f14d341b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d7caca28152596dd6372037924ed2932050e1b124671a8b17c8e9b0f4a495e
84c53683047ffcc4f5c2a4310dc7ddbccdd82bd022e8506492827f9e6af957da
8547b7d24b9032c021adadd0442a17daff20d350bdceaaff36189ed57bd27408
88a83e46f1ee21591f113b400d53776dfecf5fdae68cecedb55de80a06078c6f
897c7522965f4c1daf7181c1685acd97a69a8ff0bb049ce36ec52deeaee950a3
89f4889eebc36f4ad79abb20ba84c4e8b0dac9bce1c0dfbe779ac8d5022572bd
8bc7f122cae9e9efd75cd58076d06fb057d8f50abf07ffc1716e17d87682b9cf
8be8aa8a565d001e59ddf64d4bde905c254d73de3a23c196ec0a06390e14a041
8db7ba46b7b41448bc97004217237b7e89feba9f171f6617e8ea091f3968feaf
9186ad0839410bf3d20f3c5b242b36027562baac85ffb8cba18b50b6e4d7945d
93f466f6b1a81c848140e51c839a5372034ab22182601e86dd86947ad3a7fe94
941e0d685396a4d3aaa9fc1dfa0ae69f6e72fda2cd37f22b227c02b99eb9ca08
94b36a36e3a501e72ceecef512625cd7ccf586bbf4bb7eec5f1797280f865c59
95d751a305a7addde5ff21b84c84ad791f1d2af816885ff0b00b03da6a2dac3a
97f75771c2315ddb861efbf1448276c7502a29832eacea69fc87fbcb40e46003
99f0cea6d5bacd8feafc9573735ba60065ae4dd0a08b917046376e55747f3dca
99fa5a280296b5fc7b63433ee121a359fc68c4a37f04a87d363e751164b96ff1
9ac4755b23fca19625a9eb941fd5a704abb72d194bd442e838606237a7bf4285
9b17ef8136ff4490261985a5fa3797823003fa9b6215927406320ffc6dd0454f
9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818
9c8bb391a723e088d163b560afa73f709c42a69df5647c4fefce9d16e4226895
9d4cb85558f6e7ae6b1e6ba21e4e62615bc8b6d87e6ea6deb343a67937512f0c
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a36db901b54b209706816e965c0aea6784b36db5256e233dd6798251c3b56dbb
a36e0ed9c26784d3e77e5688b055d1419247e748b87bc6295afd51feaa16d354
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4557b499d24fff14c8bf9510c1274f26a487043b97b367323134fde72088aab
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8ba536c913a797386c1d9243a9431d821639ef931ccf0ce344baf4edb7b8bfe
a919ea35c6c07a695efd9982b58807c2c46feb1d4438a69fc125215b311df5a1
a952a44375a3d8c869e96f85505fcbae076f4226021f08676a1b4627152252d0
aa9ee4c2caf4f0c4054f1da752a01fec1ff1a656983327b69a75c3c0b63ef270
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae3c472ff47a96820c1acdf9574b231a88f62a006b84d320eb313af40f32f2db
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed1d71b7280c09f06dc1f8e87795f9d89f7a1a8ab1af32ff8c92037ddeed6ee
afaa1d21b898b620f137781915565621fa6926dff02dcfa69bf9986ac4f2cba3
afe589efee16e4e0fac361657e77f458e40646e192447a97305a16b0d0cca468
affea135f6c0618a9056dd8976cf881522a5967cec71184adecc74299e76a6d9
b368f3616d7399dc2bafcd050ab4efe2fbed38128805e2bc0fda31bb57722958
b63391d0dda1c1833cb9ff52ae97bd9a547db83e228c92968f66431d1d31e187
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
ba45c4b9710b1386b82a4354f829ee2f201e70742a2e646ffbedfa889e43d41f
bbe0aa82dca8a36f677fb17025c3baa011d355bd7cb42d4aacea1b0265855d6e
bd3479f3c97c6aa3b27aaaae6eb5407fbdc64a942d876db9fbbb08ce06ad63d5
c15d7c72b50d4cad5e7a1fcbd75c78ded4c75eaf3ec382783a1903f88e6db1cf
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c47f11b814fc6f1e7dce6f7d94333aacc647cef2b6eaedeb273ca3a0fc662643
c6b49792885495c59727f16e625684256915a9ff99153362b79bdd0876623cee
c70242480ad0a0ecc7c305d659f1fdb3a9cb1eb480927b46f8bd62d33ed0f8b2
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
cada5637864008098963e6da662be4ca10da9f28604544f1f7ca64d7044f76b8
cbe43dc55d5f2ba122c9491e0fde758d380da483ba3381f30575263381b00347
cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee
cdce62618fd2a106a9f7293bd0bc944409cca92a2cdbaa86889d188b70dfd412
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb87103f40756d26814cb4495c3fcd634c42b6994e19b8b27ce080a39e739b2
d03bb95aabd87262b4f1107d21adf0a9ab6f6249d2668c9b52370dab9fe3e41f
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d21f1993edf096a3ce726f6ace4e754c9e864658cc32095c4d760d06c083ca61
d51200edbbab41dcb94dc000f55bb92d8c61e7b36cd7af374a3842e1ca1c4c5b
d9d1a2acf40b9ec510c473f9a067237815e6174df3aef2bfb4a7c120ab39eb0e
dd247b49b92229fab7ace2c4e8922898b864cb40afb9f7a9ced373cbcaa2d2db
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfe417d0a4b1572b16fdfe84bc72962bc26ab8121102e41e2b764887fe56ea8d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cd3496561d578b546c0bc39e94b64a825fcb9726da5b667099e75314565b8b
e3ecaedf89bef82e9cc1ef23caca08d267775a30a66a429c0ec359e059d61308
e51831d751ef667b1f703a47bb05802b681e6a30816f5cce0d56c3552a4eaa31
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e8f857b173fda432ba225c5360dcf9207495fc50a608d41b8977654fa66fc003
e972dd2c1c5cac0aa072cab322c8e093faf062f9af19e045108b83ed34624652
e988625f007b2e96b5f5796e7ae0619f5348c319851ddffc668c216ff5583a70
eb9ec684a7198fded61e248eaff2d28d0c9f8a15dfee8d9afff66aa6ff200461
eccabf5cc7613433c3ddc71ff34391ae850d304d3aceb5666868c4947134f3b5
eed95b442a60d4bae7404822c2b83e25a5f10f9d0d2d05281577e16b7ec317fd
eefc2533a82b69fab9b19b9e316bb606e70d17d61b57f9ea841b26c59624bc20
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f240d586e74895b22de006060bba95e64133c30807cf62ef70dc915df82a9af8
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f33472fb0529099b682dcc4b94104ea70cec2d79d8ecca8875754a39a6d227ea
f8df7dd0e3baca655de170f3eebe91162e317583ae37a0ba7036743f3d8809f8
faf560bb91cc36ce7b530313cbf705ed6d3b8ea513b29fd32dbb28f97736ede9
fbb1b698bdf6749ea3198bd81ab122eed3d21845c360d7058fa051ce38891318
fc14416973416fc7d956f3ff46d497eb028979aafc83c6acc11f6b2ef0741446
fc54c09a7a71615ec35a22ed20afa4034588986ed88c3fc184b2c0bc637c33fb
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fe0f3362f3b560e6d9d975f7a0898cb216dac638534f73d313373908cb90548b
feb6a4829cc0a55f2fed1d3aaceb83b52e6823f15c649c5ef1c14a7e86e4988b
ff3064e909605a6115842bec12f707a6bf52a29eb99cdc615fb8960b8f0e722e

www.govinfosecurity.com Open in urlscan Pro 50.56.167.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

238 Requests

100 %HTTPS

39 %IPv6

36 Domains

60 Subdomains

41 IPs

6 Countries

11426 kBTransfer

18048 kBSize

2 Cookies

66 Outgoing links

Page URL History

Redirected requests

238 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.govinfosecurity.com Open in urlscan Pro
50.56.167.254 Public Scan

Screenshot
Live screenshot

Full Image

238
Requests

100 %
HTTPS

39 %
IPv6

36
Domains

60
Subdomains

41
IPs

6
Countries

11426 kB
Transfer

18048 kB
Size

2
Cookies

238 HTTP transactions
6 data transactions