www.scmagazine.com Open in urlscan Pro
2606:4700:20::681a:3d7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cra.omeclk.com/portal/wts/ugmcnr-d7faqokyh7smceBwfn66tlrnT4khpx1a&data=04
Effective URL:
https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{...
Submission: On April 08 via api (April 8th 2021, 12:50:24 am UTC) from US

Summary HTTP 172 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 36 IPs in 5 countries across 24 domains to perform 172 HTTP transactions. The main IP is 2606:4700:20::681a:3d7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.scmagazine.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 13th 2020. Valid for: a year.

This is the only time www.scmagazine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	205.162.42.171 205.162.42.171	53866 (QTS-AS) (QTS-AS)
32	2606:4700:20:... 2606:4700:20::681a:3d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	204.180.130.159 204.180.130.159	53866 (QTS-AS) (QTS-AS)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	52.216.170.197 52.216.170.197	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 13	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.247.104.176 34.247.104.176	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	54.230.55.228 54.230.55.228	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 5	2606:4700:20:... 2606:4700:20::681a:623	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.192.210.6 54.192.210.6	16509 (AMAZON-02) (AMAZON-02)
1	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
2	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2 3	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
3	3.229.100.58 3.229.100.58	14618 (AMAZON-AES) (AMAZON-AES)
1	3.225.125.221 3.225.125.221	14618 (AMAZON-AES) (AMAZON-AES)
4	204.180.130.165 204.180.130.165	53866 (QTS-AS) (QTS-AS)
12	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	34.220.38.27 34.220.38.27	16509 (AMAZON-02) (AMAZON-02)
1	52.30.2.3 52.30.2.3	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:809::2006	15169 (GOOGLE) (GOOGLE)
172	36

1 205.162.42.171 (United States) 1 redirects

ASN53866 (QTS-AS, US)
PTR: omeclk.com

cra.omeclk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700:20::681a:3d7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.scmagazine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 204.180.130.159 (United States)

ASN53866 (QTS-AS, US)
PTR: my.omedastaging.com

olytics.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.216.170.197 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:216 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.247.104.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2d0e9248a28bc9933491521db2fbe69f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.55.228 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-55-228.ham50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:623 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

api.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-34-220-38-27.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.210.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-210-6.ham50.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:119:50e1:101::6cae:b25 (United States)

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.14 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.229.100.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-100-58.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.125.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-125-221.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.180.130.165 (United States)

ASN53866 (QTS-AS, US)

oqs.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.220.38.27 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-220-38-27.us-west-2.compute.amazonaws.com

v4-api-34-220-38-27.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.2.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-2-3.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	scmagazine.com www.scmagazine.com	680 KB
29	googlesyndication.com 2d0e9248a28bc9933491521db2fbe69f.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com ade.googlesyndication.com	332 KB
24	2mdn.net s0.2mdn.net	553 KB
19	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	167 KB
12	omeda.com olytics.omeda.com oqs.omeda.com	78 KB
8	google.com adservice.google.com www.google.com	2 KB
7	google.de adservice.google.de www.google.de	3 KB
7	googletagservices.com www.googletagservices.com	192 KB
6	b2c.com 1 redirects api.b2c.com api-34-220-38-27.b2c.com v4-api-34-220-38-27.b2c.com	8 KB
5	gstatic.com fonts.gstatic.com	67 KB
5	google-analytics.com www.google-analytics.com	55 KB
4	dpmsrv.com s.dpmsrv.com a.dpmsrv.com	40 KB
3	adnxs.com 2 redirects ib.adnxs.com	4 KB
3	ml314.com ml314.com in.ml314.com	14 KB
3	amazonaws.com s3.amazonaws.com	2 MB
2	adsrvr.org js.adsrvr.org insight.adsrvr.org	3 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	rlcdn.com idsync.rlcdn.com	66 B
1	linkedin.com px.ads.linkedin.com	561 B
1	licdn.com snap.licdn.com	2 KB
1	lytics.io c.lytics.io	676 B
1	crazyegg.com script.crazyegg.com
1	googletagmanager.com www.googletagmanager.com	52 KB
1	omeclk.com 1 redirects cra.omeclk.com	438 B
172	24

	Domain	Requested by
32	www.scmagazine.com	www.scmagazine.com
24	s0.2mdn.net	www.scmagazine.com s0.2mdn.net
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.scmagazine.com tpc.googlesyndication.com
13	securepubads.g.doubleclick.net	1 redirects www.googletagservices.com securepubads.g.doubleclick.net www.scmagazine.com
12	pagead2.googlesyndication.com	olytics.omeda.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	olytics.omeda.com	www.scmagazine.com olytics.omeda.com
7	www.googletagservices.com	www.scmagazine.com securepubads.g.doubleclick.net olytics.omeda.com
5	adservice.google.com	securepubads.g.doubleclick.net
5	adservice.google.de	securepubads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	api-34-220-38-27.b2c.com	1 redirects www.scmagazine.com api-34-220-38-27.b2c.com
4	oqs.omeda.com	olytics.omeda.com
3	ade.googlesyndication.com
3	googleads4.g.doubleclick.net	www.scmagazine.com
3	a.dpmsrv.com	www.scmagazine.com s.dpmsrv.com
3	ib.adnxs.com	2 redirects
3	www.google.com	www.scmagazine.com securepubads.g.doubleclick.net
3	s3.amazonaws.com	www.scmagazine.com
2	www.google.de	www.scmagazine.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	ml314.com	www.scmagazine.com ml314.com
2	fonts.googleapis.com	www.scmagazine.com
1	insight.adsrvr.org	js.adsrvr.org
1	v4-api-34-220-38-27.b2c.com
1	idsync.rlcdn.com	www.scmagazine.com
1	cm.g.doubleclick.net	1 redirects
1	in.ml314.com	ml314.com
1	px.ads.linkedin.com	www.scmagazine.com
1	s.dpmsrv.com	www.scmagazine.com
1	api.b2c.com	www.googletagmanager.com
1	snap.licdn.com	www.scmagazine.com
1	js.adsrvr.org	www.googletagmanager.com
1	2d0e9248a28bc9933491521db2fbe69f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	c.lytics.io	www.scmagazine.com
1	script.crazyegg.com	www.googletagmanager.com
1	www.googletagmanager.com	www.scmagazine.com
1	cra.omeclk.com	1 redirects
172	38

This site contains links to these domains. Also see Links.

Domain
www.parsintl.com
infosecworldusa.com
www.risksecconference.com
www.scmagazineuk.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
cyberrisk.dragonforms.com
events.cyberriskalliance.com
scawards.secure-platform.com
adclick.g.doubleclick.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-13` - `2021-08-13`	a year	crt.sh
*.omeda.com SSL.com RSA SSL subCA	`2020-07-31` - `2021-08-18`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.dpmsrv.com Amazon	`2020-06-15` - `2021-07-15`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.b2c.com R3	`2021-03-30` - `2021-06-28`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
Frame ID: 5234A77268CE06E92F4C4CE027F5FD71
Requests: 107 HTTP requests in this frame

Frame: data://truncated
Frame ID: EF38FEE6EE27117053FF364CCB52FCBA
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=znpsh7f&ref=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fmalware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7021H2676790F4R&upid=e4qkh98&upv=1.1.0
Frame ID: 84EFB1D4C9CAD4D1335620AF8ADACBE5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: D3D58022FFEA6B6A15741BBF79569F9E
Requests: 2 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv2cfXJnSF3P7qbNL7fL9WBIKW-TAMKpd3oRSWJXO0OrTw8i6ria9BS0IZN9VQVI0RN7YU_paLOxM5hcgbraglBvxKQiQr81nzPqJwf-zv0fR_9O2XJBYg8MAST2XbAqzEi719xbGpHtiLX0GRb4fzrB6uyHsrS4ZexRAer3k5bH4ao2tLyHAHhJoJvTvn4q8SWV1RdJXhxjitk_w5x9Gst3cCRPExdgKY2nl9WoswpgdLcqTLAA0_cxMFRzmKm7ajXoDuS7xnL0gdSky955uYaMYsLuRsRVapYKbZ7gU2akjnzVfB0KhZlLMd7INovzL1-JT6Q9-R8Vnx7vBM5XIFWDhkPRmT1SMvp0sOPg-IFxIMtMxHhvDkf8b4WcQ&sig=Cg0ArKJSzILF50N6QOGNEAE&urlfix=1&adurl=
Frame ID: 15E54048E29EA2D37E8F249F7770D95A
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5BC0A3BBF92460A0BEE9BDCA99019D6D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9460942/1616700290472/cybersecurity_is_about_to_change_728x90/cybersecurity_is_about_to_change_728x90.html
Frame ID: 1041D68DC71BDE441728768EC223EC66
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6YDtg3vW-Fv7vJRp3NgEOdEc1kPrTiyoC8eQRMTe4xdOYvGhQHBd0XgMM59y1ryJnHiDbe02VKxuSqxltjWKRh4QJlC8BSpeBBoM-WesE1pdMJbGANbGj5Q-LPaZupxuF2CLxexHOAitm2nP6OLVR4TuGxTV5DKwXIDiqdu1VtIX4XrKyqi8vDhuoWeRO0-AoQT75hcINngLdIJIyXkrdUynsqLLK5sU0-Cxg6yxz3CHgDECyDkf62fV3EmwFxSXh91QSfEBlKxObveMKbm0QiPvpaRV6hpiHO4-1tvF2Nohl&sig=Cg0ArKJSzF_qoYxTDTPJEAE&adurl=
Frame ID: 1CBB43F2D8A5F5FE6045DF26EBD34ECC
Requests: 8 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvp2BRC0h8UgZlHrsvg0qECbtKheP1T5nt72y_ykerEG9hUWlxPG7forSWdAGW9XlTAKSYedc7rLU7wWcSvcWgd74QPJA5HRW--vEgycodgXC4nmdINFgmUlPu-JDCwpDUGFvgkzH7p7DjNDtO4orYlLA_GteUoBMYob8D6eFYlbAxVddil-vv0wpib5iEcJFLsYCnaSMmbc3wPbDgx9l5oKcms-5ud941LJaefAwJmHJIgLZHrv3gF6Gnr-465R6hhchSSXYJ0zMdzphLtHtw-zZXLHS49YA-9ZCrkFKz7vQpbQ1e2pek6vXjznRGdud_KYy5bFUBIwPUnTld7HTOp1a-zJMC5Al0naA&sai=AMfl-YTjFaUn8EgE02w4EX8X_gGLXHMkvFVMJGRcj1GU4pRdjfsREy2TayTi846z5dn7cVPQ0xlD7vzdTyWC8q3AxsiVNOYDPfZbFUmwPvuDZNFuepBR0UJy7xhTsfD9bbI&sig=Cg0ArKJSzKHKagAelV3GEAE&urlfix=1&adurl=
Frame ID: 374BD57A4AD4016DF1579776C9CB75E4
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EFFE13CCB735660CDF07DD08AC1398BB
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9460942/1616700272229/cybersecurity_is_about_to_change_300x250/cybersecurity_is_about_to_change_300x250.html
Frame ID: FED1E8D720D2EE408CF9D624280ED469
Requests: 7 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsspI-bx8aDH0IQUWTO_Mkox6_vbhzG65HiYHthY4BEYl_gm_mjoKoNzzam6jgUiEyhqVtlr4d-yLGuCzhCXeZGSiKc76eaaqYkTz4-jNIgYRcRWZPyax6xIJgLcZX59nyrot0OMLqV81J1weWr5hIxgV0Bb-NG12IQwqISPsie0l4qdTO_2BjNRBqwyq3L9EkG0nof8Yf9N53y4l8yTc3HS_S1XTKWniGKfwrGqRh2DRj80hAYI5Mo1b7NpvRmJCLVbfTv667QPsC8opjSuxYM61sBS0D57WeMrktT-PkrLItlw5CLuAIChDe3BwdXe5d_bkEswxol5212Rc1lL4vwPNg0MpntnR6ipWNI93Qis6LI5IPe0BY_R&sig=Cg0ArKJSzFL_8pwOPBM1EAE&urlfix=1&adurl=
Frame ID: 816B19BAA86CCB4B7C0D73EDFA79CAA6
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FD0BD08D2BF1659F7A39E21C04BCD28C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9460942/1616700282237/cybersecurity_is_about_to_change_300x600/cybersecurity_is_about_to_change_300x600.html
Frame ID: 2B7233EE2DFB8C63FAE116A323BABC02
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://cra.omeclk.com/portal/wts/ugmcnr-d7faqokyh7smceBwfn66tlrnT4khpx1a&data=04 HTTP 302
https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campa... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Page Statistics

172
Requests

100 %
HTTPS

57 %
IPv6

24
Domains

38
Subdomains

36
IPs

5
Countries

3901 kB
Transfer

6860 kB
Size

10
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.parsintl.com/publication/sc/
Title: Licensing & Product Reviews

Search URL Search Domain Scan URL

URL: http://infosecworldusa.com/
Title: InfoSec World

Search URL Search Domain Scan URL

URL: https://www.risksecconference.com/
Title: RiskSec

Search URL Search Domain Scan URL

URL: https://www.scmagazineuk.com/
Title: SC UK

Search URL Search Domain Scan URL

URL: https://www.facebook.com/SCMag/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/scmagazine
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/scmediaus/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/SCMagazineUS
Title:

Search URL Search Domain Scan URL

URL: https://cyberrisk.dragonforms.com/loading.do?omedasite=SCM_newsletter
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://events.cyberriskalliance.com/risksec-2020
Title: RiskSec Conference

Search URL Search Domain Scan URL

URL: https://scawards.secure-platform.com/a/organizations/main/home
Title: SC Awards

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsu1DiqoKJMjrIasMYGyW77ayDZN8t8tCHWH7wObgvh9JxVJ0Xcvpb1YJgLfy31Jp_HgD-RO6EwvLymn8QsYNb_or6_1t6Mx-K9WfxeNjwH7I_jdRpFTNrGbkuxfRa6tTiqnxXp360jGkWavCag23umY1AwYN4ENtxuiHyLWCFfXgpI9tPdwXArEFebNYa_sPYeC2nMQujaDQxif6v_lt-5tMd_J2_Vn3d-zs7PcSs2A3LE1_tuiD4n5IyahxI0eu3InTFYo0g9m-kq2NEsj699zGL0VxzVg58E4hcAtI-8qVGY&sai=AMfl-YSOsoix2sr6BC5zYO4nFSIpfv10-t_oxvlEuSm89l5jLn5TZXErab--PRULbq1vkn6PfVYFwyDF_8LX_2X3Qg02x3HwOK7fIlMxezaoSBIR2PQt3u2aquPPkl4bvMM&sig=Cg0ArKJSzJZJG9K13TiVEAE&urlfix=1&adurl=https://www.scmagazine.com/webcast/ransomware-critical-components-of-an-incident-response-playbook-and-more/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cra.omeclk.com/portal/wts/ugmcnr-d7faqokyh7smceBwfn66tlrnT4khpx1a&data=04 HTTP 302
https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslM9gwgisTAWoyQch81N4dGLVUvyLRDueUwn6rV0zpv9z4RcNdrvbFi8Iy28o7sA8FK-X65gJkR5WD1YaWc8S3Y450HrRlkY01HcKtHxkA0lCJitsHQ2XK0czNPQqjO0ivTj2D8zm2nNSStXtNlG5OUrF2QvgwDpgzHzhpUqr9ce4J4SNQAXKK1nwixlUHPB_PxPmW8bA1OdjxNDlf3pLunSk75fzlyJDmaWKGg1sPj-oOKHZNTlrvMlq1YHZnXrTf-FE3wFm95U4HDifRB9Ip7WUOGwHlR_fWMya21DXWa2XB5ysFn8XtP-lK_fLCLJ6t4YDHj2KL2UyndW7qnmcEualK&sai=AMfl-YRTpGnl9anI4h0XSnyQR4NeDNrMZwkBx5k9XEC28ZgB0wRWCvhg2uQSnhGYywQKwvWZxwx2fntB7ypCjg4-zhKmyrWF0eyxrMd7U3JUXI-HQKCphdXS9TgyipgFZac&sig=Cg0ArKJSzIRj87yAcYGxEAE&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/4504971556335818773? HTTP 302
https://tpc.googlesyndication.com/simgad/4504971556335818773

Request Chain 69

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D1122%26pixelIndex%3D0%26r%3D216887%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.scmagazine.com%252Fhome%252Fsecurity-news%252Fmalware%252F%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DSCUS_Newswire_%257B%257B%252527now%252527%257Cdate%253A%252527%2525Y%2525m%2525d%252527%257D%257D%2526hmSubId%253D%257B%257Bcontact.cms_id_encrypted%257D%257D%2526email_hash%253D%257B%257Bcontact.email%257Cmd5%257D%257D%2526oly_enc_id%253D7021H2676790F4R&_=1617843004157 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D1122%2526pixelIndex%253D0%2526r%253D216887%2526tzOffset%253D-120%2526url%253Dhttps%25253A%25252F%25252Fwww.scmagazine.com%25252Fhome%25252Fsecurity-news%25252Fmalware%25252F%25253Futm_source%25253Dnewsletter%252526utm_medium%25253Demail%252526utm_campaign%25253DSCUS_Newswire_%25257B%25257B%25252527now%25252527%25257Cdate%25253A%25252527%252525Y%252525m%252525d%25252527%25257D%25257D%252526hmSubId%25253D%25257B%25257Bcontact.cms_id_encrypted%25257D%25257D%252526email_hash%25253D%25257B%25257Bcontact.email%25257Cmd5%25257D%25257D%252526oly_enc_id%25253D7021H2676790F4R%26_%3D1617843004157 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=5968168323394852307&q=xImp&v=1.x&cl=1122&pixelIndex=0&r=216887&tzOffset=-120&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fmalware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7021H2676790F4R&_=1617843004157

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=5968168323394852307&pixelIndex=0&_=1617843004158 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=5968168323394852307&pixelIndex=0&_=1617843004158&google_gid=CAESEGdhSO7zfbUOXzxuZ2baCjs&google_cver=1

Request Chain 82

https://api-34-220-38-27.b2c.com/api/x?NlOaPr0KhN3h84ay$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL21hbHdhcmUvP3V0bV9zb3VyY2U9bmV3c2xldHRlciZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jYW1wYWlnbj1TQ1VTX05ld3N3aXJlX3t7JTI3bm93JTI3fGRhdGU6JTI3JVklbSVkJTI3fX0maG1TdWJJZD17e2NvbnRhY3QuY21zX2lkX2VuY3J5cHRlZH19JmVtYWlsX2hhc2g9e3tjb250YWN0LmVtYWlsfG1kNX19Jm9seV9lbmNfaWQ9NzAyMUgyNjc2NzkwRjRSIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCQiLCJ2aWRlbyQwJDE2MDB4MTIwMHgyNCIsImZyYW1lJDAkMCIsImhpZGRlbiQwJDAiLCJ2aXNpYmlsaXR5U3RhdGUkMCR2aXNpYmxlIiwiaGFzRm9jdXMkMCQxIiwid2luZG93JDAkMTYwMHgxMjAwIiwicGl4ZWxyYXRpbyQwJDEiLCJpbm5lciQwJDE2MDB4MTIwMCIsIm91dGVyJDAkMTYwMHgxMjAwIiwibG9jYWxTdG9yYWdlJDAkRXJyb3I6IFR5cGVFcnJvcjogQ2Fubm90IHJlYWQgcHJvcGVydHkgJ3NldEl0ZW0nIG9mIG51bGwiLCJzZXNzaW9uU3RvcmFnZSQxJDEiLCJhcHBDb2RlTmFtZSQxJE1vemlsbGEiLCJhcHBOYW1lJDEkTmV0c2NhcGUiLCJhcHBWZXJzaW9uJDEkNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsImNvb2tpZUVuYWJsZWQkMSR0cnVlIiwiZG9Ob3RUcmFjayQxJCIsImhhcmR3YXJlQ29uY3VycmVuY3kkMSQxMiIsImxhbmd1YWdlJDEkZW4tVVMiLCJwbGF0Zm9ybSQxJExpbnV4IHg4Nl82NCIsInByb2R1Y3QkMSRHZWNrbyIsInByb2R1Y3RTdWIkMSQyMDAzMDEwNyIsInNlbmRCZWFjb24kMSQxIiwidXNlckFnZW50JDEkTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidmVuZG9yJDEkR29vZ2xlIEluYy4iLCJ2ZW5kb3JTdWIkMSQiLCJmb250cmVuZGVyJDgkMSIsIndlYmdsJDkkbi9hIiwidGltZSQ5JDE2MTc4NDMwMDQ0NzgiLCJ0aW1lem9uZSQ5JC0xMjAiLCJwbHVnaW5zJDkkTm9uZSIsIm1lbS10b3RhbEpTSGVhcFNpemUkOSQxMy40IiwibWVtLXVzZWRKU0hlYXBTaXplJDkkMTEuOSIsIm1lbS1qc0hlYXBTaXplTGltaXQkOSQzNzYwIiwidGltZS1mZXRjaFN0YXJ0JDkkNjY5IiwidGltZS1kb21haW5Mb29rdXBTdGFydCQ5JDY2OSIsInRpbWUtZG9tYWluTG9va3VwRW5kJDkkNjcwIiwidGltZS1jb25uZWN0U3RhcnQkOSQ2NzAiLCJ0aW1lLWNvbm5lY3RFbmQkOSQ2ODUiLCJ0aW1lLXNlY3VyZUNvbm5lY3Rpb25TdGFydCQ5JDY3NiIsInRpbWUtcmVxdWVzdFN0YXJ0JDkkNjg1IiwidGltZS1yZXNwb25zZVN0YXJ0JDkkMTA3MyIsInRpbWUtcmVzcG9uc2VFbmQkOSQxMDc3IiwidGltZS1kb21Mb2FkaW5nJDkkMTA3NiIsInRpbWUtZG9tSW50ZXJhY3RpdmUkOSQxOTMxIiwibmF2aWdhdGlvbi1yZWRpcmVjdENvdW50JDEwJDAiLCJuYXZpZ2F0aW9uLXR5cGUkMTAkbmF2aWdhdGUiLCJnbG9iYWxzLXRpbWUkMTYkMC41NiIsImdsb2JhbHMkMTYkMTNhYmNkMWYiLCJkb2N1bWVudC10aW1lJDIwJDAuNzA1IiwiZG9jdW1lbnQkMjEkNjE4OGMzZjAiLCJjb25uZWN0aW9uJDIxJCIsImRvd25saW5rTWF4JDIxJCIsImdldFVzZXJNZWRpYSQyMSQyIiwiY2xvY2skMjYkMzI2OCIsInBlcm1pc3Npb24tZ2VvbG9jYXRpb24kMjkkcHJvbXB0IiwiYmF0dGVyeSQyOSQxIDEgMCBJbmZpbml0eSIsImludGVyc2VjdGlvbi1zaXplJDI5JDE2MDB4MTIwMCIsImludGVyc2VjdGlvbiQyOSQzNyIsImF1ZGlvY29udGV4dCQzMCRmN2U3MTJkOSIsInBlcm1pc3Npb24tbm90aWZpY2F0aW9ucyQzMCRwcm9tcHQiLCJwZXJtaXNzaW9uLWNhbWVyYSQzMCRwcm9tcHQiLCJwZXJtaXNzaW9uLW1pY3JvcGhvbmUkMzAkcHJvbXB0IiwicGVybWlzc2lvbi1wZXJzaXN0ZW50LXN0b3JhZ2UkMzAkcHJvbXB0Iiwic29ydCQ2MCQxMi42OSIsImZyYW1lcmF0ZSQxMzUkOTA~ HTTP 302
https://v4-api-34-220-38-27.b2c.com:444/api/4?NlOaPr0KhN3h84ay

172 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.scmagazine.com/home/security-news/malware/
Redirect Chain

https://cra.omeclk.com/portal/wts/ugmcnr-d7faqokyh7smceBwfn66tlrnT4khpx1a&data=04
https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_h...

94 KB
18 KB

404ms
388ms

Document
text/html

2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

7bc21d6c6f430eeac549aa0e701bd5d3568d844dd514b86b7e44a28728fa59b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.scmagazine.com
:scheme: https
:path: /home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=da6a507fbc995499d4b491218c3ee92891617843002; expires=Sat, 08-May-21 00:50:02 GMT; path=/; domain=.scmagazine.com; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie,X-WPENGINE-SEGMENT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-frame-options: SAMEORIGIN
link: <https://www.scmagazine.com/wp-json/>; rel="https://api.w.org/" <https://www.scmagazine.com/wp-json/wp/v2/categories/520>; rel="alternate"; type="application/json"
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
cf-cache-status: DYNAMIC
cf-request-id: 09508e357900004a91122de000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0n8tDXCvPgUbULD1ayAS8eP1HovUzf34gay%2BlXzqalfrg30Tb%2FeISg%2B9f92CVQsto0h%2BXAQfoLKVCYYCQes7KeUn7cMIEwwdjAqiC6ZO4k6ke4XRuLfhFx9iUldhVGQ%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 63c77fcf2cc74a91-FRA
content-encoding: br

Redirect headers

X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Location: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{'now'|date:'%Y%m%d'}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
Content-Length: 0
Date: Thu, 08 Apr 2021 02:50:02 CEST
Server: Apache

GET
H2 200 style.min.css
www.scmagazine.com/wp-includes/css/dist/block-library/ 57 KB
8 KB 18ms
14ms Stylesheet
text/css 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7

Requested by

Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29778a6252b89c79ad8a313692c3f4b8ff5e300c463858732f28da488dd2cc05

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1859583
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 09508e370800004a91ac1c1000000001
last-modified: Wed, 17 Mar 2021 12:11:33 GMT
server: cloudflare
etag: W/"6051f1f5-e358"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F7ASfpw9JGJ7ATUXKy5OI8vs4g9TSpEXL8jfCzgIvaWTBSaY2TRaFR1HQUoQ4U5rwjEvO3d3Y12tapY6giLcYkLjM40vKBW%2Fsmi%2BzZFX455X3jkEzgj0nupUkAszb%2B4%3D"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63c77fd1aed84a91-FRA

GET
H2 200 blocks.style.build.css
www.scmagazine.com/wp-content/plugins/cra-block-webcast-speaker/dist/ 749 B
576 B 15ms
12ms Stylesheet
text/css 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/plugins/cra-block-webcast-speaker/dist/blocks.style.build.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca37bf1c015f6ec3fe5202b335909d309c3f599e98f29810c1fff90451fb1fda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7921804
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 09508e370800004a91b00a9000000001
last-modified: Wed, 06 Jan 2021 08:11:45 GMT
server: cloudflare
etag: W/"5ff570c1-2ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wNI3OTX%2FMFspKrhLDYXxI%2B76DlV5XONjDe9uRijNKdN5Azw5BDnlDjQPHuRMjMG1XWCIOZHR2gS5f%2BvnuYlLuFkAnhuQl%2FAlo05nqZPYux5n2Jq8BXPnVNDg78otyXs%3D"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63c77fd1aed94a91-FRA

GET
H2 200 shared-style.min.css
www.scmagazine.com/wp-content/themes/haymarket/dist/css/ 48 KB
6 KB 17ms
13ms Stylesheet
text/css 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/themes/haymarket/dist/css/shared-style.min.css?ver=1614249820

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c14a8290acb46be64049515cd5e3f390cfc0b024ed8315ec7e103bb31d0080b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3592518
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 09508e370800004a91d638a000000001
last-modified: Thu, 25 Feb 2021 10:43:40 GMT
server: cloudflare
etag: W/"60377f5c-c073"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RvF%2FJzSbUUX4dE94lTcRCVqgC37uRIF5YZ8qBhkgaNd1Kb3WLWnkFvZDhFnpVnNibmArew4r4UUtwSFp9wcYqxVpKukA9ai5VEg6QX6BRqgbWSPIxFxsVWtLhSVMebE%3D"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63c77fd1aeda4a91-FRA

GET
H/1.1 200 olytics.css
olytics.omeda.com/olytics/css/v3/p/ 28 KB
3 KB 669ms
111ms Stylesheet
text/css 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/css/v3/p/olytics.css?ver=1.0.4

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

d17c5960d10953cc9057006480986d62c352bfd9fa78db9cf222307b414bc747

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Apr 2021 00:50:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 22 Nov 2020 17:38:02 GMT
Server: Apache
ETag: W/"28730-1606066682000"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=21600
Transfer-Encoding: chunked
Accept-Ranges: bytes
vary: accept-encoding
X-XSS-Protection: 1; mode=block
Expires: Thu, 08 Apr 2021 06:50:03 GMT

GET
H2 200 style.min.css
www.scmagazine.com/wp-content/themes/haymarket/dist/css/ 280 KB
32 KB 26ms
23ms Stylesheet
text/css 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/themes/haymarket/dist/css/style.min.css?ver=1616607554

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd1d4467ce25ac23eb090a623e648c0b760890aa9b29e12cf6a7bb6fb2143385

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1235380
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 09508e370c00004a91d638b000000001
last-modified: Wed, 24 Mar 2021 17:39:14 GMT
server: cloudflare
etag: W/"605b7942-45f93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4ZjVFguNZppvmrdwj2Q9IMG04yzI4ateoIeA%2FtVKmo6885IaE%2B0gxhmSITihRGHTrvXe8V61qGkxWvURO9BNd2oSkbWYfW8kjP8okZQFP73wsk2QNTZCG3Fo5ow%2B%2Fu4%3D"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63c77fd1aedb4a91-FRA

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 37ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,400i,700,700i|Open+Sans:400,400i,700,700i

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

562749f8851c63a8f36e88e1c3b3732576b38123bda924087b01f7ff53815c5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Apr 2021 00:50:03 GMT
server: ESF
date: Thu, 08 Apr 2021 00:50:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Apr 2021 00:50:03 GMT

GET
H2 200 lytics.min.css
www.scmagazine.com/wp-content/themes/haymarket/dist/css/ 37 KB
3 KB 16ms
13ms Stylesheet
text/css 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/themes/haymarket/dist/css/lytics.min.css?ver=1614249820

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ece5f25bbc643556099a200aa2df5c428d74048e55db71c1880afd1adcb425a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3592518
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 09508e370900004a91c3b00000000001
last-modified: Thu, 25 Feb 2021 10:43:40 GMT
server: cloudflare
etag: W/"60377f5c-95f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QYBNznKPI9e%2FWHUgFnnug5b3Hu85kO5mPLIn4pro1lfw0FI1ryQiIDZX9GZQvbJIVghhN8Ao99H6F7Q11qnlKUjBvCt3I%2BgoJ2AzjTLLWQRo%2FrFnChHe7v%2FnGdC6i0E%3D"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63c77fd1aedc4a91-FRA

GET
H2 200 css
fonts.googleapis.com/ 702 B
438 B 44ms
23ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bree+Serif&ver=0.1.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b34b5f8c62763df4b14ac8364ae7022cfc2389be4a115bfd5a2cb5506ce41b79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Apr 2021 00:08:24 GMT
server: ESF
date: Thu, 08 Apr 2021 00:50:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Apr 2021 00:50:03 GMT

GET
H2 200 jquery.min.js Show response
www.scmagazine.com/wp-includes/js/jquery/ 87 KB
30 KB 19ms
16ms Script
application/javascript 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6769723
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 09508e370900004a91ff9e1000000001
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: cloudflare
etag: W/"5f7dedd5-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oKSe4x3tNR8t9zySZnoIVa%2BVpWjFrQIl8lpH7y87c2tE%2FkiNqWucqkM%2FIkmimIJ5Cic6mcBl4Jmsry3HwNP4%2BpxPOYPDRoYW5XZCADV2upuOc8SCMnfAyuFGi5ZMW18%3D"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63c77fd1aedd4a91-FRA

GET
H2 200 jquery-migrate.min.js Show response
www.scmagazine.com/wp-includes/js/jquery/ 11 KB
4 KB 14ms
11ms Script
application/javascript 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6769723
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 09508e370900004a91f7be4000000001
last-modified: Thu, 19 Nov 2020 09:31:13 GMT
server: cloudflare
etag: W/"5fb63b61-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kYqJQayunlgEG6EaHBK1sKQJmRvVx1dwf5MtsY9s%2FgCaaMfxhz3Cnn0mJFviaG1OV8vrAZn6Aei1oukxj6FB0FCCIq3Wx5G%2BGYPpT%2F9mhuQWfywS%2Fa5MjGgYi3%2BTRLA%3D"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63c77fd1aede4a91-FRA

GET
H2 200 cookie.min.js Show response
www.scmagazine.com/wp-content/mu-plugins/cookie-controller/js/ 2 KB
1 KB 14ms
12ms Script
application/javascript 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/mu-plugins/cookie-controller/js/cookie.min.js?ver=1.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e828282e92509efc0f7bc57888382c5816bd403e0abbb685eda5c4372cc7daa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 13284280
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 09508e370900004a91c3153000000001
last-modified: Tue, 17 Dec 2019 09:37:13 GMT
server: cloudflare
etag: W/"5df8a1c9-834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1marWYkgCgYo%2FOmyIsgQLcT4XdqnQYJRLzkMAJA4w87NPutQ%2Bslt9gLugnDrgvkmURaiJ%2Bq0ds3B34nOAU1JZCvLKN7azegtk4Plk9%2Buwe3fn1AabeE7G0DhRwNym%2Bc%3D"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63c77fd1aedf4a91-FRA

GET
H2 200 hm-olytics-beacon.js Show response
www.scmagazine.com/wp-content/plugins/hm-olytics-beacon/js/ 1 KB
789 B 14ms
12ms Script
application/javascript 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/plugins/hm-olytics-beacon/js/hm-olytics-beacon.js?ver=1.0.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90a260084cfdf97ada7a8e0650eb310a4206d79f1b3a53225d2b9053cc9e4c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1859786
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 09508e370a00004a91b297a000000001
last-modified: Thu, 25 Feb 2021 10:43:38 GMT
server: cloudflare
etag: W/"60377f5a-421"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9fXaFN%2B6Hl16LqEwxgKRwt5N2VN9L2KVv6CYS7CiD89PLB7Riwcjbi3WzbLdWSLMfEfkZU54ggecEgNWWwlzqx6a8VBf00Da0cVMNUnuHwfK%2BnsrNqEPJYsX%2BL7hOlE%3D"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63c77fd1aee04a91-FRA

GET
H2 200 UtilityMove-custom.min.js Show response
www.scmagazine.com/wp-content/themes/haymarket/assets/vendor/ 2 KB
1 KB 15ms
14ms Script
application/javascript 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/themes/haymarket/assets/vendor/UtilityMove-custom.min.js?ver=1614249820

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cffef365e4b53f1a6e9d33a7d42c0d1542b573360f774069589240f75f0e84f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3592518
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 09508e370a00004a912638c000000001
last-modified: Thu, 25 Feb 2021 10:43:40 GMT
server: cloudflare
etag: W/"60377f5c-751"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SR9LwX0Q2S8VNdh3WuE7Q6BVyskSbPl0WuCLdooj%2F%2BeM9%2BrKnrx%2FmF%2BQMT%2BiCu2RMMX%2BCroAdJl0Vie8R6q7br0YZ0xSZN%2FWaXaJ8xwaGCDbIVV9IafEhtOmCMNSChg%3D"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63c77fd1aee14a91-FRA

GET
H2 200 polyfill.min.js Show response
www.scmagazine.com/wp-content/themes/haymarket/assets/js/frontend/ 102 KB
33 KB 20ms
19ms Script
application/javascript 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/themes/haymarket/assets/js/frontend/polyfill.min.js?ver=1614249820

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59173f786dd1f3802f7ab26fd339aac4099dc10c6cb54a6a92213e6af277592a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3592518
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 09508e370a00004a91c623c000000001
last-modified: Thu, 25 Feb 2021 10:43:40 GMT
server: cloudflare
etag: W/"60377f5c-19873"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mCH1DpKX2Wro3YZk7xoS8%2B%2Fh9ADe8%2BiE4%2FYfTyXqLaKmMYeiNoEIVXxxkOVlG%2B4T2gveiuXBrKZe8j5pbCHs79897WWiYNpIYixDfTg%2BvtXIs80z3Zj9anY67vQd0AE%3D"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63c77fd1aee24a91-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 59 KB
20 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6066d8c876b59b80bc647daa6594495af6a89e4eb9b4bf19095af605992c7a31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "836 / 906 of 1000 / last-modified: 1617833820"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20280
x-xss-protection: 0
expires: Thu, 08 Apr 2021 00:50:03 GMT

GET
H2 200 head.min.js Show response
www.scmagazine.com/wp-content/themes/haymarket/dist/js/ 43 KB
12 KB 15ms
14ms Script
application/javascript 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/head.min.js?ver=1614249820

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a9bcb1cc2cb1d0cf031ef290b4df3594eb3e4486db13dfcf1f74c3e2a3e7460

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3592518
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 09508e370a00004a91bbb0c000000001
last-modified: Thu, 25 Feb 2021 10:43:40 GMT
server: cloudflare
etag: W/"60377f5c-ac71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=acLOnNPIpKTIcxxYnaUl3PWKFxjag2jv%2FuQvX3Akt%2BzyvaPp4FnT4SV9lVLSUdW7b%2F7rtH37k4byZKd0wNKBdRaYrhv8rA0uRoSTvrsul1ME5ajo%2Bl1Vt0Y61nGMqwQ%3D"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63c77fd1aee34a91-FRA

GET
H2 200 SC_Logo_Master_Brand.png
www.scmagazine.com/wp-content/uploads/2021/03/ 7 KB
8 KB 11ms
11ms Image
image/webp 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.scmagazine.com/wp-content/uploads/2021/03/SC_Logo_Master_Brand.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e66b3b8c27a5ece43822021188862fb58cb9c0f52a41067c295aef2fb1e109a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 19253
cf-polished: origFmt=png, origSize=8498
content-disposition: inline; filename="SC_Logo_Master_Brand.webp"
vary: Accept
content-length: 7260
cf-request-id: 09508e37b200004a91f900b000000001
last-modified: Tue, 30 Mar 2021 08:20:42 GMT
server: cloudflare
etag: "6062df5a-2132"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hm%2BzPILJzeyH7KtZGJX0Zs%2F5RSWCF1un5DJlnfjg21e3SkxDepzVTPjnJWvZs3mV1iD6Z2WGq1BsR2qFWSwKOB5P0sQgObEIhpjveOqgucGKEr0sovvAPJOGo5HYzFo%3D"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63c77fd2bfcf4a91-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 162 KB
52 KB 41ms
21ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MHZ6C39

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f679adf338068d59b924bb8dce6b4896e642e8b1966cc97e63c040003115e59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53155
x-xss-protection: 0
last-modified: Thu, 08 Apr 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Apr 2021 00:50:03 GMT

GET
H2 200 spinner.svg
www.scmagazine.com/wp-content/themes/haymarket/assets/svg/src/ 694 B
736 B 13ms
13ms Image
image/svg+xml 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.scmagazine.com/wp-content/themes/haymarket/assets/svg/src/spinner.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abb1dd7905b3797711e15609800d43cabead4c0358dc0030a1932a20e82a37d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 11233404
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 09508e37f600004a91b5a4d000000001
last-modified: Tue, 17 Dec 2019 09:37:16 GMT
server: cloudflare
etag: W/"5df8a1cc-2b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GAc%2F%2BjaVp9lrzjY1VU1SL5lhOZq7aMTJpukp690vmS5fja8tPMV1Oo9%2BLOiUqxHgjscPWmUpDFUiOWV8vgiaa5Dyh%2BqRvKDiivhxHBuwlxd9Zbo0GklcFJ4VHShaloE%3D"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63c77fd328304a91-FRA

GET
H2 200 blocks.min.js Show response
www.scmagazine.com/wp-content/themes/haymarket/dist/js/ 8 KB
3 KB 16ms
16ms Script
application/javascript 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/blocks.min.js?ver=1614249820

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0afd4d6b0313d25f689ed18a3ead599ce543f82035f33dda56ca529a0d7981f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3592518
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 09508e373300004a91d083e000000001
last-modified: Thu, 25 Feb 2021 10:43:40 GMT
server: cloudflare
etag: W/"60377f5c-1fb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=59CIGaJqbnL8bc0hW9S2IJI9V3zJkczaQY4k1DEVWekvqxLNMxFjQloUmvRZ2njrRoYrk%2FVoou5NDr%2BdpGyhS96%2FQLyfAQBRS%2Bour131OqmONbvivEMkLiEv5DYWmi8%3D"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63c77fd1ef144a91-FRA

GET
H2 200 hm-olytics-page-tag.js Show response
www.scmagazine.com/wp-content/plugins/hm-olytics-beacon/js/ 239 B
615 B 13ms
13ms Script
application/javascript 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/plugins/hm-olytics-beacon/js/hm-olytics-page-tag.js?ver=1.0.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0c4e5ffb84f98caaa33a1ccdfe81fe0a6d76c025cebf712fbcd3199e28f0031

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1859786
vary: Accept-Encoding, Accept-Encoding
cf-request-id: 09508e380800004a9122011000000001
last-modified: Wed, 17 Mar 2021 12:11:33 GMT
server: cloudflare
etag: W/"6051f1f5-ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bm0lHCS3XAsnVzgoA6FbKfXviQ3SJo4PbRbEFv2abWfV%2FXK6PYgooyYj5lpQPeFVQOerfILEgGwAeclQgTdtijYJS3jh%2FmmnRaCDHlO1Y1kWDRrRbM8CwDXYDfyCrpU%3D"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63c77fd3484a4a91-FRA

GET
H/1.1 200
OK hmi-registration-ui.manifest.js Show response
s3.amazonaws.com/haymarket-reg-js/develop/production/ 870 B
1 KB 431ms
122ms Script
application/javascript 52.216.170.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/haymarket-reg-js/develop/production/hmi-registration-ui.manifest.js?ver=0.1.1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.170.197 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5e8095cad5b71456e02e88835892814dba44009f6403b5a84416db008e5d357f

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Apr 2021 00:50:04 GMT
Last-Modified: Tue, 11 Aug 2020 02:56:01 GMT
Server: AmazonS3
x-amz-request-id: BZ698DQZ675YWEC8
ETag: "da9d29c4843b0bac5dd6ef34da93b22e"
Content-Type: application/javascript
x-amz-version-id: lBVwAglHDmp6fLxZy4fz12pXZDZUxHyZ
Accept-Ranges: bytes
Content-Length: 870
x-amz-id-2: pHopfbAG+cKpARzM4oN51LZR/URsVW7qXqfACo4mkqu51Og/0DmtpqyXwI/Ur7t+b1asdUY+G14=

GET
H/1.1 200
OK hmi-registration-ui.vendor.js Show response
s3.amazonaws.com/haymarket-reg-js/develop/production/ 357 KB
357 KB 151ms
119ms Script
application/javascript 52.216.170.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/haymarket-reg-js/develop/production/hmi-registration-ui.vendor.js?ver=0.1.1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.170.197 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8e1c678764d16a66f783dfd8bee93916cf2b055635cef0362bc0640b610df5b5

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Apr 2021 00:50:04 GMT
Last-Modified: Tue, 11 Aug 2020 02:56:01 GMT
Server: AmazonS3
x-amz-request-id: BZ6F1RN0PQBNMEYB
ETag: "3d50e45eac853d7ff5898c6e8355f1cb"
Content-Type: application/javascript
x-amz-version-id: wulLLPFCPRcEdDRYL1_1QW.A2D.Je67N
Accept-Ranges: bytes
Content-Length: 365126
x-amz-id-2: fuQhNoYWRPyWqROZ9Wk7STeRJO4p87KQXNipBWEba72AnfpTevecPnFsopA9fmayfGKWlNNbKmg=

GET
H/1.1 200
OK hmi-registration-ui.bundle.js Show response
s3.amazonaws.com/haymarket-reg-js/develop/production/ 1 MB
1 MB 384ms
118ms Script
application/javascript 52.216.170.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/haymarket-reg-js/develop/production/hmi-registration-ui.bundle.js?ver=0.1.1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.170.197 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f8c3bc6b4612e018296f32dec014b0e8d4c8ef0c7ff449f26a28b641d3497da1

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Apr 2021 00:50:05 GMT
Last-Modified: Tue, 11 Aug 2020 02:56:01 GMT
Server: AmazonS3
x-amz-request-id: 9TXG9K912PYFCPYB
ETag: "7f48d5418252c54a9baf9ce1a74980be"
Content-Type: application/javascript
x-amz-version-id: P5VRJucwn2qmvNWevdaMGPbAlXCLHFuw
Accept-Ranges: bytes
Content-Length: 1322506
x-amz-id-2: dGohnkcoP+6cb8uczfaImu8tX1mH9PD+l4ULmXbJItAfHzOQjeXcx8iSeXEHDeA2PKuNf2eQfIk=

GET
H2 200 frontend.min.js Show response
www.scmagazine.com/wp-content/themes/haymarket/dist/js/ 139 KB
34 KB 20ms
19ms Script
application/javascript 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1614249820

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb2822d278051ae981b2652bb06e8b3fe430ba1d5f803ae07c9a0580e6a7588c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3592517
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 09508e374400004a91b5a46000000001
last-modified: Thu, 25 Feb 2021 10:43:40 GMT
server: cloudflare
etag: W/"60377f5c-22c6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XGiIB85HnQsoRIJP77vzGgiXu%2Fr5cmA7mKhx9by5Skw0rRsmJc33ECYpyGLO%2B7Rby2ndgpfUsOq0q9rb%2Fv%2F%2B%2B4Ai3JeMo1KGxmUaXjZbyEKu8KfRrVTA%2Bq9HXT9OaWU%3D"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63c77fd20f244a91-FRA

GET
H2 200 iab.min.js Show response
www.scmagazine.com/wp-content/themes/haymarket/dist/js/ 8 KB
2 KB 12ms
12ms Script
application/javascript 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1614249820

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1d0b1a9de0c9552e3fa4072ae4007a3a98a1855fc2736dd46dacaf121441eed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3592517
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 09508e375d00004a91e9050000000001
last-modified: Thu, 25 Feb 2021 10:43:40 GMT
server: cloudflare
etag: W/"60377f5c-1ecd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4lxkhH%2B5v8xpRPcOfBUoOZVVAITj50FUywx5l2T02n8Z5g%2FVWOXHZPG423cMSiKLk9obBgdr5fwtJ9VQokTKgPAQF%2BmMgvg3tgsBfkdHm%2BWZDVTb%2FBHMXxz6qJp6GPM%3D"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63c77fd22f534a91-FRA

GET
H2 200 wp-embed.min.js Show response
www.scmagazine.com/wp-includes/js/ 1 KB
997 B 28ms
28ms Script
application/javascript 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-includes/js/wp-embed.min.js?ver=5.7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1859786
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 09508e376b00004a9105865000000001
last-modified: Tue, 09 Mar 2021 08:28:27 GMT
server: cloudflare
etag: W/"604731ab-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hU%2F2hEJnJxdkznNMgg3vNACc7UVFqhXrMJxJ6GVppjIYJAtStRXE8PHFAI5fGgZif7tQhVH3MAhorSK%2B5he4foj34YWEzvnbT2XlsF62UxC83dfp8G60ARV5OtN6Df4%3D"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63c77fd24f6d4a91-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHZ6C39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 4034
date: Wed, 07 Apr 2021 23:42:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Thu, 08 Apr 2021 01:42:49 GMT

GET
H2 410 7341.js
script.crazyegg.com/pages/scripts/0034/ 0
0 30ms
13ms Script
application/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0034/7341.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHZ6C39
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
cf-cache-status: HIT
last-modified: Wed, 07 Apr 2021 19:11:17 GMT
server: cloudflare
age: 20326
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 63c77fd61dc4324c-FRA
content-length: 0
cf-request-id: 09508e39d20000324c51069000000001

GET
H/1.1 200 olytics.min.js Show response
olytics.omeda.com/olytics/js/v3/p/ 271 KB
73 KB 114ms
114ms Script
application/javascript 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Requested by

Host: www.scmagazine.com
URL: https://www.scmagazine.com/wp-content/plugins/hm-olytics-beacon/js/hm-olytics-beacon.js?ver=1.0.4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

f2554304acc687068f6dd84b750d742d1233e7ab21bf29837c68dfafc15dcc86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Apr 2021 00:50:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Feb 2021 23:44:02 GMT
Server: Apache
ETag: W/"277271-1614123842000"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=21600
Transfer-Encoding: chunked
Accept-Ranges: bytes
vary: accept-encoding
X-XSS-Protection: 1; mode=block
Expires: Thu, 08 Apr 2021 06:50:03 GMT

GET
H2 200 src.svg
www.scmagazine.com/wp-content/themes/haymarket/assets/svg/ 33 KB
9 KB 15ms
14ms Other
image/svg+xml 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/themes/haymarket/assets/svg/src.svg?ver=1614249820

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

866e74600600f8647c979414828f3538d646101dc8504de84c2ed00e30460811

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3592517
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 09508e39c400004a91bbb25000000001
last-modified: Thu, 25 Feb 2021 10:43:40 GMT
server: cloudflare
etag: W/"60377f5c-8317"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j7uJmVpTeGde6thFyQpsxOmW2%2BXsefJbZbgKUBEDpp1RitZ4rS4ucWouSy1O1ip%2BDSJFWj7AUQ0174wtZxvpabRYheq5CyUze9N8jUtoI1CubDxegB4P0j8Dd32fq1k%3D"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 63c77fd60a7b4a91-FRA

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 26ms
5ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,400i,700,700i|Open+Sans:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.scmagazine.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 485186
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

GET
H2 200 pubads_impl_2021040101.js Show response
securepubads.g.doubleclick.net/gpt/ 286 KB
101 KB 44ms
21ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 08:39:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103004
x-xss-protection: 0
expires: Thu, 08 Apr 2021 00:50:03 GMT

GET
H2 200 NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v9/ 12 KB
12 KB 16ms
12ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v9/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,400i,700,700i|Open+Sans:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fa20d91c9e94f0dcd1398f5e8909706c437748ca1800616ee76deb6cefbdf03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.scmagazine.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:07:03 GMT
server: sffe
age: 485186
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12356
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v9/ 11 KB
12 KB 14ms
11ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v9/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,400i,700,700i|Open+Sans:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e35ec3dfa80b7851b7826fcae5e1ef652d03d77c6c2af9f0bf1b97d49fe876d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.scmagazine.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 14:36:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:06:52 GMT
server: sffe
age: 555187
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11720
x-xss-protection: 0
expires: Fri, 01 Apr 2022 14:36:56 GMT

GET
H2 200 mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v18/ 13 KB
14 KB 18ms
13ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,400i,700,700i|Open+Sans:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da407a15b1ea0c1b4bb774bd77bb608d6b1c90397b5a75b8895bbccfda5feb63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.scmagazine.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:37 GMT
server: sffe
age: 485186
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13780
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 33ms
19ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,400i,700,700i|Open+Sans:400,400i,700,700i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.scmagazine.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 485186
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

GET
H2 200 Golova_01-WM-544x306.jpg
www.scmagazine.com/wp-content/uploads/2021/04/ 56 KB
56 KB 14ms
11ms Image
image/jpeg 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.scmagazine.com/wp-content/uploads/2021/04/Golova_01-WM-544x306.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

743c2c85f274713eaad18bc8532b0aa34241783bd219109f8477fae7213db869

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 531592
cf-polished: origSize=59314, status=webp_bigger
vary: Accept-Encoding
content-length: 57220
cf-request-id: 09508e3a2f00004a9125ad0000000001
last-modified: Thu, 01 Apr 2021 20:55:15 GMT
server: cloudflare
etag: "60663333-e7b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UD4fPg2P4hVsVjNnAPXzfnec0YC%2BSOyZFYbbp%2FiUng3cY5pkoX7oUCsszEI0SuVHhANkQuiotVfLCsH4E1aA%2FahI%2FDO2FRB%2B6Su9FLECuLYHmN4B532zZ08rVjHewws%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63c77fd6bb164a91-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 GettyImages-942400992-544x306.jpg
www.scmagazine.com/wp-content/uploads/2021/03/ 33 KB
33 KB 426ms
422ms Image
image/jpeg 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.scmagazine.com/wp-content/uploads/2021/03/GettyImages-942400992-544x306.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03a234e8e2187c8273f485b4e278e491e9ca08c2ecdc02892f224578e9f22dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 33513
cf-request-id: 09508e3a3000004a91f9023000000001
last-modified: Fri, 19 Mar 2021 21:15:37 GMT
server: cloudflare
etag: "60551479-82e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FdaNoKxTh8LdppKNVNDyjwa%2F7QPwcxPc88Xe1dSgG46e9m%2FFI4ofq0Z41S1Ws4IPGqKePulfYi8B93HVIxzZHWnVCuzO77ZsRxNU7dmovqYRbdDmvUTz0xAv4Md0q%2F8%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63c77fd6bb174a91-FRA

GET
H2 200 GettyImages-1230196007-e1616105563502-544x306.jpg
www.scmagazine.com/wp-content/uploads/2021/03/ 27 KB
27 KB 19ms
16ms Image
image/jpeg 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.scmagazine.com/wp-content/uploads/2021/03/GettyImages-1230196007-e1616105563502-544x306.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965d37dc5afc6a5a4d824d226c553e288ba75074d7a35cd4168ceb8f4cff2b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 107847
cf-polished: origSize=35585, status=webp_bigger
vary: Accept-Encoding
content-length: 27276
cf-request-id: 09508e3a3000004a91dc31e000000001
last-modified: Thu, 18 Mar 2021 22:12:44 GMT
server: cloudflare
etag: "6053d05c-8b01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IGHmwOqRksALx6w%2BaSZLVQwx6I%2FspsRcJh8dtXoJOu922cA9NhgXiwoVk8%2BvFG9TTLyNpXnpgKxovHIEMZamdwaEz8nxuMBURYYYJcILivnOE3MHZk%2BGoVtg3BMC1Fk%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63c77fd6bb184a91-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 16100325080_4d921033f0_k-e1609804361284-544x306.jpg
www.scmagazine.com/wp-content/uploads/2021/01/ 24 KB
24 KB 15ms
12ms Image
image/jpeg 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.scmagazine.com/wp-content/uploads/2021/01/16100325080_4d921033f0_k-e1609804361284-544x306.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e1eec8984243180cb049cfe322f8b2816e13a91986dc45651ebd7e9e4a0f146

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 184956
cf-polished: status=not_needed
vary: Accept-Encoding
content-length: 24500
cf-request-id: 09508e3a3000004a911e958000000001
last-modified: Mon, 04 Jan 2021 23:52:53 GMT
server: cloudflare
etag: "5ff3aa55-5fb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5wUzxcapMs%2B4duRCMaHdHSEbqgG7Hv3GGUyGq3liA7ta874qJmpZ9F4mf4yMm2i54VjCijFOp%2BYV67qyR0w%2F08A5jtq3%2FOOE2fjMDJnvEZF1ejY5%2BjWgGYNaC77Fhx4%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63c77fd6bb194a91-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 405572938_ddd5f25333_o-e1614989784777-544x306.jpg
www.scmagazine.com/wp-content/uploads/2021/03/ 43 KB
44 KB 458ms
455ms Image
image/jpeg 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.scmagazine.com/wp-content/uploads/2021/03/405572938_ddd5f25333_o-e1614989784777-544x306.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c98daf8d26c8e708db6dc18155905f5721033ab2305a506abaa512142e2d017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 44271
cf-request-id: 09508e3a3000004a91b5a62000000001
last-modified: Sat, 06 Mar 2021 00:16:37 GMT
server: cloudflare
etag: "6042c9e5-acef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BJNii0Yq%2BKmmjNL5fi08KeU1Ava2SFwBSQ83N3HfSICSeOgAubDmz4fbXVWhqmUCB5pBhD6XRGyQKldnwHL0yhlvpIZJECTwxS2qnJVdutAy4jAVl6pqbW02cRJ7ols%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63c77fd6bb1a4a91-FRA

GET
H2 200 CDOC-1024x511-1-e1605843829700-544x306.png
www.scmagazine.com/wp-content/uploads/2020/11/ 158 KB
158 KB 19ms
16ms Image
image/webp 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.scmagazine.com/wp-content/uploads/2020/11/CDOC-1024x511-1-e1605843829700-544x306.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c48439840a6f099fbde5e8748c61d4075a8e7e13e49ac988adb9948b7092fe55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:03 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 209482
cf-polished: origFmt=png, origSize=230213
content-disposition: inline; filename="CDOC-1024x511-1-e1605843829700-544x306.webp"
vary: Accept
content-length: 161316
cf-request-id: 09508e3a3000004a9104af5000000001
last-modified: Fri, 20 Nov 2020 03:43:58 GMT
server: cloudflare
etag: "5fb73b7e-38345"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ohDr7%2FYETmXa52AARWAV3LX8dM1PAl%2BYgmTAowvVukv8rTmBUYFGhD%2B402snCRu207epfOj02pC1C60Z%2FkXdzBiGfZY0IKm%2FGFFRsdCBHKq8c7jYkorLWG%2BMKlVhbKg%3D"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63c77fd6bb1b4a91-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Apple_store_regent_street_london_-_Flickr_-_jonrawlinson-e1607050421388-544x306.jpg
www.scmagazine.com/wp-content/uploads/2020/12/ 31 KB
32 KB 389ms
386ms Image
image/jpeg 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.scmagazine.com/wp-content/uploads/2020/12/Apple_store_regent_street_london_-_Flickr_-_jonrawlinson-e1607050421388-544x306.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc17f752e8183cb838ca919178b800f3649b392d8a838721f4c2fae2679b4c25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 31897
cf-request-id: 09508e3a3000004a91f118e000000001
last-modified: Fri, 04 Dec 2020 02:53:57 GMT
server: cloudflare
etag: "5fc9a4c5-7c99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Egj18%2BLQiHgpnFWbjL2XehbG9fzQs%2FVIPYkJXHQ8fhGnpWGEb%2BLDWfVTw43FuTVan9SeRgealZDiOmz3rBBRVFC1pvgHj5YkzGhFiWRGja4OHEA10mfjbWyFwLNyJH8%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63c77fd6bb1c4a91-FRA

GET
H2 200 GettyImages-611440952-e1611875447486-544x306.jpg
www.scmagazine.com/wp-content/uploads/2021/01/ 23 KB
23 KB 391ms
389ms Image
image/jpeg 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.scmagazine.com/wp-content/uploads/2021/01/GettyImages-611440952-e1611875447486-544x306.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b781a00b78172f2cbdd9cfa59267995d63dc58843485f3615f359473af7fa892

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 23467
cf-request-id: 09508e3a3100004a91d9a50000000001
last-modified: Thu, 28 Jan 2021 23:10:58 GMT
server: cloudflare
etag: "60134482-5bab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NwxsFtevXGhuU0e3iX6tVMaJLvAIjfQB3lrOhpSRGruJxB5dl0eQE6OqJPjZI%2BYMUh07EUBX4CaVAcyCLaFWdstAofNhe9tyARLUbhCBuEBTtuaAcZsBCpqwnFHGLBs%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63c77fd6bb1d4a91-FRA

GET
H2 200 GettyImages-72266809-e1604954206455-544x306.jpg
www.scmagazine.com/wp-content/uploads/2020/11/ 26 KB
27 KB 374ms
372ms Image
image/jpeg 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.scmagazine.com/wp-content/uploads/2020/11/GettyImages-72266809-e1604954206455-544x306.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0474aacdad3f260537a899d75473b2aa2c57a6e8e06d9d54dc8d48b04eb6e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 27031
cf-request-id: 09508e3a3100004a91e380b000000001
last-modified: Mon, 09 Nov 2020 20:36:47 GMT
server: cloudflare
etag: "5fa9a85f-6997"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zhSYxsPkFoGNzTtboPN6FmLqv75mfhVCXXKjgPOC4TaqwElgAcB0GkdC%2FnBdsPpQQ%2FvFQ4004VO41nLK7ynmw0S6Feucxe1Pe1rkr%2Fm337P2mQ6J0S8gLxxmdHVFYm8%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63c77fd6bb1e4a91-FRA

GET
H2 200 Symantechq_2011-scaled-e1611101014348-150x150.jpg
www.scmagazine.com/wp-content/uploads/2021/01/ 44 KB
44 KB 465ms
464ms Image
image/jpeg 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.scmagazine.com/wp-content/uploads/2021/01/Symantechq_2011-scaled-e1611101014348-150x150.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d926c37ec7c5ca485c0f29f4d58db9512594e59c96e5b783771236f7bbb0066

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:04 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-length: 44861
cf-request-id: 09508e3a4f00004a91dc31f000000001
last-modified: Wed, 20 Jan 2021 00:03:34 GMT
server: cloudflare
etag: "60077356-af3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VttI0ItjhU58xiI0URHqzZU0N6Ig0iTVCeZrryVL4%2FNC%2BqBVdIAij7qKE4FTxc7UvQhpcofb62BXfUTTl1DuHCRuriliqiz1Zs3x1%2FQEJ8UF7GpTzXTnqHhKM8cYKQQ%3D"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 63c77fd6eb424a91-FRA

GET
H2 200 lio.js Show response
c.lytics.io/api/tag// 40 B
676 B 50ms
23ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag//lio.js

Requested by

Host: www.scmagazine.com
URL: https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1614249820

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6557812bb342a14c23635e24733f11e5752f9807a85053be80b6fbd955a34ed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:04 GMT
via: 1.1 google
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1182
content-encoding: br
cf-request-id: 09508e3a690000d705ac060000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pDmEapM7r0Zf7CL7yIIrgYhBzwcKWx9CDjLozWppCOeJllPUWU7XTaYsMD4v6J3sEVOTaDh3TR29hLwCTOyhtSAbagPwKypNvCjoHtVYMEtLXpeAlSK8Bw%3D%3D"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cf-ray: 63c77fd70d60d705-FRA

GET
H2 200 most-widget Show response
www.scmagazine.com/wp-json/haymarket/v1/ 5 KB
2 KB 313ms
313ms XHR
application/json 2606:4700:20::681a:3d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-json/haymarket/v1/most-widget?id=most-4

Requested by

Host: www.scmagazine.com
URL: https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1614249820

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:3d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

a327dd68a2d5d871a5a61e0c037a996fa5717fc8b36d5f408ec8ae6baf7ea6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-cacheable: SHORT
x-powered-by: WP Engine
x-cache: HIT: 14
strict-transport-security: max-age=15552000
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
cf-request-id: 09508e3a5000004a9125ad1000000001
x-cache-group: normal
pragma: no-cache
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
x-robots-tag: noindex
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JQZIrtIRC1CacRiTQLgD2iwzyAiNKxuFvBFTlQ6g2BnlolxbF7R7qmLBJ7LW71GsFc4Q92%2Br4qT6Odr47h%2F0KsDgcC7SseC8aONPpIRuX0xA4tvBBXhaczt%2Be1czEYo%3D"}]}
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=600, must-revalidate
cf-ray: 63c77fd6eb444a91-FRA
link: <https://www.scmagazine.com/wp-json/>; rel="https://api.w.org/"
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 89 KB
36 KB 47ms
34ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TCMLVLP&t=gtm2&cid=364570351.1617843004

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0558ba8e8248bb07e17b752d1bb1ff0ab7f968ff6bb98627c0eb6d72341600c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35916
x-xss-protection: 0
last-modified: Thu, 08 Apr 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Apr 2021 00:50:04 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 28 KB
13 KB 116ms
29ms Script
application/javascript 34.247.104.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?832021
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.104.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3cc4d52780a21eb51474c98c4693fd91cd8d2fc583e33a16dad087809f61cdc9

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Apr 2021 00:50:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Apr 2021 04:49:56 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=14392
Connection: keep-alive
Content-Length: 12550
Expires: Thu, 08 Apr 2021 04:49:56 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 36ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.scmagazine.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 00:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 35ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.scmagazine.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 00:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 440 B
945 B 68ms
54ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

bbbd24e6f679792d638ed1936137c274734e6f49ac18c0b061ca5b881b35e712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 228
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
2d0e9248a28bc9933491521db2fbe69f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 48ms
14ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://2d0e9248a28bc9933491521db2fbe69f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 28ms
7ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 76ms
63ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

73c7de8dd24f2eab06be3fa01bc7dd8af2b8c35c24d6286b54d31bf6a4a72fb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3737
x-xss-protection: 0
google-lineitem-id: 5663391797
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138345679622
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 51ms
16ms Script
application/x-javascript 54.230.55.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHZ6C39
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.55.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-55-228.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 08:21:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 59342
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 bf65a83733ea7a81d9100310d3bbbfb8.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: HAM50-C1
X-Amz-Cf-Id: w91CtyvcQWiBodIK68T49wJrfxWx7kHVZ7kgHMinIghFmK4ud_kedQ==

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 22ms
7ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Apr 2021 00:50:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=22829
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 init-131xlxqjsfx7lh82dpc.js Show response
api.b2c.com/api/ 475 B
996 B 393ms
368ms Script
text/javascript 2606:4700:20::681a:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.b2c.com/api/init-131xlxqjsfx7lh82dpc.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHZ6C39
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfc528655b5de94900627202f9086bba305c4694d287e53c33dde5a0268d2128

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 00:50:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GB148KmtvKaVPcrxD4Ogq7aMZ%2FNYfvYwJYwpHb1olzyS6UivQkPI1CFH7cvPXsmesanzdNc6Z3PpsElYrG1spKgpuW08h0lq8lXBpXzHfE8%2BHrlcMAyxTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cf-ray: 63c77fd769343258-FRA
cf-request-id: 09508e3aa300003258be8a4000000001
expires: -1

GET
H/1.1 200
OK dpm_00fd4b4549a1094aae926ef62e9dbd3cdcc2e456.min.js Show response
s.dpmsrv.com/ 108 KB
38 KB 58ms
16ms Script
application/x-javascript 54.192.210.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_00fd4b4549a1094aae926ef62e9dbd3cdcc2e456.min.js
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.210.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-210-6.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0e1496a92d5756e5d4da2993d5bf9af1d22fdf9afef1a830b044f9bee4bbc0e

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Apr 2021 04:39:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Oct 2020 14:40:15 GMT
Server: AmazonS3
Age: 72631
ETag: "f646e62f3bcaac64b7fc46d6b66c0ed9"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 84465451fc5898ca8155a82c8976074f.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: HAM50-C2
Accept-Ranges: bytes
Content-Length: 38263
X-Amz-Cf-Id: WijbLnqcTz6-1HruoSiUp8bQ8jMXDiI3NaG4IO_sPg5yRF_t75_7-w==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
169 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=394853163&t=pageview&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fmalware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7021H2676790F4R&ul=en-us&de=UTF-8&dt=Malware%20news%20%26%20analysis%20%7C%20SC%20Media&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAAADQAAAAC~&jid=602467790&gjid=826650634&cid=364570351.1617843004&tid=UA-1290429-10&_gid=395726966.1617843004&_r=1&gtm=2wg3v0MHZ6C39&cd1=&cd2=&cd3=&cd4=&cd5=section&cd6=&cd7=&cd9=&cd10=0&cd12=&cd14=&cd15=&cd66=&cd70=malware&z=183860460

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 00:50:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight_tag_errors.gif
px.ads.linkedin.com/ 43 B
561 B 526ms
195ms Image
image/gif 2620:119:50e1:101::6cae:b25
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/insight_tag_errors.gif?v=2&pid=68780&error=URI%20malformed&href=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fmalware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7021H2676790F4R
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:04 GMT
content-encoding: gzip
server: Play
linkedin-action: 1
vary: Accept-Encoding
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-esv5
content-type: image/gif
content-length: 65
x-li-uuid: E9/6EKS7cxawHinv5yoAAA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
448 B 40ms
13ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-1290429-10&cid=364570351.1617843004&jid=602467790&gjid=826650634&_gid=395726966.1617843004&_u=aGDAAAACQAAAAC~&z=99304239

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 08 Apr 2021 00:50:04 GMT
content-type: text/plain
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame EF38 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77d925eff33d8f8621a865dc94cdae563e579fc96057d6304a78b25cae0f510a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050

200

4504971556335818773
tpc.googlesyndication.com/simgad/
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslM9gwgisTAWoyQch81N4dGLVUvyLRDueUwn6rV0zpv9z4RcNdrvbFi8Iy28o7sA8FK-X65gJkR5WD1YaWc8S3Y450HrRlkY01HcKtHxkA0lCJitsHQ2XK0czNPQqjO0ivTj2D8zm2n...
https://tpc.googlesyndication.com/simgad/4504971556335818773?

170 KB
171 KB

36ms
21ms

Image
image/jpeg

2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4504971556335818773?

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef03f63a0106ccde3a73f60cd35749028cbcb6194808a938ef1f94722b7a084b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:06:46 GMT
x-content-type-options: nosniff
age: 31398
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 174253
x-xss-protection: 0
last-modified: Wed, 07 Apr 2021 15:47:06 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Apr 2022 16:06:46 GMT

Redirect headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 00:50:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tpc.googlesyndication.com/simgad/4504971556335818773?
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 41ms
27ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d686acfc12a44fc472fb2a3c0ff9baa4638ced8f0da5b32f9ae5c15a2611def

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617795245888949"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Thu, 08 Apr 2021 00:50:04 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
505 B 36ms
16ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-1290429-10&cid=364570351.1617843004&jid=602467790&_u=aGDAAAACQAAAAC~&z=1434527170

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 00:50:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 47ms
27ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-1290429-10&cid=364570351.1617843004&jid=602467790&_u=aGDAAAACQAAAAC~&z=1434527170

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 00:50:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D1122%26pixelIndex%3D0%26r%3D216887%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.scmagazine.c...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D1122%2526pixelIndex%253D0%2526r%253D216887%2526tzOffset%2...
https://a.dpmsrv.com/dpmpxl/index.php?id=5968168323394852307&q=xImp&v=1.x&cl=1122&pixelIndex=0&r=216887&tzOffset=-120&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fmalware%2F%3Futm_...

246 B
995 B

421ms
103ms

Script
text/javascript

3.229.100.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=5968168323394852307&q=xImp&v=1.x&cl=1122&pixelIndex=0&r=216887&tzOffset=-120&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fmalware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7021H2676790F4R&_=1617843004157
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.100.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-100-58.compute-1.amazonaws.com
Software: /
Resource Hash: 84346d3059aaa7b1ce9b20d8b77241a15f2e1689706288a47ece88da9c247a51

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 218
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 00:50:04 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.148:80
AN-X-Request-Uuid: 31a924f1-ea10-435a-879c-50d14bfc6b3b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://a.dpmsrv.com/dpmpxl/index.php?id=5968168323394852307&q=xImp&v=1.x&cl=1122&pixelIndex=0&r=216887&tzOffset=-120&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fmalware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7021H2676790F4R&_=1617843004157
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 62 B
572 B 30ms
30ms Script
application/javascript 34.247.104.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=84882&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fmalware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7021H2676790F4R&pv=1617843004168_ltghtid64&bl=en-us&cb=1610598&return=&ht=&d=&dc=&si=1617843004168_ltghtid64&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?832021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.104.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 00:50:04 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 147
Expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ 20 B
482 B 512ms
204ms Script
application/javascript 3.225.125.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=832021
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?832021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.125.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-125-221.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 08 Apr 2021 00:50:03 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Fri, 09 Apr 2021 00:50:04 GMT

OPTIONS
H/1.1 200 olytics
oqs.omeda.com/oqs/rest/ Frame 0
0 556ms
114ms Preflight
text/plain 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Protocol

HTTP/1.1

Server

204.180.130.165 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.scmagazine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 600
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Content-Type: text/plain
Content-Length: 0
Date: Thu, 08 Apr 2021 00:50:03 GMT
Server: Apache

POST
H/1.1 200 olytics Show response
oqs.omeda.com/oqs/rest/ 15 B
307 B 113ms
113ms XHR
application/json 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.165 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

8fed0359a978607741335672c13815cef49036c52f9d3c3173d365840a967ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 08 Apr 2021 00:50:04 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 42ms
21ms Fetch
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 00:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 15771468893096115367
vary: Accept-Encoding, Origin
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 08 Apr 2021 00:50:04 GMT

OPTIONS
H/1.1 200 olytics
oqs.omeda.com/oqs/rest/ Frame 0
0 558ms
111ms Preflight
text/plain 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Protocol

HTTP/1.1

Server

204.180.130.165 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.scmagazine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 600
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Content-Type: text/plain
Content-Length: 0
Date: Thu, 08 Apr 2021 00:50:04 GMT
Server: Apache

POST
H/1.1 200 olytics Show response
oqs.omeda.com/oqs/rest/ 15 B
307 B 117ms
117ms XHR
application/json 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.165 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

68330f6767efe4ea90f23cb4bb722810d19758395bc24f59c7c893c0d4ae69ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 08 Apr 2021 00:50:04 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

HEAD
H3-Q050 200 gpt.js
www.googletagservices.com/tag/js/ 0
0 41ms
28ms Fetch
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "836 / 67 of 1000 / last-modified: 1617833820"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20280
x-xss-protection: 0
expires: Thu, 08 Apr 2021 00:50:04 GMT

GET
H2 200 pp.js Show response
api-34-220-38-27.b2c.com/s/ 12 KB
5 KB 31ms
21ms Script
text/javascript 2606:4700:20::681a:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-34-220-38-27.b2c.com/s/pp.js
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 865de4cfa5e42ddb0e0c3ddba2ced28a31786a76ed314a8d32d18d40aeff50d3

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 29 Mar 2021 20:22:01 GMT
server: cloudflare
age: 1928
etag: W/"606236e9-2fdc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hWekit%2FDnVlX6W%2F%2BWNYqzXfhLyQGk67Rnbyc7kPHEfM1x9Y1Z50D7QLsvDXxmK51z3QFLV3RBufDvM%2Blewlwa3IcV9Km92qJ9QIUW%2FDGx%2B4e%2Fe4ZVKlU7uey3HPgSOJ8U0gJfM8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 63c77fd9caae3258-FRA
cf-request-id: 09508e3c2000003258bf2a5000000001

GET
H2 200 ad.gif
api-34-220-38-27.b2c.com/api/ 43 B
368 B 368ms
367ms Image
image/gif 2606:4700:20::681a:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-34-220-38-27.b2c.com/api/ad.gif
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:04 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NjCaWjzIl2ECrqA%2B9FyTxCvRc5u7bSHoAC4ZX8RlMFZiPLeWyPrVTwrT%2BKwviq5PoS7phjnpYa9YpGAAU2w8OgYVy4VW7h7U9MP6KBxqgp74aY2JVxKMGoJfZOn0cuETj%2FykpUs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 63c77fda1ad83258-FRA
content-length: 43
cf-request-id: 09508e3c5200003258a7268000000001

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=5968168323394852307&pixelIndex=0&_=1617843004158
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=5968168323394852307&pixelIndex=0&_=1617843004158&google_gid=CAESEGdhSO7zfbUOXzxuZ2baCjs&google_cver=1

0
597 B

103ms
103ms

Script
text/javascript

3.229.100.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=5968168323394852307&pixelIndex=0&_=1617843004158&google_gid=CAESEGdhSO7zfbUOXzxuZ2baCjs&google_cver=1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.100.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-100-58.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 08 Apr 2021 00:50:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=5968168323394852307&pixelIndex=0&_=1617843004158&google_gid=CAESEGdhSO7zfbUOXzxuZ2baCjs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 368
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 423396.gif
idsync.rlcdn.com/ 0
66 B 41ms
25ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=5968168323394852307
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/home/security-news/malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=7021H2676790F4R
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:04 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

4 Show response
v4-api-34-220-38-27.b2c.com/api/
Redirect Chain

https://api-34-220-38-27.b2c.com/api/x?NlOaPr0KhN3h84ay$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vaG9tZS9zZWN1cml0eS1uZXdzL21hbHdhcmUvP3V0bV9zb3VyY2U9bmV3c2xldHRlciZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9jY...
https://v4-api-34-220-38-27.b2c.com:444/api/4?NlOaPr0KhN3h84ay

43 B
441 B

570ms
186ms

XHR
image/gif

34.220.38.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v4-api-34-220-38-27.b2c.com:444/api/4?NlOaPr0KhN3h84ay
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.220.38.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-220-38-27.us-west-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 00:50:05 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: openresty
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: null
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
Expires: -1

Redirect headers

date: Thu, 08 Apr 2021 00:50:05 GMT
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://v4-api-34-220-38-27.b2c.com:444/api/4?NlOaPr0KhN3h84ay
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: https://www.scmagazine.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x1etGn49r5TmumEPfJx1uuMGrjAdmYKQCxkLAYc5ShT9tA0S6Ww%2BX8orqUEqoaTHlGvFqTl0aEpQZW9pGNMab%2B2oJNxp0Zb17pxVbHWaGjLTn8Teq8iKTRL0Gaxir8WbtZbJ6Yg%3D"}],"max_age":604800,"group":"cf-nel"}
access-control-allow-credentials: true
cf-ray: 63c77fdbbeede003-FRA
cf-request-id: 09508e3d570000e0039008a000000001

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 44ms
31ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9157fcba73ee03ecc7c33bdd10f63e86415579b42803172c8658f028ab51d76f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 00:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6597
x-xss-protection: 0

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 84EF 0
182 B 91ms
29ms Document
text/html 52.30.2.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=znpsh7f&ref=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fmalware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7021H2676790F4R&upid=e4qkh98&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.2.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-2-3.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=znpsh7f&ref=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fmalware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7021H2676790F4R&upid=e4qkh98&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.scmagazine.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.scmagazine.com/

Response headers

date: Thu, 08 Apr 2021 00:50:04 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
120 B 6ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=394853163&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fmalware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7021H2676790F4R&ul=en-us&de=UTF-8&dt=Malware%20news%20%26%20analysis%20%7C%20SC%20Media&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fhome%2Fsecurity-news%2Fmalware%2F&el=25%25&ev=25&_u=aGDAAAADQAAAAC~&jid=&gjid=&cid=364570351.1617843004&tid=UA-1290429-10&_gid=395726966.1617843004&gtm=2wg3v0MHZ6C39&z=304097956

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53187
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 08 Apr 2021 00:50:04 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame D3D5 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.scmagazine.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.scmagazine.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 07 Apr 2021 21:31:30 GMT
expires: Thu, 07 Apr 2022 21:31:30 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11914
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 UnhshoEcEp7BUdiAp0L0lVvGOuovhfpkH6FMm_tLZKs.js Show response
pagead2.googlesyndication.com/bg/ Frame D3D5 14 KB
6 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UnhshoEcEp7BUdiAp0L0lVvGOuovhfpkH6FMm_tLZKs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52786c86811c129ec151d880a742f4955bc63aea2f85fa641fa14c9bfb4b64ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 18:15:32 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 23672
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5661
x-xss-protection: 0
expires: Thu, 07 Apr 2022 18:15:32 GMT

POST
H2 200 x
api-34-220-38-27.b2c.com/api/ 0
525 B 380ms
380ms Other
text/plain 2606:4700:20::681a:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-34-220-38-27.b2c.com/api/x?NlOaPr0KhN3h84ay$YWRibG9jayQ0MDgkMA~~
Requested by: Host: api-34-220-38-27.b2c.com
URL: https://api-34-220-38-27.b2c.com/s/pp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 08 Apr 2021 00:50:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
cf-request-id: 09508e3e6600003258d2af7000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ucwGFqe5%2B36h3WkuZDzm2QTV4Qaoib2HiI3MgcrsWhbVq3d%2FgY9PXv7MJO29I%2BsvIWF4FNKwkJRitf%2B633klziI5J4efY4PXjd5YO6cWO1GrsmnpFJDCfRc2BTI7gSD5h99A5OI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 63c77fdd7cd63258-FRA
expires: -1

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 15ms
15ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040101&jk=1883907025428937&bg=!hoWlhcHNAAY56aLOOek7ACkAdvg8WqTDK5PUYfI4S1w611XA9-IzHQpzQFjNuOP1_VLo-pJ3avCFfAIAAABNUgAAAApoAQcKANRoTmq-pZuaO-YwCyVOARbm-t-QtYAvPHruuJ86O_buTJ4-y6TNEXXSqY48ifx04E2_-xrfAjwtfZV-GHgfdPIqIRb-MEunzE_bi6cs_oT0XuQLtfLgJ76W7xwpvGZwzeembMrY8N0U-6IcxP5jjco1GUBIcnp86JPfb9rhEDWFqmXUB4YZ7dVT9IPYJ63XFtdi0a8SPu0q7jP2VK1sgrL7qmTorATNV-XZ503Llg6hqoK26QwDlSQCIITjRgNeCJYaVIRRI5Vs0HA00xc8roeqlTa_JZkB0XpC8FeVfILkqYA3AumzsicnEU-9EinZ5iOxJXHjC31USEXjR4X86JyDdB29SmwvupOdul9_9wu9N2ClrzmzUGVXNI4PAGJ4Y4rFxFUcg0DDiNScCVyQx7F1JKH7WuNeE7EH_y39F1Ah7odkMOMbL1NItf0Rb8FFjoI6Nb3yyFvQeiYd74zseSUQKN9nZJrm2NLPnqkKozPuZ5yoOdfHNraLlDqq4w2-IwsgoCxW0xHItTvKpp-Ar-hRGzusALoGkF7dKLmAHqnXIJU2YycwhitwMl5B_yH56xUkVBn5txWNFxmTvn0V0FtscwJ0NKU_3c-X_pa94CadmTOY_PdvVd3cnzpRwdNZ6jesmOctXDolPiufIhUHrv2_M-UzTBYDCwy5NHmqZgOk0Om9Bbfv9ZNMKrlWuqm2WCi6Vb5swwf_W3IDfy29_b32es_1QTerbhCHHebZqhzBTwKJAImVhpFJxB-VAgsfDRliPJjoV38xqS7L4-OSHQZv1WG6qMUcb7AB24v7N3syFyLMthw8HVAda679mlg7Q8nCMkUVDqi_Xy667a2Rgiw5xO4lei8UpoNhAOBCzBxSsBKE6j_9aCizFkjkmdnQT6vS0y5XtozKiQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 00:50:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK index.php Show response
a.dpmsrv.com/dpmpxl/ 5 B
1 KB 105ms
103ms Script
text/javascript 3.229.100.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=xSeg&v=1.x&ep%5Bids%5D=20986004&cl=1122&pixelIndex=0&r=279391&tzOffset=-120&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fmalware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7021H2676790F4R&id=5968168323394852307&_=1617843004159
Requested by: Host: s.dpmsrv.com
URL: https://s.dpmsrv.com/dpm_00fd4b4549a1094aae926ef62e9dbd3cdcc2e456.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.100.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-100-58.compute-1.amazonaws.com
Software: /
Resource Hash: fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 31
Expires: 0

GET
H/1.1 200
OK seg
ib.adnxs.com/ 43 B
1 KB 15ms
14ms Image
image/gif 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/seg?member=%env(APPNEXUS_ID)&add=20986004

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Apr 2021 00:50:05 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.69:80
AN-X-Request-Uuid: 1c030915-9d9c-4554-9f98-d575911a683d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H/1.1 200 p
olytics.omeda.com/olytics/segments/ Frame 0
0 635ms
107ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://olytics.omeda.com/olytics/segments/p
Protocol: HTTP/1.1
Server: 204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.scmagazine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
vary: Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length: 0
Date: Thu, 08 Apr 2021 00:50:05 GMT
Server: Apache

OPTIONS
H/1.1 200 /
olytics.omeda.com/olytics/segments/form/check/ Frame 0
0 640ms
110ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://olytics.omeda.com/olytics/segments/form/check/
Protocol: HTTP/1.1
Server: 204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.scmagazine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
vary: Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length: 0
Date: Thu, 08 Apr 2021 00:50:05 GMT
Server: Apache

POST
H/1.1 200 p Show response
olytics.omeda.com/olytics/segments/ 20 B
313 B 367ms
367ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/segments/p

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 08 Apr 2021 00:50:05 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

POST
H/1.1 200 / Show response
olytics.omeda.com/olytics/segments/form/check/ 20 B
313 B 159ms
158ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/segments/form/check/

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 08 Apr 2021 00:50:05 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

POST
H/1.1 200 cswitch Show response
olytics.omeda.com/olytics/segments/ 20 B
313 B 113ms
113ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/segments/cswitch

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 08 Apr 2021 00:50:05 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200 cswitch
olytics.omeda.com/olytics/segments/ Frame 0
0 648ms
110ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://olytics.omeda.com/olytics/segments/cswitch
Protocol: HTTP/1.1
Server: 204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.scmagazine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
vary: Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length: 0
Date: Thu, 08 Apr 2021 00:50:05 GMT
Server: Apache

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
777 B 43ms
28ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.scmagazine.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 00:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 42ms
28ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.scmagazine.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 00:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
15 KB 54ms
53ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1883907025428937&correlator=2299353539836068&output=ldjh&impl=fif&eid=31060550%2C31060699%2C31060740%2C31060321%2C31060682%2C44739387&vrg=2021040101&ptt=17&sc=1&sfv=1-0-38&ecs=20210408&iu_parts=21883553441%2CLeaderboard&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x250&prev_scp=pos%3Dleaderboard1&eri=1&cust_params=pagetype%3Dpost%26author%3D%26postID%3D%26env%3Dlive%26sid%3DMalware%26cat%3D%26isnht%3Dfalse&cookie=ID%3D36d26eb868875187-22f408120abb0089%3AT%3D1617843004%3AS%3DALNI_MatijY3qnb_Hq2vyj0p69n-r151Mw&bc=31&abxe=1&lmt=1617843005&dt=1617843005843&dlt=1617843003134&idt=872&frm=20&biw=1600&bih=1200&oid=3&adxs=216&adys=197&adks=490734277&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fmalware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7021H2676790F4R&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1200x106&msz=1168x90&psts=AGkb-H-7m_3WbeiEGKLggXmCoBvcTxulUzJ62MAHerxXJIzYcMNdbvoALm_PrVKdAmNOiJjBC8NEEMDv9q9ECeA%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=364570351.1617843004&ga_sid=1617843004&ga_hid=394853163&ga_fc=false&fws=4&ohw=1600&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

7c7c20cc79b1f1345358992d48d63d8472e531741ce03d2cd67e4bed90677b11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15683
x-xss-protection: 0
google-lineitem-id: 5659431821
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138345668404
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 15E5 0
0 65ms
42ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv2cfXJnSF3P7qbNL7fL9WBIKW-TAMKpd3oRSWJXO0OrTw8i6ria9BS0IZN9VQVI0RN7YU_paLOxM5hcgbraglBvxKQiQr81nzPqJwf-zv0fR_9O2XJBYg8MAST2XbAqzEi719xbGpHtiLX0GRb4fzrB6uyHsrS4ZexRAer3k5bH4ao2tLyHAHhJoJvTvn4q8SWV1RdJXhxjitk_w5x9Gst3cCRPExdgKY2nl9WoswpgdLcqTLAA0_cxMFRzmKm7ajXoDuS7xnL0gdSky955uYaMYsLuRsRVapYKbZ7gU2akjnzVfB0KhZlLMd7INovzL1-JT6Q9-R8Vnx7vBM5XIFWDhkPRmT1SMvp0sOPg-IFxIMtMxHhvDkf8b4WcQ&sig=Cg0ArKJSzILF50N6QOGNEAE&urlfix=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 00:50:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 15E5 111 KB
39 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.scmagazine.com
Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 06:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64634
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Apr 2021 06:52:51 GMT

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 15E5 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:28:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1267
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Apr 2022 00:28:58 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 15E5 118 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617795240117122"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Thu, 08 Apr 2021 00:50:05 GMT

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5BC0 22 KB
8 KB 8ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.scmagazine.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.scmagazine.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 05 Apr 2021 17:24:05 GMT
expires: Tue, 05 Apr 2022 17:24:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 199560
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 15E5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bcf1d211cf794d5cb41cbdd04a5c01f4f970b358ebef3cc12d2de1813cc7790

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 cybersecurity_is_about_to_change_728x90.html Show response
s0.2mdn.net/9460942/1616700290472/cybersecurity_is_about_to_change_728x90/ Frame 1041 6 KB
3 KB 34ms
20ms Document
text/html 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9460942/1616700290472/cybersecurity_is_about_to_change_728x90/cybersecurity_is_about_to_change_728x90.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46a85739550a9735bf515eef50a1dbef7ac7c34fd9921e24b59e0d9ad2c9b8d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9460942/1616700290472/cybersecurity_is_about_to_change_728x90/cybersecurity_is_about_to_change_728x90.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.scmagazine.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.scmagazine.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2345
date: Wed, 07 Apr 2021 18:40:54 GMT
expires: Thu, 08 Apr 2021 18:40:54 GMT
last-modified: Thu, 25 Mar 2021 19:24:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=86400
age: 22152
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Show response
pagead2.googlesyndication.com/bg/ Frame 5BC0 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 17:21:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 26906
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
expires: Thu, 07 Apr 2022 17:21:39 GMT

GET
H3-Q050 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 1041 236 KB
63 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9460942/1616700290472/cybersecurity_is_about_to_change_728x90/cybersecurity_is_about_to_change_728x90.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9460942/1616700290472/cybersecurity_is_about_to_change_728x90/cybersecurity_is_about_to_change_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Apr 2021 00:50:06 GMT

GET
H3-Q050 200 cybersecurity_is_about_to_change_728x90.js Show response
s0.2mdn.net/9460942/1616700290472/cybersecurity_is_about_to_change_728x90/ Frame 1041 48 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9460942/1616700290472/cybersecurity_is_about_to_change_728x90/cybersecurity_is_about_to_change_728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9460942/1616700290472/cybersecurity_is_about_to_change_728x90/cybersecurity_is_about_to_change_728x90.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f428c70f9c44b85e588dfda4010ed32d334147bc386829f3f5579f31c6b05008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9460942/1616700290472/cybersecurity_is_about_to_change_728x90/cybersecurity_is_about_to_change_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 18:40:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22152
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10182
x-xss-protection: 0
last-modified: Thu, 25 Mar 2021 19:24:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 08 Apr 2021 18:40:54 GMT

GET
H3-Q050 200 _970x250_horizon.jpg
s0.2mdn.net/9460942/1616700290472/cybersecurity_is_about_to_change_728x90/assets/ Frame 1041 12 KB
12 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9460942/1616700290472/cybersecurity_is_about_to_change_728x90/assets/_970x250_horizon.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b15218ef9e68883307bed0063b67e01b424962de9a7114b90fb1d480a2f4255b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9460942/1616700290472/cybersecurity_is_about_to_change_728x90/cybersecurity_is_about_to_change_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 18:40:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 19:24:50 GMT
server: sffe
age: 22152
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12716
x-xss-protection: 0
expires: Thu, 08 Apr 2021 18:40:54 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 15E5 0
0 363ms
41ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstk8amILwv7N9NwAbH1kmmD5G1qg_LO1hF--2TLUiqDUVNoTKscMstX3nqxJkxt-cWJDdMcFhODniNFsrx95cfuTMh72OqrgHCPlKpADDFSb_iY4wDPpQIyNZ3ZplqaMocWeeRXK2yeXAArXDY0epwDKqBOSE2RcuDGF6sunHrE-E_nvLnA7BcNdEJHupVCdaoFyAD7uMAuiAY0hRCNO7vleGYuAM_exMATY_x5P2VuP7aUX47PWeKWhwhosK_Kt3hC_8AxTIQqdcIacuAEW8FlytRDAc3kRdxfuN2Qnb-B-WhfdMYRzoT4&sig=Cg0ArKJSzPlafQcE5AhWEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 00:50:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 08 Apr 2021 00:50:06 GMT

GET
H3-Q050 200 ball01.png
s0.2mdn.net/9460942/1616700290472/cybersecurity_is_about_to_change_728x90/assets/ Frame 1041 16 KB
16 KB 7ms
6ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9460942/1616700290472/cybersecurity_is_about_to_change_728x90/assets/ball01.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37a94a798a2b1dd81880e62d5a8d8dd4a6a2b694323e2cf6a81fab22bd4f1d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9460942/1616700290472/cybersecurity_is_about_to_change_728x90/cybersecurity_is_about_to_change_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 18:40:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 19:24:50 GMT
server: sffe
age: 22152
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16833
x-xss-protection: 0
expires: Thu, 08 Apr 2021 18:40:54 GMT

GET
H3-Q050 200 moving_data_close_970x250.jpg
s0.2mdn.net/9460942/1616700290472/cybersecurity_is_about_to_change_728x90/assets/ Frame 1041 47 KB
47 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9460942/1616700290472/cybersecurity_is_about_to_change_728x90/assets/moving_data_close_970x250.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5a07e9d9c61a69066b6b44eca0f6065be24a01c4fcf5b2e4cfe3b765374cbb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9460942/1616700290472/cybersecurity_is_about_to_change_728x90/cybersecurity_is_about_to_change_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 18:40:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 19:24:50 GMT
server: sffe
age: 22152
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47691
x-xss-protection: 0
expires: Thu, 08 Apr 2021 18:40:54 GMT

GET
H3-Q050 200 moving_data_far_970_250.png
s0.2mdn.net/9460942/1616700290472/cybersecurity_is_about_to_change_728x90/assets/ Frame 1041 31 KB
31 KB 7ms
6ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9460942/1616700290472/cybersecurity_is_about_to_change_728x90/assets/moving_data_far_970_250.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44706afe2dbf4f8da1171944b2379c8ef21f43e5fab0f95e7442afd6aa50a95b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9460942/1616700290472/cybersecurity_is_about_to_change_728x90/cybersecurity_is_about_to_change_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 18:40:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 19:24:50 GMT
server: sffe
age: 22152
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31856
x-xss-protection: 0
expires: Thu, 08 Apr 2021 18:40:54 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5BC0 0
46 B 15ms
14ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeFwtPVNuYIPuNMSE7gPR2L24CAAAAAA4AeAEAg&bg=!YmGlYSXNAAY56aLOOek7ACkAdvg8Wi2-07525bH4yWTda4BDvzHQ-NVgnfy8BrnEc9yA8iFhRxzLCQIAAABaUgAAAAloAQcKAPKd-tLirqp6JcvdpXtWl5GGUrabYGjTs8ZvADONfB7sd67cMA9qz-Y3H07qBMnHhMrPVJktMDw7P-xiafsl2zLOUtRV66qDjYn4lnDKy2GNGQB1kc_Wy0txgaZz72Gr6EwyluOJWFnSdTzGabC5se0LIMmaiT16Joh-D-O0Ahw4qefJAvR5cbECeA0CqeYmK3mGaFBXBPtpIWYL7zmD-Df3r7ilY-cFxzdbpK8MUba09llotp5pFN_hGAJ_wy2kYddpmTW3qh43bwJMbdO8-QFg_XmEDOB13MtDiOuT7w7iJtLFgAiZklXDF24lc0CLxNCAdZkCRKH5zhmC0RH9Wxk6TZtlKjLpHmrHfhtzNHUfESlA5cH-v-zsZzVirHaC43Xp3FjLf1_xAwaycfBpQNpAW-w4PSCjbq9bnyuKxe-L-fmpFhVpzYGUhK7F0y35pVscIYgnDf0jprst94iJ1biItfXvULSeqfY0wnUYPIF0YF7OBO5fYu23srL6Xp0QKf_HKI6xsS94F2UHBoOHxuX9HcFRUln-GVuYN4n1Dl68HPW9GE-ulhdcEwjn1-X_5EjG13ktF7QgKABCdmPfvu0rtiChUWhle0O3sfI9Rr8qe9A1UomlAXPhJWJyY6Q1A6SvivaDJVO-iehccC9aL3tihVt772JJtOWR-G0_l4PEfwLRokUJi9001Y-nQvdkU9jUB1xXenjQWSpLgdoflB0V911cLiLCWWuuAWN8NPil8ksIvXotWFkC2JoSXwrxcbnSv6H2_mK0hO12ylMOE9cJPMn9Wc6vXl0ybWTzVpTh0vhrPvOoZ6SI6GzLTEH4bprR1vXS3sIE3dk7WjOkA7uTIWEF3l9hDs1B_rbisVo3K9FCgIPB3VvBsGfPILhjPSqdKn48cCWTf19YmJytFgkhKvfS1OPcWYADY26UoWb88xBGNrip4yDxe5AUmoNR473Le27H8ZcenYajPjuyXIkpU4QaoKOGq5C9F1Cr86FlGfry0EYs1p1-EkIpHqA3Kcf4f7-zHIZlTN-THgNthQWxXIH703-GOMHNMaR9ZBDaiMCUpWMz83r2xct3sKgAG1WqX7IOeKzebSA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 00:50:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
146 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.scmagazine.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 00:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
146 B 16ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.scmagazine.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 00:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
13 KB 53ms
53ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1883907025428937&correlator=2299353539836068&output=ldjh&impl=fif&eid=31060550%2C31060699%2C31060740%2C31060321%2C31060682%2C44739387&vrg=2021040101&ptt=17&sc=1&sfv=1-0-38&ecs=20210408&iu_parts=21883553441%2CLeaderboard&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x250&prev_scp=pos%3Dleaderboard2%26lid%3D5659431821&eri=1&cust_params=pagetype%3Dpost%26author%3D%26postID%3D%26env%3Dlive%26sid%3DMalware%26cat%3D%26isnht%3Dfalse&cookie=ID%3D36d26eb868875187%3AT%3D1617843004%3AS%3DALNI_Mb4VlRRRxrSwNZDUYAJ3-Y3Bq5Q5w&bc=31&abxe=1&lmt=1617843006&dt=1617843006925&dlt=1617843003134&idt=872&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=2763&adks=2588316086&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fmalware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7021H2676790F4R&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x2550&msz=1600x90&psts=AGkb-H_sjcoioRBXUCbj1ynxzNPB-h3ItXpbTVCFaxGyv76A1Ymqdn75nNZAJDGewzdSRcIDBEcoRoNv71jeNU0%2CAGkb-H-7m_3WbeiEGKLggXmCoBvcTxulUzJ62MAHerxXJIzYcMNdbvoALm_PrVKdAmNOiJjBC8NEEMDv9q9ECeA%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=364570351.1617843004&ga_sid=1617843004&ga_hid=394853163&ga_fc=false&fws=4&ohw=1600&btvi=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

5fb134dba4e4cae50cd19014a0a82fca99e35d0cfcedbbf791dbcd4e78bb95eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13002
x-xss-protection: 0
google-lineitem-id: 5639645984
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138342325314
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1CBB 0
0 42ms
41ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6YDtg3vW-Fv7vJRp3NgEOdEc1kPrTiyoC8eQRMTe4xdOYvGhQHBd0XgMM59y1ryJnHiDbe02VKxuSqxltjWKRh4QJlC8BSpeBBoM-WesE1pdMJbGANbGj5Q-LPaZupxuF2CLxexHOAitm2nP6OLVR4TuGxTV5DKwXIDiqdu1VtIX4XrKyqi8vDhuoWeRO0-AoQT75hcINngLdIJIyXkrdUynsqLLK5sU0-Cxg6yxz3CHgDECyDkf62fV3EmwFxSXh91QSfEBlKxObveMKbm0QiPvpaRV6hpiHO4-1tvF2Nohl&sig=Cg0ArKJSzF_qoYxTDTPJEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 00:50:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame 1CBB 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:17:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 17914786394753848863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Apr 2021 00:17:51 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 1CBB 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Apr 2021 00:36:41 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1CBB 118 KB
36 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617795240117122"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Thu, 08 Apr 2021 00:50:07 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 1CBB 0
0 43ms
27ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3aRIwEjozL4uDrxpvP2U39lcY183osGjlPrsPH5SoYD5StVVKA45LLh9L1q7K9Yp2wu7q
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 145082772911611829
tpc.googlesyndication.com/simgad/ Frame 1CBB 41 KB
41 KB 8ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/145082772911611829

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c33af80285d91a8e4208a1c273b2f0dc387726f992a06b02d597a73f7a7a18a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 14:11:59 GMT
x-content-type-options: nosniff
age: 470287
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42075
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 22:50:46 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Apr 2022 14:11:59 GMT

GET
DATA 200
OK truncated
/ Frame 1CBB 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90f3c1071d01fb1f0089882de820cd3f5b8ff390b2dbc4073529661ce4537700

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1CBB 0
0 1936ms
1935ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPVclbIhtyS9dARosY_oK_La9oVNaFyDej8QqPYCreyBVPAjVaJgjYqqILdSvnVYnSx3YpP4L4FZDoMr8XlS7a47aZoFt9-GnzGfGVa69DJxlZ3LyfRZhTEvb_EN1Zt7rjgFjEhJar-xlHePiGVqlEnCVRpJQt_LgzPRenI7gUmOeTXorKAx9JWMuuZ4krxBL4KCI3vajeoeRvmlkyQcVDXZs4wEiLmpuwLdL9wm-1MnbA_oImwWkQBXIUhGdWLWarhk7LbZf8j7oHfbq1T1EqGHuMg1pxsut25PmwCASGIArC7Fg&sig=Cg0ArKJSzDGM1Rl_LMLDEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 00:50:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 08 Apr 2021 00:50:07 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 15E5 42 B
155 B 14ms
13ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqsuhNZTKK8nUXWNpvk7XQCTAHa9oJMFFft2rtNaasPCDsm1mstAdg3YQYcY-zmy7F_ME96nc1eEra_01NgDtuyWmE02umO5moMfHCYv3aFeWEXs9p039ItbTtJwJc21FcYveF58X9yF0AKEaZGCkxxNDaECrsr3UU-hswD341&sig=Cg0ArKJSzJFvbXRhUQ8iEAE&id=osdim&mcvt=1000&p=197,436,287,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210407&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=490734277&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1617843005912&dlt=0&rpt=58&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 00:50:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.scmagazine.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 00:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.scmagazine.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 00:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
16 KB 60ms
59ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1883907025428937&correlator=2299353539836068&output=ldjh&impl=fif&eid=31060550%2C31060699%2C31060740%2C31060321%2C31060682%2C44739387&vrg=2021040101&ptt=17&sc=1&sfv=1-0-38&ecs=20210408&iu_parts=21883553441%2CBox&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600%7C300x1050&prev_scp=pos%3Dbox1%26lid%3D5659431821%2C5639645984&eri=1&cust_params=pagetype%3Dpost%26author%3D%26postID%3D%26env%3Dlive%26sid%3DMalware%26cat%3D%26isnht%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1617843008&dt=1617843008000&dlt=1617843003134&idt=872&frm=20&biw=1600&bih=1200&oid=3&adxs=1084&adys=430&adks=404078304&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fmalware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7021H2676790F4R&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H_sjcoioRBXUCbj1ynxzNPB-h3ItXpbTVCFaxGyv76A1Ymqdn75nNZAJDGewzdSRcIDBEcoRoNv71jeNU0%2CAGkb-H84YCdB-LerbpBtYwurPynOZAKF0NMpn5s5TK3r-vdAKjZjpNPTZ9x3Vi_ySGZZBUJRkpIc4Ck3zfRmRo8%2CAGkb-H-7m_3WbeiEGKLggXmCoBvcTxulUzJ62MAHerxXJIzYcMNdbvoALm_PrVKdAmNOiJjBC8NEEMDv9q9ECeA%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=364570351.1617843004&ga_sid=1617843004&ga_hid=394853163&ga_fc=false&fws=4&ohw=1600&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

c5cc2e992e4dd4246298ffb76467bc1f472fd51b84520b0511ee9039acccd462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16072
x-xss-protection: 0
google-lineitem-id: 5659431821
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138345667615
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 374B 0
0 42ms
42ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvp2BRC0h8UgZlHrsvg0qECbtKheP1T5nt72y_ykerEG9hUWlxPG7forSWdAGW9XlTAKSYedc7rLU7wWcSvcWgd74QPJA5HRW--vEgycodgXC4nmdINFgmUlPu-JDCwpDUGFvgkzH7p7DjNDtO4orYlLA_GteUoBMYob8D6eFYlbAxVddil-vv0wpib5iEcJFLsYCnaSMmbc3wPbDgx9l5oKcms-5ud941LJaefAwJmHJIgLZHrv3gF6Gnr-465R6hhchSSXYJ0zMdzphLtHtw-zZXLHS49YA-9ZCrkFKz7vQpbQ1e2pek6vXjznRGdud_KYy5bFUBIwPUnTld7HTOp1a-zJMC5Al0naA&sai=AMfl-YTjFaUn8EgE02w4EX8X_gGLXHMkvFVMJGRcj1GU4pRdjfsREy2TayTi846z5dn7cVPQ0xlD7vzdTyWC8q3AxsiVNOYDPfZbFUmwPvuDZNFuepBR0UJy7xhTsfD9bbI&sig=Cg0ArKJSzKHKagAelV3GEAE&urlfix=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 00:50:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 08 Apr 2021 00:50:08 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 374B 111 KB
38 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.scmagazine.com
Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 06:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64637
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Apr 2021 06:52:51 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 374B 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:28:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1270
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Apr 2022 00:28:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 374B 118 KB
36 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617795240117122"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Thu, 08 Apr 2021 00:50:08 GMT

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EFFE 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.scmagazine.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.scmagazine.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 05 Apr 2021 17:24:05 GMT
expires: Tue, 05 Apr 2022 17:24:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 199563
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 cybersecurity_is_about_to_change_300x250.html Show response
s0.2mdn.net/9460942/1616700272229/cybersecurity_is_about_to_change_300x250/ Frame FED1 6 KB
2 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9460942/1616700272229/cybersecurity_is_about_to_change_300x250/cybersecurity_is_about_to_change_300x250.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6747381b1764cecaa3d765959ad3fd43eba3610339c6879f74f58be067d75862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9460942/1616700272229/cybersecurity_is_about_to_change_300x250/cybersecurity_is_about_to_change_300x250.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.scmagazine.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.scmagazine.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2348
date: Wed, 07 Apr 2021 05:03:19 GMT
expires: Thu, 08 Apr 2021 05:03:19 GMT
last-modified: Thu, 25 Mar 2021 19:24:32 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 71209
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 374B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7f5a2237378e5eaf84868d9c942e436f597f1c048febc6b6f408b7a58f75e98

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Show response
pagead2.googlesyndication.com/bg/ Frame EFFE 14 KB
6 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 17:21:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 26909
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
expires: Thu, 07 Apr 2022 17:21:39 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 374B 0
0 848ms
847ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstE_DmVIuZOAfVpLTiY2uaOQ_yr8FyNziuBPE70G3_vYi364vJJb1mRSNwXz8BuBk3yeezYuLllnTUFsAQoDmX3mXBVEzKBYNrxF7zsEsBCO6PwMvkb9xhvzh6p7ijWg3XYZA0YCCaQ5OFz76luenGvVrKsCpUwFzWgDaCB-2WsbEsBfrXLZoQdoa_3SsFwLnfj9c2zzOcYf7I8NWzxph5G06EpNNUSStZJW0Jj1f4ua6qDCKoxKQ3zAEY-2NCu2Ne-PIbGVcAnTeTGyQztuUV86aPdz2ZIRuNCAFSr3rOT3KF_kdM&sai=AMfl-YQ60OTaLbCpTjdp0T5amFzGXBS7nVjHUXlt5ZeNLjgds-3K2E2l8cSMlILwqUVhkkQ-dHZ_cjA8YwDsgTSUnlLiXHtyGeKdtJEL_4kwH5wFBCYl25ARMjdMxxvplwg&sig=Cg0ArKJSzDQXTYAHoHUZEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 00:50:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 08 Apr 2021 00:50:08 GMT

GET
H3-Q050 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame FED1 236 KB
63 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9460942/1616700272229/cybersecurity_is_about_to_change_300x250/cybersecurity_is_about_to_change_300x250.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9460942/1616700272229/cybersecurity_is_about_to_change_300x250/cybersecurity_is_about_to_change_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Apr 2021 00:50:08 GMT

GET
H3-Q050 200 cybersecurity_is_about_to_change_300x250.js Show response
s0.2mdn.net/9460942/1616700272229/cybersecurity_is_about_to_change_300x250/ Frame FED1 44 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9460942/1616700272229/cybersecurity_is_about_to_change_300x250/cybersecurity_is_about_to_change_300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9460942/1616700272229/cybersecurity_is_about_to_change_300x250/cybersecurity_is_about_to_change_300x250.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f32d851a5b7b53cc0a1aa6ab7370cb2a2410cef2c684975c2f455afe41b95958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9460942/1616700272229/cybersecurity_is_about_to_change_300x250/cybersecurity_is_about_to_change_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 05:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71209
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10765
x-xss-protection: 0
last-modified: Thu, 25 Mar 2021 19:24:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 08 Apr 2021 05:03:19 GMT

GET
H3-Q050 200 _350x250_horizon.jpg
s0.2mdn.net/9460942/1616700272229/cybersecurity_is_about_to_change_300x250/assets/ Frame FED1 8 KB
8 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9460942/1616700272229/cybersecurity_is_about_to_change_300x250/assets/_350x250_horizon.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

191da7c8621f7098166f2c273ea4012dcb0457f1272726053250a921fa1a4b91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9460942/1616700272229/cybersecurity_is_about_to_change_300x250/cybersecurity_is_about_to_change_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 05:03:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 19:24:32 GMT
server: sffe
age: 71209
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8215
x-xss-protection: 0
expires: Thu, 08 Apr 2021 05:03:19 GMT

GET
H3-Q050 200 ball01.png
s0.2mdn.net/9460942/1616700272229/cybersecurity_is_about_to_change_300x250/assets/ Frame FED1 16 KB
16 KB 6ms
6ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9460942/1616700272229/cybersecurity_is_about_to_change_300x250/assets/ball01.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37a94a798a2b1dd81880e62d5a8d8dd4a6a2b694323e2cf6a81fab22bd4f1d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9460942/1616700272229/cybersecurity_is_about_to_change_300x250/cybersecurity_is_about_to_change_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 05:03:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 19:24:32 GMT
server: sffe
age: 71209
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16833
x-xss-protection: 0
expires: Thu, 08 Apr 2021 05:03:19 GMT

GET
H3-Q050 200 moving_data_close.jpg
s0.2mdn.net/9460942/1616700272229/cybersecurity_is_about_to_change_300x250/assets/ Frame FED1 20 KB
20 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9460942/1616700272229/cybersecurity_is_about_to_change_300x250/assets/moving_data_close.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6159cbe42fa1b0f45ec2a127447ba9c6fe2d257598f036a953129489d087bea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9460942/1616700272229/cybersecurity_is_about_to_change_300x250/cybersecurity_is_about_to_change_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 05:03:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 19:24:33 GMT
server: sffe
age: 71209
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20120
x-xss-protection: 0
expires: Thu, 08 Apr 2021 05:03:19 GMT

GET
H3-Q050 200 moving_data_far.png
s0.2mdn.net/9460942/1616700272229/cybersecurity_is_about_to_change_300x250/assets/ Frame FED1 8 KB
8 KB 6ms
6ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9460942/1616700272229/cybersecurity_is_about_to_change_300x250/assets/moving_data_far.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbfa21ad70a272eba0af55ed98a6cbfe77d64d776db15923d9cd657c575b08b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9460942/1616700272229/cybersecurity_is_about_to_change_300x250/cybersecurity_is_about_to_change_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 05:03:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 19:24:32 GMT
server: sffe
age: 71209
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7680
x-xss-protection: 0
expires: Thu, 08 Apr 2021 05:03:19 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EFFE 0
46 B 16ms
15ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGv9cQFNuYPSqAZaq7gPfhIb4DgAAAAA4AeAEAg&bg=!mpmlmd3NAAY56aLOOek7ACkAdvg8WlgsFg_-jxKDY4z-9QxaenPa9rQMF8YZiF7thYXCQznv6ztN0gIAAABZUgAAAAtoAQcKAPHWrrjREc4WxKidfmKvcS7eljh-CNGOeAD9YTRdN_iGvMlPDoauqAHUrBISLbCMsjXJMWR6xBcRnczVhe_RgJ0PLN0_ryY5-PHnxtu_wBb1b8ynGMrJpR-kF6P5glsFFLT8xMCIgsayZAVhqukt-PnBqrsUHmJTwAH2ws6OQsyePe_25Da4ygeP1OkZTShQwKm1L5YTALdB9jegIT6QAz8C2O5Fsjnlv8hSddib8E9gKHcTWvNj-gp2Cah-CXigzlYyz_BCgMN67Bva_IhAgipj8Qqs79UJQfPnzY1f6qCpTAiRjImRl-3OYxDd0jijh_ulmQJMJ2tLS_q2KB3tAO9t6mdudu6TfpU9w9NTJufVYtFj6Wvb4P_m5Gwx5Zixr5HvSapZBDLZ3pkIes1veslJZKGuIEuJFnA2Kde7W0NoIN-gu0_-_zVoF5QIfqjHc_tPQByYfE377C-xiuPLsx3rNf3u3ppdL0028iSC7eBlhyCaFxy1foB0GjTuoU6bC9oeH6y0TE03-2TSK2AckSevBc7B_gWeXOE1XRDsZPCgHOIO6XNLaU7iSChVFVwOeE0l7522oiOv1vK2Ka-XzKKtzRlAu3MeVv9WsKGjk2_qENuJh1zBHbq9cRoMGxUdW2txxIU0BFzPMm-nRneAa7x1pxukLNLB-_TpPPW7n3R4-PQocfKfNVxiP1o2-lgHZ5dm0n5I9S2YY3JOHXR8iStUTHeNbzZ-wr63TFwXCfGTT8cSjvoqli3GQZX76QGsp-zlmpe7kq8rtK9ndHv2h3l1iFmMX80lrsIyIuxHRn2vi4WRmGdM2y2E5yJUhG2acjXwHghDLAzpzFafLuh6mnZnB2UN7NWU6xdNbGP-NUsiDzLzHvy_syh68joAtjTNw0A6dl7zvBfYq4FeCo99YXoT2044pCTNC9qqMGzSCjxJDTQfDgCgL3yNxhojqZ228SRLo3YGx9Sz93pYzjyhv4q3yVZ2KtsJfRjgeLg9Qmo-pa_3W-wjPqJGsj1gE9To9WJA9aVSrbZj-CAsZ4aICw0GkPR032cgKsBAxulZo12kfJoqIXYpA1etD_ZqkEIv8szrEKtA21FAsOFE7xM3oAj8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 00:50:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
146 B 14ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.scmagazine.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 00:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
146 B 14ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.scmagazine.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 00:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
15 KB 58ms
57ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1883907025428937&correlator=2299353539836068&output=ldjh&impl=fif&eid=31060550%2C31060699%2C31060740%2C31060321%2C31060682%2C44739387&vrg=2021040101&ptt=17&sc=1&sfv=1-0-38&ecs=20210408&iu_parts=21883553441%2CBox&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=pos%3Dbox2%26lid%3D5659431821%2C5639645984&eri=1&cust_params=pagetype%3Dpost%26author%3D%26postID%3D%26env%3Dlive%26sid%3DMalware%26cat%3D%26isnht%3Dfalse&cookie=ID%3D19d2f4141bcd51c4-22a636e90abb0066%3AT%3D1617843008%3AS%3DALNI_MaPFr1T8yMtnOtiJu6-ECuRwC-rqQ&bc=31&abxe=1&lmt=1617843009&dt=1617843009094&dlt=1617843003134&idt=872&frm=20&biw=1600&bih=1200&oid=3&adxs=1084&adys=1385&adks=1942618859&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fmalware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7021H2676790F4R&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x283&msz=300x250&psts=AGkb-H_sjcoioRBXUCbj1ynxzNPB-h3ItXpbTVCFaxGyv76A1Ymqdn75nNZAJDGewzdSRcIDBEcoRoNv71jeNU0%2CAGkb-H84YCdB-LerbpBtYwurPynOZAKF0NMpn5s5TK3r-vdAKjZjpNPTZ9x3Vi_ySGZZBUJRkpIc4Ck3zfRmRo8%2CAGkb-H-7m_3WbeiEGKLggXmCoBvcTxulUzJ62MAHerxXJIzYcMNdbvoALm_PrVKdAmNOiJjBC8NEEMDv9q9ECeA%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9H2anAo7RPUy1Bl0wGlLyNLmgGB8pifx6QcEMw8kSAAGkCA1-RtOVzjVza0PtwtMu3a9LRnp1sjEzXPL4&ga_vid=364570351.1617843004&ga_sid=1617843004&ga_hid=394853163&ga_fc=false&fws=4&ohw=1600&btvi=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

61acb0d6f118b89cae0d7c95bc39f813b7ea91fd9ce406096ce03d6f8072ecec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15710
x-xss-protection: 0
google-lineitem-id: 5659431821
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138345668497
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 374B 42 B
89 B 14ms
13ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgXf_VCOsdhtqnvxPiXV7wiOGIWpzimSqlDj8S-irP3tO6ymg-or3pC80kLl28tcxMs0uh_wwTOlHJHqPZPgHHg5lY_qfqfYyFRdeURGSn_kq1xH5HoE3aXMBFyNwEyz5KydkY_ajKFW0zNlYG9w2lUL_cRe659Kk&sig=Cg0ArKJSzEUuK2Y44SsfEAE&id=osdim&mcvt=1000&p=430,1084,680,1384&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210407&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=404078304&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1617843008077&dlt=0&rpt=44&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 00:50:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame 816B 0
0 70ms
56ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsspI-bx8aDH0IQUWTO_Mkox6_vbhzG65HiYHthY4BEYl_gm_mjoKoNzzam6jgUiEyhqVtlr4d-yLGuCzhCXeZGSiKc76eaaqYkTz4-jNIgYRcRWZPyax6xIJgLcZX59nyrot0OMLqV81J1weWr5hIxgV0Bb-NG12IQwqISPsie0l4qdTO_2BjNRBqwyq3L9EkG0nof8Yf9N53y4l8yTc3HS_S1XTKWniGKfwrGqRh2DRj80hAYI5Mo1b7NpvRmJCLVbfTv667QPsC8opjSuxYM61sBS0D57WeMrktT-PkrLItlw5CLuAIChDe3BwdXe5d_bkEswxol5212Rc1lL4vwPNg0MpntnR6ipWNI93Qis6LI5IPe0BY_R&sig=Cg0ArKJSzFL_8pwOPBM1EAE&urlfix=1&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 00:50:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 816B 111 KB
39 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.scmagazine.com
Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 06:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64638
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Apr 2021 06:52:51 GMT

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 816B 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:28:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1271
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Apr 2022 00:28:58 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 816B 118 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617795240117122"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Thu, 08 Apr 2021 00:50:09 GMT

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FD0B 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.scmagazine.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.scmagazine.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 05 Apr 2021 17:24:05 GMT
expires: Tue, 05 Apr 2022 17:24:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 199564
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 816B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66e827da78e286fa17fb3c1aa6ac62e6b6789276efda5f73a451924365d24257

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 cybersecurity_is_about_to_change_300x600.html Show response
s0.2mdn.net/9460942/1616700282237/cybersecurity_is_about_to_change_300x600/ Frame 2B72 6 KB
2 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9460942/1616700282237/cybersecurity_is_about_to_change_300x600/cybersecurity_is_about_to_change_300x600.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8c623af847b4ff995381e96fa2216a93bc86d0a51060630e4ffe39ba4833567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9460942/1616700282237/cybersecurity_is_about_to_change_300x600/cybersecurity_is_about_to_change_300x600.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.scmagazine.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.scmagazine.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2346
date: Wed, 07 Apr 2021 21:56:37 GMT
expires: Thu, 08 Apr 2021 21:56:37 GMT
last-modified: Thu, 25 Mar 2021 19:24:42 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=86400
age: 10412
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Show response
pagead2.googlesyndication.com/bg/ Frame FD0B 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 17:21:39 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 26910
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
expires: Thu, 07 Apr 2022 17:21:39 GMT

GET
H3-Q050 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2B72 236 KB
63 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9460942/1616700282237/cybersecurity_is_about_to_change_300x600/cybersecurity_is_about_to_change_300x600.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9460942/1616700282237/cybersecurity_is_about_to_change_300x600/cybersecurity_is_about_to_change_300x600.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 00:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Apr 2021 00:50:09 GMT

GET
H3-Q050 200 cybersecurity_is_about_to_change_300x600.js Show response
s0.2mdn.net/9460942/1616700282237/cybersecurity_is_about_to_change_300x600/ Frame 2B72 44 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9460942/1616700282237/cybersecurity_is_about_to_change_300x600/cybersecurity_is_about_to_change_300x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9460942/1616700282237/cybersecurity_is_about_to_change_300x600/cybersecurity_is_about_to_change_300x600.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44c841912146563db4efd4e2632638fff0abf9f0bb17d0892fc87d3d03bac509

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9460942/1616700282237/cybersecurity_is_about_to_change_300x600/cybersecurity_is_about_to_change_300x600.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 21:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10411
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10813
x-xss-protection: 0
last-modified: Thu, 25 Mar 2021 19:24:42 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 08 Apr 2021 21:56:38 GMT

GET
H3-Q050 200 _350x250_horizon.jpg
s0.2mdn.net/9460942/1616700282237/cybersecurity_is_about_to_change_300x600/assets/ Frame 2B72 8 KB
8 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9460942/1616700282237/cybersecurity_is_about_to_change_300x600/assets/_350x250_horizon.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

191da7c8621f7098166f2c273ea4012dcb0457f1272726053250a921fa1a4b91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9460942/1616700282237/cybersecurity_is_about_to_change_300x600/cybersecurity_is_about_to_change_300x600.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 21:56:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 19:24:42 GMT
server: sffe
age: 10411
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8215
x-xss-protection: 0
expires: Thu, 08 Apr 2021 21:56:38 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 816B 0
0 79ms
78ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6uUp7wGVL3zw-gn-xSUkknFaLi7QkL0eZC97tIJuU9XPpmN4KV_DJcBZ7MsecdCajADsdcYWU645R0Xmvl4WUbAZzj0D3POQGDdH2TtNX-m39wVcZh8WPV4vOMnYKHvov1chYEenR_2jVHlRUcTPC1l4_gZFbfBcmXhVd1EXVzzxpdIrERjJecbqu_LKKDb1amMYqW_Q8rx_f_zRTl7R5EWthwzEXMAR7yaQu405Qxse5Oo_s0THr4f5xp0eG4mGHnjT3T65tdgEg4rherRdz1yU_0ZQgQlo6nTRZh1m9Kpaqr4c&sig=Cg0ArKJSzPd3y8vHMCj6EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Apr 2021 00:50:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 08 Apr 2021 00:50:09 GMT

GET
H3-Q050 200 ball01.png
s0.2mdn.net/9460942/1616700282237/cybersecurity_is_about_to_change_300x600/assets/ Frame 2B72 16 KB
17 KB 7ms
6ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9460942/1616700282237/cybersecurity_is_about_to_change_300x600/assets/ball01.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37a94a798a2b1dd81880e62d5a8d8dd4a6a2b694323e2cf6a81fab22bd4f1d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9460942/1616700282237/cybersecurity_is_about_to_change_300x600/cybersecurity_is_about_to_change_300x600.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 21:56:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 19:24:42 GMT
server: sffe
age: 10410
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16833
x-xss-protection: 0
expires: Thu, 08 Apr 2021 21:56:39 GMT

GET
H3-Q050 200 moving_data_close.jpg
s0.2mdn.net/9460942/1616700282237/cybersecurity_is_about_to_change_300x600/assets/ Frame 2B72 20 KB
20 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9460942/1616700282237/cybersecurity_is_about_to_change_300x600/assets/moving_data_close.jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6159cbe42fa1b0f45ec2a127447ba9c6fe2d257598f036a953129489d087bea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9460942/1616700282237/cybersecurity_is_about_to_change_300x600/cybersecurity_is_about_to_change_300x600.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 21:56:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 19:24:42 GMT
server: sffe
age: 10410
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20120
x-xss-protection: 0
expires: Thu, 08 Apr 2021 21:56:39 GMT

GET
H3-Q050 200 moving_data_far.png
s0.2mdn.net/9460942/1616700282237/cybersecurity_is_about_to_change_300x600/assets/ Frame 2B72 8 KB
8 KB 6ms
6ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9460942/1616700282237/cybersecurity_is_about_to_change_300x600/assets/moving_data_far.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbfa21ad70a272eba0af55ed98a6cbfe77d64d776db15923d9cd657c575b08b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9460942/1616700282237/cybersecurity_is_about_to_change_300x600/cybersecurity_is_about_to_change_300x600.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 21:56:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 19:24:42 GMT
server: sffe
age: 10410
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7680
x-xss-protection: 0
expires: Thu, 08 Apr 2021 21:56:39 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD0B 0
46 B 15ms
15ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYXHqQVNuYLKYB4WF7gO80ZrICQAAAAA4AeAEAg&bg=!WFulWx_NAAY56aLOOek7ACkAdvg8Wua6mZUJcHfCpIZIdNMd2b_Q5Oyo9IYuhFKj_BqnwaqHGsRYvQIAAAB3UgAAAAhoAQeZAjQv0Mm7a6-o6p46tjbGdP8CJ3ORvhpo7oUWT0bwG1DEhmZgzKGExVzbNxhWvaF0VNmAot9ui9fGsVnaMavJy1YwDhV7timruqQ9g_NQv7S9Bm8MIxGJfISM2SXJKvrYM2QczwFSRuY4w_nnccNFr7d8SPi9c9OfQmy-vbMWCNUTFmBIzy23CQvkbvIqUuivyTOZsfcgljLyY1GG_n_f5_oknsFujv5B9-4-E4DHXYNupKdu0ZMDLj3AWN4QTwkPy3X7JnO4spUI0XkBi_b_Q7siL9fHA1xvq2HvbXnPyExVLpjg2SnI0LgWE3ekAlZhHKQ8WZz9Shgtgy1cFbGmpctcRldnAXXDHoKBpEX0LZjn5UkRDQcSRG8V-F-JhZkiJVnzq8bWMhdHNceKok8EAlBskwyNAFGcjdmh-hAnDepI9zlXJmNILgAilgN0cTKAaM2S5MYWN8qvacmv-DlARevD0L5ZJnzvZQYEJPudv9snVY5Z5aYOuKfwi8y0E7WVjs-GjcUPjnAPY1wTmR_Eu-dqoOojC0VC92QG_qoY6BVYkSox8mw8zZ5dKmi9FDC0iYMfBYJKjc9YQ80YVPtVafw3MHLjOyBkNXSxYIAhyxZhqRP3RqFD2eQu27H1glu6hLiY17XqLaV65pRoWArs7elrlA0u0doFLTsJNiX0WHSkEMr130apYwE6WDqLvwERM29W5HT5W-jqfFIEgQNKzSQ1lCU1YXD65YxrA1dP6K3tMH4IsP0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 00:50:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIw4Cr7bbt7wIVRIJ7Ch1RbA-HEAEYACD8tdVG;met=1;&timestamp=1617843016074;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 15E5 42 B
254 B 41ms
39ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIw4Cr7bbt7wIVRIJ7Ch1RbA-HEAEYACD8tdVG;met=1;&timestamp=1617843016074;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 00:50:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 dc_oe=ChMI9Mqu7rbt7wIVFpV7Ch1fggHvEAEYACD5tdVG;met=1;&timestamp=1617843018174;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 374B 42 B
235 B 40ms
39ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI9Mqu7rbt7wIVFpV7Ch1fggHvEAEYACD5tdVG;met=1;&timestamp=1617843018174;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 00:50:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=394853163&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fhome%2Fsecurity-news%2Fmalware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D7021H2676790F4R&ul=en-us&de=UTF-8&dt=Malware%20news%20%26%20analysis%20%7C%20SC%20Media&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User%20Engagement&ea=Beacon&_u=aGjAAAADQAAAAC~&jid=609071092&gjid=1379690156&cid=364570351.1617843004&tid=UA-1290429-10&_gid=713542523.1617843018&_r=1&gtm=2wg3v0MHZ6C39&cd13=No&z=1427854232

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 00:50:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 13ms
13ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-1290429-10&cid=364570351.1617843004&jid=609071092&gjid=1379690156&_gid=713542523.1617843018&_u=aGjAAAADQAAAAC~&z=981319832

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 08 Apr 2021 00:50:18 GMT
content-type: text/plain
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
271 B 17ms
16ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-1290429-10&cid=364570351.1617843004&jid=609071092&_u=aGjAAAADQAAAAC~&z=97289947

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 00:50:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
15ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-1290429-10&cid=364570351.1617843004&jid=609071092&_u=aGjAAAADQAAAAC~&z=97289947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 00:50:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 dc_oe=ChMI8rzx7rbt7wIVhYJ7Ch28qAaZEAEYACCxodhG;met=1;&timestamp=1617843019281;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 816B 42 B
88 B 40ms
39ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8rzx7rbt7wIVhYJ7Ch28qAaZEAEYACCxodhG;met=1;&timestamp=1617843019281;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 00:50:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.scmagazine.com/	1970-01-20 02:09:39	Name: oly_anon_id Value: %22afd83427-0dc1-4e71-8e86-24bb95fd452f%22
.scmagazine.com/	1970-01-20 02:09:39	Name: oly_enc_id Value: %227021H2676790F4R%22
www.scmagazine.com/	1970-01-23 09:00:03	Name: _ccmsi Value: 1617843004168_ltghtid64\|1617843004169
www.scmagazine.com/	1969-12-31 23:59:59	Name: dpm_url_count Value: 1
.scmagazine.com/	1970-01-20 02:45:39	Name: __gads Value: ID=36d26eb868875187-22f408120abb0089:T=1617843004:S=ALNI_MatijY3qnb_Hq2vyj0p69n-r151Mw
.scmagazine.com/	1970-01-20 10:55:15	Name: _ga Value: GA1.2.364570351.1617843004
.scmagazine.com/	1970-01-19 17:24:03	Name: _gat_UA-1290429-10 Value: 1
.scmagazine.com/	1970-01-19 17:25:29	Name: _gid Value: GA1.2.395726966.1617843004
.scmagazine.com/	1970-01-19 18:07:15	Name: __cfduid Value: da6a507fbc995499d4b491218c3ee92891617843002
www.scmagazine.com/home/security-news/malware	1969-12-31 23:59:59	Name: hasLiveRampMatch Value: true

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.scmagazine.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://c.lytics.io/api/tag//lio.js(Line 1) Message: Missing required params.
console-api	log	URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js(Line 46) Message: olytics fire called
console-api	log	URL: https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1614249820(Line 1) Message: [ABD] start beginTest
console-api	log	URL: https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1614249820(Line 1) Message: [ABD] adding bait node to DOM
console-api	log	URL: https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1614249820(Line 1) Message: [ABD] start beginTest
console-api	log	URL: https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1614249820(Line 1) Message: [ABD] adding bait node to DOM
console-api	log	URL: https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1614249820(Line 1) Message: [ABD] exiting test loop - value: false

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2d0e9248a28bc9933491521db2fbe69f.safeframe.googlesyndication.com
a.dpmsrv.com
ade.googlesyndication.com
adservice.google.com
adservice.google.de
api-34-220-38-27.b2c.com
api.b2c.com
c.lytics.io
cm.g.doubleclick.net
cra.omeclk.com
fonts.googleapis.com
fonts.gstatic.com
googleads4.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
in.ml314.com
insight.adsrvr.org
js.adsrvr.org
ml314.com
olytics.omeda.com
oqs.omeda.com
pagead2.googlesyndication.com
px.ads.linkedin.com
s.dpmsrv.com
s0.2mdn.net
s3.amazonaws.com
script.crazyegg.com
securepubads.g.doubleclick.net
snap.licdn.com
stats.g.doubleclick.net
tpc.googlesyndication.com
v4-api-34-220-38-27.b2c.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.scmagazine.com
142.250.185.130
142.250.185.226
142.250.185.66
185.33.221.14
204.180.130.159
204.180.130.165
205.162.42.171
2606:4700:20::681a:216
2606:4700:20::681a:3d7
2606:4700:20::681a:623
2606:4700::6813:9408
2620:119:50e1:101::6cae:b25
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:801::200a
2a00:1450:4001:808::2001
2a00:1450:4001:809::2001
2a00:1450:4001:809::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2008
2a00:1450:400c:c1b::9a
2a02:26f0:6c00:296::25ea
3.225.125.221
3.229.100.58
34.220.38.27
34.247.104.176
35.244.174.68
52.216.170.197
52.30.2.3
54.192.210.6
54.230.55.228
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03a234e8e2187c8273f485b4e278e491e9ca08c2ecdc02892f224578e9f22dca
0afd4d6b0313d25f689ed18a3ead599ce543f82035f33dda56ca529a0d7981f6
0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3
0d926c37ec7c5ca485c0f29f4d58db9512594e59c96e5b783771236f7bbb0066
0e35ec3dfa80b7851b7826fcae5e1ef652d03d77c6c2af9f0bf1b97d49fe876d
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
191da7c8621f7098166f2c273ea4012dcb0457f1272726053250a921fa1a4b91
1a9bcb1cc2cb1d0cf031ef290b4df3594eb3e4486db13dfcf1f74c3e2a3e7460
29778a6252b89c79ad8a313692c3f4b8ff5e300c463858732f28da488dd2cc05
37a94a798a2b1dd81880e62d5a8d8dd4a6a2b694323e2cf6a81fab22bd4f1d2e
3cc4d52780a21eb51474c98c4693fd91cd8d2fc583e33a16dad087809f61cdc9
3e1eec8984243180cb049cfe322f8b2816e13a91986dc45651ebd7e9e4a0f146
44706afe2dbf4f8da1171944b2379c8ef21f43e5fab0f95e7442afd6aa50a95b
44c841912146563db4efd4e2632638fff0abf9f0bb17d0892fc87d3d03bac509
46a85739550a9735bf515eef50a1dbef7ac7c34fd9921e24b59e0d9ad2c9b8d7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c33af80285d91a8e4208a1c273b2f0dc387726f992a06b02d597a73f7a7a18a
4f679adf338068d59b924bb8dce6b4896e642e8b1966cc97e63c040003115e59
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52786c86811c129ec151d880a742f4955bc63aea2f85fa641fa14c9bfb4b64ab
562749f8851c63a8f36e88e1c3b3732576b38123bda924087b01f7ff53815c5b
59173f786dd1f3802f7ab26fd339aac4099dc10c6cb54a6a92213e6af277592a
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5e8095cad5b71456e02e88835892814dba44009f6403b5a84416db008e5d357f
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
5fa20d91c9e94f0dcd1398f5e8909706c437748ca1800616ee76deb6cefbdf03
5fb134dba4e4cae50cd19014a0a82fca99e35d0cfcedbbf791dbcd4e78bb95eb
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6066d8c876b59b80bc647daa6594495af6a89e4eb9b4bf19095af605992c7a31
61acb0d6f118b89cae0d7c95bc39f813b7ea91fd9ce406096ce03d6f8072ecec
6557812bb342a14c23635e24733f11e5752f9807a85053be80b6fbd955a34ed9
66e827da78e286fa17fb3c1aa6ac62e6b6789276efda5f73a451924365d24257
6747381b1764cecaa3d765959ad3fd43eba3610339c6879f74f58be067d75862
68330f6767efe4ea90f23cb4bb722810d19758395bc24f59c7c893c0d4ae69ce
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
73c7de8dd24f2eab06be3fa01bc7dd8af2b8c35c24d6286b54d31bf6a4a72fb6
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
743c2c85f274713eaad18bc8532b0aa34241783bd219109f8477fae7213db869
7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7
762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342
77d925eff33d8f8621a865dc94cdae563e579fc96057d6304a78b25cae0f510a
7bc21d6c6f430eeac549aa0e701bd5d3568d844dd514b86b7e44a28728fa59b9
7bcf1d211cf794d5cb41cbdd04a5c01f4f970b358ebef3cc12d2de1813cc7790
7c7c20cc79b1f1345358992d48d63d8472e531741ce03d2cd67e4bed90677b11
7d686acfc12a44fc472fb2a3c0ff9baa4638ced8f0da5b32f9ae5c15a2611def
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84346d3059aaa7b1ce9b20d8b77241a15f2e1689706288a47ece88da9c247a51
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
865de4cfa5e42ddb0e0c3ddba2ced28a31786a76ed314a8d32d18d40aeff50d3
866e74600600f8647c979414828f3538d646101dc8504de84c2ed00e30460811
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8e1c678764d16a66f783dfd8bee93916cf2b055635cef0362bc0640b610df5b5
8fed0359a978607741335672c13815cef49036c52f9d3c3173d365840a967ccb
90a260084cfdf97ada7a8e0650eb310a4206d79f1b3a53225d2b9053cc9e4c13
90f3c1071d01fb1f0089882de820cd3f5b8ff390b2dbc4073529661ce4537700
9157fcba73ee03ecc7c33bdd10f63e86415579b42803172c8658f028ab51d76f
965d37dc5afc6a5a4d824d226c553e288ba75074d7a35cd4168ceb8f4cff2b70
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9c98daf8d26c8e708db6dc18155905f5721033ab2305a506abaa512142e2d017
a327dd68a2d5d871a5a61e0c037a996fa5717fc8b36d5f408ec8ae6baf7ea6e4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a07e9d9c61a69066b6b44eca0f6065be24a01c4fcf5b2e4cfe3b765374cbb7
a6159cbe42fa1b0f45ec2a127447ba9c6fe2d257598f036a953129489d087bea
a8c623af847b4ff995381e96fa2216a93bc86d0a51060630e4ffe39ba4833567
a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264
abb1dd7905b3797711e15609800d43cabead4c0358dc0030a1932a20e82a37d7
b15218ef9e68883307bed0063b67e01b424962de9a7114b90fb1d480a2f4255b
b34b5f8c62763df4b14ac8364ae7022cfc2389be4a115bfd5a2cb5506ce41b79
b781a00b78172f2cbdd9cfa59267995d63dc58843485f3615f359473af7fa892
bbbd24e6f679792d638ed1936137c274734e6f49ac18c0b061ca5b881b35e712
bbfa21ad70a272eba0af55ed98a6cbfe77d64d776db15923d9cd657c575b08b7
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c0474aacdad3f260537a899d75473b2aa2c57a6e8e06d9d54dc8d48b04eb6e2b
c0558ba8e8248bb07e17b752d1bb1ff0ab7f968ff6bb98627c0eb6d72341600c
c0e1496a92d5756e5d4da2993d5bf9af1d22fdf9afef1a830b044f9bee4bbc0e
c14a8290acb46be64049515cd5e3f390cfc0b024ed8315ec7e103bb31d0080b6
c48439840a6f099fbde5e8748c61d4075a8e7e13e49ac988adb9948b7092fe55
c5cc2e992e4dd4246298ffb76467bc1f472fd51b84520b0511ee9039acccd462
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
ca37bf1c015f6ec3fe5202b335909d309c3f599e98f29810c1fff90451fb1fda
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cffef365e4b53f1a6e9d33a7d42c0d1542b573360f774069589240f75f0e84f1
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d17c5960d10953cc9057006480986d62c352bfd9fa78db9cf222307b414bc747
d7f5a2237378e5eaf84868d9c942e436f597f1c048febc6b6f408b7a58f75e98
da407a15b1ea0c1b4bb774bd77bb608d6b1c90397b5a75b8895bbccfda5feb63
dd0103b71a9f800bf8509fb3f34f29a1af4b26a10ceef71cea5bb29ae4ea106d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfc528655b5de94900627202f9086bba305c4694d287e53c33dde5a0268d2128
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66b3b8c27a5ece43822021188862fb58cb9c0f52a41067c295aef2fb1e109a0
e828282e92509efc0f7bc57888382c5816bd403e0abbb685eda5c4372cc7daa5
ece5f25bbc643556099a200aa2df5c428d74048e55db71c1880afd1adcb425a9
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef03f63a0106ccde3a73f60cd35749028cbcb6194808a938ef1f94722b7a084b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c4e5ffb84f98caaa33a1ccdfe81fe0a6d76c025cebf712fbcd3199e28f0031
f1d0b1a9de0c9552e3fa4072ae4007a3a98a1855fc2736dd46dacaf121441eed
f2554304acc687068f6dd84b750d742d1233e7ab21bf29837c68dfafc15dcc86
f32d851a5b7b53cc0a1aa6ab7370cb2a2410cef2c684975c2f455afe41b95958
f428c70f9c44b85e588dfda4010ed32d334147bc386829f3f5579f31c6b05008
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f8c3bc6b4612e018296f32dec014b0e8d4c8ef0c7ff449f26a28b641d3497da1
fb2822d278051ae981b2652bb06e8b3fe430ba1d5f803ae07c9a0580e6a7588c
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b
fc17f752e8183cb838ca919178b800f3649b392d8a838721f4c2fae2679b4c25
fd1d4467ce25ac23eb090a623e648c0b760890aa9b29e12cf6a7bb6fb2143385

www.scmagazine.com Open in urlscan Pro 2606:4700:20::681a:3d7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

172 Requests

100 %HTTPS

57 %IPv6

24 Domains

38 Subdomains

36 IPs

5 Countries

3901 kBTransfer

6860 kBSize

10 Cookies

12 Outgoing links

Page URL History

Redirected requests

172 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.scmagazine.com Open in urlscan Pro
2606:4700:20::681a:3d7 Public Scan

Screenshot
Live screenshot

Full Image

172
Requests

100 %
HTTPS

57 %
IPv6

24
Domains

38
Subdomains

36
IPs

5
Countries

3901 kB
Transfer

6860 kB
Size

10
Cookies

172 HTTP transactions
5 data transactions