www.infosecurity-magazine.com Open in urlscan Pro
3.168.102.22 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/
Submission: On December 16 via api (December 16th 2024, 2:13:59 am UTC) from TR — Scanned from US

Summary HTTP 109 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 34 IPs in 3 countries across 27 domains to perform 109 HTTP transactions. The main IP is 3.168.102.22, located in United States and belongs to AMAZON-02, US. The main domain is www.infosecurity-magazine.com. The Cisco Umbrella rank of the primary domain is 484581.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on September 4th 2024. Valid for: a year.

This is the only time www.infosecurity-magazine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	3.168.102.22 3.168.102.22	16509 (AMAZON-02) (AMAZON-02)
14	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
4	2600:141b:1c0... 2600:141b:1c00:8::1728:b335	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
9	2606:4700::68... 2606:4700::6812:572a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:141b:1c0... 2600:141b:1c00:8::1728:b337	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
5	2607:f8b0:400... 2607:f8b0:4006:81e::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:80b::2001	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:823::2004	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
2	2600:141b:1c0... 2600:141b:1c00:6::17df:d105	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	2a03:2880:f00... 2a03:2880:f00e:13:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	146.75.36.157 146.75.36.157	54113 (FASTLY) (FASTLY)
1 6	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2607:f8b0:400... 2607:f8b0:4006:824::2001	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
1	54.147.65.197 54.147.65.197	14618 (AMAZON-AES) (AMAZON-AES)
1	172.66.0.227 172.66.0.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c21::9d	15169 (GOOGLE) (GOOGLE)
4 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	54.242.160.112 54.242.160.112	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	68.67.181.248 68.67.181.248	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	44.196.77.126 44.196.77.126	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f10... 2a03:2880:f10e:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4006:80a::2002	15169 (GOOGLE) (GOOGLE)
2	185.221.87.23 185.221.87.23	54113 (FASTLY) (FASTLY)
109	34

12 3.168.102.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-102-22.jfk52.r.cloudfront.net

www.infosecurity-magazine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.infosecurity-magazine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:81d::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:141b:1c00:8::1728:b335 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6812:572a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:8::1728:b337 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80b::2001 (United States)

ASN15169 (GOOGLE, US)

266b2e2a281cc6f6500fb5a888b62066.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:823::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:821::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:1c00:6::17df:d105 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00e:13:face:b00c:0:3 (Toronto, Canada)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.36.157 (Reston, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.117.77.79 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:824::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:80e::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.147.65.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-65-197.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c21::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.242.160.112 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-242-160-112.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.181.248 (North Bergen, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1043.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.196.77.126 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-77-126.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f10e:83:face:b00c:0:25de (Toronto, Canada)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::2002 (United States)

ASN15169 (GOOGLE, US)

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.221.87.23 (Ireland)

ASN54113 (FASTLY, US)

bam.eu01.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 td.doubleclick.net — Cisco Umbrella Rank: 182 stats.g.doubleclick.net — Cisco Umbrella Rank: 135 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	270 KB
19	googlesyndication.com 266b2e2a281cc6f6500fb5a888b62066.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 173 pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	245 KB
12	infosecurity-magazine.com www.infosecurity-magazine.com — Cisco Umbrella Rank: 484581 assets.infosecurity-magazine.com — Cisco Umbrella Rank: 758667	186 KB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 329	215 KB
7	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 333 www.linkedin.com — Cisco Umbrella Rank: 676 px4.ads.linkedin.com — Cisco Umbrella Rank: 7032	5 KB
7	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1917 in.ml314.com — Cisco Umbrella Rank: 13563	15 KB
5	google.com www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 142	128 B
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	444 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 460 p.typekit.net — Cisco Umbrella Rank: 571	93 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	20 KB
3	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 1141	2 KB
2	nr-data.net bam.eu01.nr-data.net — Cisco Umbrella Rank: 10483	996 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	213 B
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 281	2 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 377	1 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 476	835 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 262	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	77 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 831	20 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	40 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 623	17 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 96	3 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 991	393 B
1	t.co t.co — Cisco Umbrella Rank: 904	628 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1016	16 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 514	305 B
109	27

	Domain	Requested by
14	securepubads.g.doubleclick.net	www.infosecurity-magazine.com pagead2.googlesyndication.com
12	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
9	cdn.cookielaw.org	www.infosecurity-magazine.com
9	www.infosecurity-magazine.com	www.infosecurity-magazine.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net
6	ml314.com	1 redirects www.infosecurity-magazine.com
5	px.ads.linkedin.com	3 redirects www.infosecurity-magazine.com
5	www.googletagmanager.com	www.infosecurity-magazine.com www.googletagmanager.com
4	www.google-analytics.com	www.infosecurity-magazine.com
4	www.google.com	www.googletagmanager.com www.infosecurity-magazine.com
4	use.typekit.net	www.infosecurity-magazine.com use.typekit.net
3	ps.eyeota.net	2 redirects www.infosecurity-magazine.com
3	td.doubleclick.net	www.infosecurity-magazine.com
3	assets.infosecurity-magazine.com	www.infosecurity-magazine.com
2	ep2.adtrafficquality.google	www.infosecurity-magazine.com
2	bam.eu01.nr-data.net	www.infosecurity-magazine.com
2	googleads.g.doubleclick.net	1 redirects www.infosecurity-magazine.com
2	www.facebook.com	www.infosecurity-magazine.com
2	ib.adnxs.com	2 redirects
2	match.adsrvr.org	2 redirects
2	idsync.rlcdn.com	2 redirects
2	dpm.demdex.net	1 redirects www.infosecurity-magazine.com
2	connect.facebook.net	www.infosecurity-magazine.com
2	snap.licdn.com	www.infosecurity-magazine.com
2	cdn.jsdelivr.net	www.infosecurity-magazine.com
1	ep1.adtrafficquality.google	www.infosecurity-magazine.com
1	js-agent.newrelic.com	www.infosecurity-magazine.com
1	px4.ads.linkedin.com	www.infosecurity-magazine.com
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.infosecurity-magazine.com
1	www.googleadservices.com	www.infosecurity-magazine.com
1	analytics.twitter.com	www.infosecurity-magazine.com
1	t.co	www.infosecurity-magazine.com
1	in.ml314.com	www.infosecurity-magazine.com
1	static.ads-twitter.com	www.infosecurity-magazine.com
1	266b2e2a281cc6f6500fb5a888b62066.safeframe.googlesyndication.com	www.infosecurity-magazine.com
1	geolocation.onetrust.com	www.infosecurity-magazine.com
1	p.typekit.net	use.typekit.net
109	39

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
x.com
www.linkedin.com
privacy.reedexpo.com
privacy.rxglobal.com
support.google.com
www.onetrust.com

Subject Issuer	Validity	Valid
*.infosecurity-magazine.com GlobalSign RSA OV SSL CA 2018	`2024-09-04` - `2025-10-06`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-10` - `2026-01-10`	a year	crt.sh
cookielaw.org WE1	`2024-12-09` - `2025-03-09`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
geolocation.onetrust.com WE1	`2024-12-09` - `2025-03-09`	3 months	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2024-12-02` - `2025-12-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-24` - `2024-12-23`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
event-horizon.gcp.bomm.in WR3	`2024-12-15` - `2025-03-15`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.ml314.com Amazon RSA 2048 M02	`2024-09-14` - `2025-10-11`	a year	crt.sh
t.co E6	`2024-11-26` - `2025-02-24`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-07` - `2025-10-06`	a year	crt.sh
*.googleadservices.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
adtrafficquality.google WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.eu01.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2024-07-12` - `2025-07-11`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/
Frame ID: C13805A11A2999A565C4D1C643263009
Requests: 77 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: F21D4FA9FDD93CD149E882E617D0A457
Requests: 1 HTTP requests in this frame

Frame: https://266b2e2a281cc6f6500fb5a888b62066.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 394F41279CE67322B0F1D4730299F998
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.infosecurity-magazine.com
Frame ID: 5D8E56A4A6ED6D4A24C562264826D801
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEWbD3C8puGN7lR-t7umjPHynGlRgVR_L-k5d3Kn2TVdPoA9BuG-TfN-fpKLCM6JP3iMVjDggPk7_c3_rA5KjqVB8uEgXBU1jQSdPRtvCtJrY9gv1cRhyhpWuJ6cMUcDsrPdNSP-PPJmKU_aqHUWMBH4sOAcANxRsVlWEhOivem7F3lzDJaQWjEare5qVUSWOBBURDt2UsbdSG1gauS1Yq3PX9W6qLv7Z_H5i86nVj7VMEXrmaSnRFFvU8d6JT4HrO4RhY6M1Hm_nYxDTBF54KZhNF1nhyvNJoSSZrQ9a9fNrSk52i1wAOPaB3YeAhSc6ZHucAoION2gUT8QtefIr-zjkqdUrQnoc5xksoFAI4hYJ8FRrR9fhXd39glAm4bkebYe7eQetwgTg3ScPSxXJ7WZrHoa416bQg8OhEuM4gLzrdg1-F-6C4Yi_h2x8Pv4GYDxeDwy2FJdv1xw&sai=AMfl-YT0ssxYhseASUO0Nny08ymYKH5syqSRnHL3fWXkr2PyFOj74WugQyYcqwMCSmQwfuaqEtM-JADlAh3aGBUwg2NBzeEhq97CW25LytDyu0XNOEC_oL1BpgftBzj-n2sD988EgyyXujQEFCtYipM9&sig=Cg0ArKJSzDHIfC3A7vFXEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 426A7A46A73D11009BA447F5C940290F
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGSaalcU73aokbrknDCr3JGTidEvJ6-GLD4FV9ds6NkXBscrvwSS0q-0Zv_mbemv-aBQxcyuRgUtcfPvUYwzJlDx33jfoQqR_wBYsjwj2Oi8_M_H5cc6Ag1hN5z5Jds15ipNJlTSWhPdUb3MbiJVaslt4VtIZuVY4H0RlcglcQ0FwnX8O7cBxBcJKVWedx4PesENr6bDGf46mpEkH08GtZRhMQGpH3hBHOhtXgpuvjPuSkAevNJHxKPFL7kAerdjZtJ6SgB650r_YlFq-NtANj4YeqaqdNdGMveOxGSGIQrJz4wC2dZ968fi_MSsB0aCMhWCtC8fVrR7-TH_JXC2oy7Qw0dH9I_-YCyrLNCT_dqAtc4geMB75vCPsKXKFPOwsHeakD0mhB5VhtPHvESe9fqAyGRUhKWxez9U5I5CaJL-UH26_2-wpRMQNTOcvR6gpW5Nmd5MoyGTAJLg&sai=AMfl-YS2fqTW0cxWqv2M4aNEC8WdNteMWQQPuqZ8sLiiz4Cz_qCz-s2OrIH0n52s6VM3VQHE8CaBzNYEL8v42bkqREg4Yw0vLrGxXPTqAFVy_8msaIaXQNsj9baNdNnSow6FPjoAmZqdZccQXthaiTmD&sig=Cg0ArKJSzHLCXLDK5KcsEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: E55E9D555B7A05A94A586A459254F5D4
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOLLouBM-eaE1TCKeLOKrCvvw8tdualaA3Dk6bG4M0hApGAK2N8PyynqWQ7FhYc0c7CPUIwBbtNaK8D6x04FG5blp6VfLL3sa_Ii5cL_62Y3BWrVFbJNXzcB5Dl6Tbr_r78a41O8IKhh_heeQPAkYMJYNm89JBgYm2GGnVgoycYqnOm3JFfCVM7J7iy_cHejKt0DzmodnYf-tFE-vQ4m8V2VY5saSYcKM0_yXnutzKlRN4aPOfkUlOtficqTFmc9RhaWy-eTDyacQSSdajD0sPKDXjTpumbGGPtwGTT3f1L9SV33FyfxZB0XugJBcySaeYkipL2r9pfKPMAEfDG6nYZudm6q809NKfh7lxjGXYkGBKlxhkY8Ry1HaOQbiGiezRBzwfZ2YyQOlnr-roArkCrFus54n1ntgqO4AE0ayHoO3XNSAYNdEMhs5z8PKsY5Jez-6iZyFCTtrr8A&sai=AMfl-YR23OYiHV1QwycP1jZE7sSUK67IRmJHIQCR0LAVoJ8tGRgUPPNwwbOiK0iYZj6d8gWgGMM9kNR4mpkJvfkSoqgh0PFqVov0JgPaGjp59_cI8B49rvHj75uataNjRgUSoFiJ7xSKGzKWDIP6FhOU&sig=Cg0ArKJSzMnJwGZ8pc1GEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: C1A673E1A9DF59DB688DDF49E43D263A
Requests: 9 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/875375440?random=1734315233849&cv=11&fst=1734315233849&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457z878347448za201zb78347448&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=2024%20Sees%20Sharp%20Increase%20in%20Microsoft%20Tool%20Exploits%20-%20Infosecurity%20Magazine&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1087689695.1734315233&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0
Frame ID: 599B4A018B216B50A433281FB458265D
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-8VSXE5KKGM&gacid=335296838.1734315234&gtm=45je4cc1v898772242z878347448za200zb78347448&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1030360000
Frame ID: FDCDC0C3626F5B795B2C15A6C37C14A7
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/875375440?random=1734315234168&cv=11&fst=1734315234168&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&hn=www.googleadservices.com&frm=0&tiba=2024%20Sees%20Sharp%20Increase%20in%20Microsoft%20Tool%20Exploits%20-%20Infosecurity%20Magazine&npa=0&pscdl=noapi&auid=1087689695.1734315233&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 4B60374C69D1B3C391324F91D4E3579B
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 04C50334E79D913BF98532C2E88E5904
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F9CE43A1F3D37AB50F5F975012C683A5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

2024 Sees Sharp Increase in Microsoft Tool Exploits - Infosecurity Magazine

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

109
Requests

93 %
HTTPS

61 %
IPv6

27
Domains

39
Subdomains

34
IPs

3
Countries

1686 kB
Transfer

4915 kB
Size

36
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://twitter.com/ReporterCoker
Title: Follow @ReporterCoker

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3a%2f%2fwww.infosecurity-magazine.com%2fnews%2fincrease-microsoft-tool-exploits%2f

Search URL Search Domain Scan URL

URL: https://x.com/intent/tweet?url=https%3a%2f%2fwww.infosecurity-magazine.com%2fnews%2fincrease-microsoft-tool-exploits%2f

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Infosecurity-Magazine/210560332330063

Search URL Search Domain Scan URL

URL: https://x.com/InfosecurityMag

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/infosecurity-magazine/

Search URL Search Domain Scan URL

URL: https://privacy.reedexpo.com/en-gb.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://privacy.reedexpo.com/en-gb/cookie-policy.html
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://privacy.rxglobal.com/en-gb/cookie-policy.html
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://support.google.com/admanager/answer/9012903
Title: Google Ad-Tech Vendors

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3649151541154152509&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3649151541154152509&redir=

Request Chain 79

https://idsync.rlcdn.com/395886.gif?partner_uid=3649151541154152509 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0OTE1MTU0MTE1NDE1MjUwORAAGg0I4pn-ugYSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=10469d07f9f1ab5d8765b54538d51befbfef10a0631a974b68410d9e686728e9f4cb09cee1a4f8eb&person_id=3649151541154152509&eid=50082

Request Chain 80

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=ee098646-d73a-42a9-8a20-a53aeb923c2d&gdpr=0&gdpr_consent=

Request Chain 81

https://ib.adnxs.com/getuid?https://ml314.com/csync.ashx%3Ffp=$UID%26person_id=3649151541154152509%26eid=2 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fml314.com%2Fcsync.ashx%253Ffp%3D%24UID%2526person_id%3D3649151541154152509%2526eid%3D2 HTTP 302
https://ml314.com/csync.ashx?fp=1268237498779862649&person_id=3649151541154152509&eid=2

Request Chain 82

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2cFs2LcsaaVZtmoKFDRQhItos_el55IzPtIIbK_0r6rI&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

Request Chain 90

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875375440/?random=556005210&cv=11&fst=1734315233849&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457z878347448za201zb78347448&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=2024%20Sees%20Sharp%20Increase%20in%20Microsoft%20Tool%20Exploits%20-%20Infosecurity%20Magazine&value=0&npa=0&pscdl=noapi&auid=1087689695.1734315233&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkondHJpZ2dlcj1uYXZpZ2F0aW9uLXNvdXJjZSwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&eitems=ChEIgJn6ugYQxZDivP-Z15G-ARIdADhtPI7VM5-8FTbwkjqQkWMyeEpFNqBBqgK2K0w&pscrd=IhMIrJbH25urigMVFCGICR0orQIfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSQlhDaEVJZ0puNnVnWVFzSi03cWFmSTB0Q0pBUkl0QVBKdkt5NnNNaFFuU2w4Q2drdzVaV0lPVENZS3NuOFZQN2xzTTNBZlVONjc5U3dOQ1I2LTFFbW9CSHNh HTTP 302
https://www.google.com/pagead/1p-conversion/875375440/?random=556005210&cv=11&fst=1734315233849&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457z878347448za201zb78347448&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=2024%20Sees%20Sharp%20Increase%20in%20Microsoft%20Tool%20Exploits%20-%20Infosecurity%20Magazine&value=0&npa=0&pscdl=noapi&auid=1087689695.1734315233&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkondHJpZ2dlcj1uYXZpZ2F0aW9uLXNvdXJjZSwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIrJbH25urigMVFCGICR0orQIfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSQlhDaEVJZ0puNnVnWVFzSi03cWFmSTB0Q0pBUkl0QVBKdkt5NnNNaFFuU2w4Q2drdzVaV0lPVENZS3NuOFZQN2xzTTNBZlVONjc5U3dOQ1I2LTFFbW9CSHNh&is_vtc=1&cid=CAQSKQCa7L7d6KRZYjEy5QASwDdtviCw4TUITGWfNh1CGl4mzZeGyt-p7Ybz&eitems=ChEIgJn6ugYQxZDivP-Z15G-ARIdADhtPI5tVCty9CPPs_P6Xn5ODEp8xUy-TfY8qGo&random=404052772

Request Chain 92

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1734315234053&li_adsId=d0490701-5e4f-41b1-9d22-616c689e788f&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1734315234053&li_adsId=d0490701-5e4f-41b1-9d22-616c689e788f&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5460932%26time%3D1734315234053%26li_adsId%3Dd0490701-5e4f-41b1-9d22-616c689e788f%26url%3Dhttps%253A%252F%252Fwww.infosecurity-magazine.com%252Fnews%252Fincrease-microsoft-tool-exploits%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1734315234053&li_adsId=d0490701-5e4f-41b1-9d22-616c689e788f&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1734315234053&li_adsId=d0490701-5e4f-41b1-9d22-616c689e788f&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQImwQ4h9nFcMwAAAZPNPlOgIo8gWagOqNiNps762fzV7p0nbgB7MLKmPRO4UiL0eLMo9tS4Cac37tsRCuacQgnOiKNuLg0

109 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/ 99 KB
26 KB 218ms
87ms Document
text/html 3.168.102.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.168.102.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-168-102-22.jfk52.r.cloudfront.net

Software

RX /

Resource Hash

7db00738fa7c8cb87b3943e427f1cbf5daed460881a3634070dc53c69dd37b9a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
age: 284
cache-control: public, proxy-revalidate, max-age=300
content-encoding: br
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
content-type: text/html; charset=utf-8
date: Mon, 16 Dec 2024 02:09:09 GMT
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none'
last-modified: Sun, 15 Dec 2024 04:30:39 GMT
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=()
referrer-policy: same-origin
server: RX
vary: Accept-Encoding
via: 1.1 347bcc361d70e358fe09ee2d36913dd6.cloudfront.net (CloudFront)
x-amz-cf-id: NUmsU8UW2mGLyCTVqArZoZFCDI_4BZDaGkO6QEGmqG0BbjLLfoTmIw==
x-amz-cf-pop: JFK52-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=Edge
x-xss-protection: 1; mode=block

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 103 KB
33 KB 50ms
26ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e954ef100514b913e55662c2a5a3737b3129822937e47908ad6effc9d3327aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 246 / 20073 / m202412090101 / config-hash: 16775640167977932469
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 02:13:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33423
x-xss-protection: 0
server: cafe

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.7.0/dist/ 85 KB
32 KB 33ms
3ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.7.0/dist/jquery.min.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"155a6-Wp7qw02G6S5WYOD0+HIE8e0Mj/Y"
age: 4564189
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230028-FRA, cache-lga21954-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32087
x-jsd-version: 3.7.0

GET
H2 200 underscore-min.min.js Show response
cdn.jsdelivr.net/npm/underscore@1.13.6/ 19 KB
8 KB 34ms
5ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/underscore@1.13.6/underscore-min.min.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bb20d24b99fd1eae4fd77c1e833ce0a4536189961ceb1114fd272ca31e8ebd82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"4d5b-1Barardb3Bq5uc0bP3wXZk8NDAQ"
age: 3707373
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230089-FRA, cache-lga21954-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8075
x-jsd-version: 1.13.6

GET
H2 200 phq8nwg.css
use.typekit.net/ 11 KB
1 KB 47ms
17ms Stylesheet
text/css 2600:141b:1c00:8::1728:b335
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/phq8nwg.css

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:8::1728:b335 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

85b50ffe6b0cb56f765532dbac925599ddd984fcaefb0e2590099105dbd044da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1297
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: text/css;charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 base.min.css
www.infosecurity-magazine.com/_common/css/23080201/ 66 KB
10 KB 9ms
7ms Stylesheet
text/css 3.168.102.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/_common/css/23080201/base.min.css?v=23080201

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.168.102.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-168-102-22.jfk52.r.cloudfront.net

Software

RX /

Resource Hash

c08e633b39381743b6e6bca9c5922e9aa9ba5f3044c29031b0076a47b4af1927

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Response headers

content-encoding: br
etag: W/"9d79ff944229db1:0"
age: 77162
x-content-type-options: nosniff
access-control-allow-methods: *
x-cache: Hit from cloudfront
x-ua-compatible: IE=Edge
x-amz-cf-id: uu5AFX9BnBd3v0mMF7lJ6ofb9H5dGqe3JWaekhpK9tpjp8wHuS4yxQ==
date: Sun, 15 Dec 2024 04:47:51 GMT
content-type: text/css
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none'
vary: Accept-Encoding
last-modified: Mon, 28 Oct 2024 14:06:28 GMT
access-control-allow-headers: Content-Type
x-frame-options: SAMEORIGIN
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
referrer-policy: same-origin
via: 1.1 347bcc361d70e358fe09ee2d36913dd6.cloudfront.net (CloudFront)
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=()
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P6
server: RX

GET
H2 200 article.min.css
www.infosecurity-magazine.com/_common/css/23080201/ 5 KB
3 KB 16ms
14ms Stylesheet
text/css 3.168.102.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/_common/css/23080201/article.min.css?v=23080201

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.168.102.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-168-102-22.jfk52.r.cloudfront.net

Software

RX /

Resource Hash

778f93243401b2fd6663834b51f4d3f32012d6ee11f40f6169af721331bd1682

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Response headers

content-encoding: br
etag: W/"d2a74d954229db1:0"
age: 59554
x-content-type-options: nosniff
access-control-allow-methods: *
x-cache: Hit from cloudfront
x-ua-compatible: IE=Edge
x-amz-cf-id: kKIsr4HpU2dMTx0f03ZKncWXTTeoi4j7DXADhP_Z0hCNog6PcshbBg==
date: Sun, 15 Dec 2024 09:41:19 GMT
content-type: text/css
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none'
vary: Accept-Encoding
last-modified: Mon, 28 Oct 2024 14:06:28 GMT
access-control-allow-headers: Content-Type
x-frame-options: SAMEORIGIN
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
referrer-policy: same-origin
via: 1.1 347bcc361d70e358fe09ee2d36913dd6.cloudfront.net (CloudFront)
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=()
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P6
server: RX

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 79ms
41ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5: UzmBk0Ra4K9he+CwjGKb/g==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DD1BF06242194D
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 19904
x-content-type-options: nosniff
expires: Tue, 17 Dec 2024 02:13:53 GMT
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: application/javascript
last-modified: Sat, 14 Dec 2024 03:35:41 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 8f37caf0-301e-00c3-53d9-4d1ac9000000
cf-ray: 8f2b281f48a37271-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7211
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 727f1ba2-9922-4a3f-aed4-9c07051d2163.png
assets.infosecurity-magazine.com/content/span/ 17 KB
18 KB 119ms
94ms Image
image/png 3.168.102.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.infosecurity-magazine.com/content/span/727f1ba2-9922-4a3f-aed4-9c07051d2163.png

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.168.102.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-168-102-22.jfk52.r.cloudfront.net

Software

RX /

Resource Hash

ee5433b01168a70ea302bd586815440586d5addb86e7676c2cb06dd5731b17fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: private, max-age=2764800
x-content-type-options: nosniff
via: 1.1 347bcc361d70e358fe09ee2d36913dd6.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 17768
x-ua-compatible: IE=Edge
date: Mon, 16 Dec 2024 02:13:53 GMT
x-xss-protection: 1; mode=block
content-type: image/png
x-amz-cf-pop: JFK52-P6
server: RX
x-amz-cf-id: b7W-4SYwwv1fH3AnDMYDEgN6uKLFMJhEMXFlpIHX9TWmjcq8ykgItg==
x-frame-options: SAMEORIGIN

GET
H2 200 ism.js Show response
www.infosecurity-magazine.com/_common/js/23080201/ 5 KB
3 KB 14ms
13ms Script
application/javascript 3.168.102.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/_common/js/23080201/ism.js?v=23080201

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.168.102.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-168-102-22.jfk52.r.cloudfront.net

Software

RX /

Resource Hash

fded88b84aecf0d550b1d26a85a971351a138a573dbd6bd88cb646de1e7ab42a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Response headers

content-encoding: br
etag: W/"6a124d46ac6d91:0"
age: 67230
x-content-type-options: nosniff
access-control-allow-methods: *
x-cache: Hit from cloudfront
x-ua-compatible: IE=Edge
x-amz-cf-id: _n22HUVI6m8OQ9k6ahUf6vHm08BGAYRC-YL9e--CobUrubqiVxPEFg==
date: Sun, 15 Dec 2024 07:33:23 GMT
content-type: application/javascript
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none'
vary: Accept-Encoding
last-modified: Thu, 03 Aug 2023 12:59:01 GMT
access-control-allow-headers: Content-Type
x-frame-options: SAMEORIGIN
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
referrer-policy: same-origin
via: 1.1 347bcc361d70e358fe09ee2d36913dd6.cloudfront.net (CloudFront)
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=()
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P6
server: RX

GET
H2 200 ism.ads.es5.min.js Show response
www.infosecurity-magazine.com/_common/js/23080201/ism/ 6 KB
3 KB 7ms
7ms Script
application/javascript 3.168.102.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/_common/js/23080201/ism/ism.ads.es5.min.js?v=23080201

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.168.102.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-168-102-22.jfk52.r.cloudfront.net

Software

RX /

Resource Hash

cbe5296bf61f4ee88ecab204fe1ec3a144660caa32b71d9744f01102286df62a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Response headers

content-encoding: br
etag: W/"9afc29a04229db1:0"
age: 2640
x-content-type-options: nosniff
access-control-allow-methods: *
x-cache: Hit from cloudfront
x-ua-compatible: IE=Edge
x-amz-cf-id: NpVHuK3QfQBtwuIHv0uKJl0vYF2VSTlq3jvVuOW-QWdhVFXZgiZz0w==
date: Mon, 16 Dec 2024 01:29:53 GMT
content-type: application/javascript
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none'
vary: Accept-Encoding
last-modified: Mon, 28 Oct 2024 14:06:46 GMT
access-control-allow-headers: Content-Type
x-frame-options: SAMEORIGIN
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
referrer-policy: same-origin
via: 1.1 347bcc361d70e358fe09ee2d36913dd6.cloudfront.net (CloudFront)
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=()
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P6
server: RX

GET
H2 200 ism.whatshot.es5.min.js Show response
www.infosecurity-magazine.com/_common/js/23080201/ism/ 851 B
2 KB 7ms
6ms Script
application/javascript 3.168.102.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/_common/js/23080201/ism/ism.whatshot.es5.min.js?v=23080201

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.168.102.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-168-102-22.jfk52.r.cloudfront.net

Software

RX /

Resource Hash

ecde3c0d9f4721fd5bc3989d1e6103966b836786849f65ead031a1c758687ef0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Response headers

etag: "478da9f4229db1:0"
age: 62539
x-content-type-options: nosniff
access-control-allow-methods: *
x-cache: Hit from cloudfront
x-ua-compatible: IE=Edge
x-amz-cf-id: FkEYDdnL_pUr06ShqeFhPjW6g2FM4X-C0N_CbxdzXvy-ki039t6xxg==
date: Sun, 15 Dec 2024 08:51:34 GMT
content-type: application/javascript
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none'
last-modified: Mon, 28 Oct 2024 14:06:45 GMT
access-control-allow-headers: Content-Type
x-frame-options: SAMEORIGIN
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
referrer-policy: same-origin
via: 1.1 347bcc361d70e358fe09ee2d36913dd6.cloudfront.net (CloudFront)
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 851
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P6
server: RX

GET
H2 200 p.css
p.typekit.net/ 5 B
173 B 34ms
4ms Stylesheet
text/css 2600:141b:1c00:8::1728:b337
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=phq8nwg&ht=tk&f=15982.15984.37450.16353.37464.37466.37515.37516.37517.37518.37519.37520.51838.51839.51840.51841&a=6157095&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/phq8nwg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:8::1728:b337 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: public, max-age=604800
etag: "6743207f-5"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: text/css
last-modified: Sun, 24 Nov 2024 12:47:59 GMT
server: nginx

GET
H2 200 6b575081-117f-49ba-bff7-347875107505.json Show response
cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/ 4 KB
2 KB 32ms
24ms XHR
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/6b575081-117f-49ba-bff7-347875107505.json

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

452e848011addd295fb703e4160153e3d1b126765b6ec39529d4265b7370296d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5: BgWvBP6Mp0YbPhlBiUL4iA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DD153B1F13A9DB
age: 39819
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Tue, 17 Dec 2024 02:13:53 GMT
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: application/json
last-modified: Thu, 05 Dec 2024 14:43:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 59f5b538-c01e-00bb-5e24-47727e000000
cf-ray: 8f2b281faae3de96-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1576
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 337 KB
114 KB 67ms
45ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MJ69SWF

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

096a248d914f3da68f3230ed3ae0bbb5406a167a8df720573fdea094a97ac1f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 16 Dec 2024 02:13:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 16 Dec 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 116037
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/ 492 KB
153 KB 4ms
4ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 5395541545685299795
age: 31717
x-content-type-options: nosniff
expires: Mon, 15 Dec 2025 17:25:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 15 Dec 2024 17:25:16 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 156760
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 216 B
131 B 26ms
25ms XHR
application/json 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.infosecurity-magazine.com

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ceb249f42db7f411265a9c11e2ce10d063e2f3a6121505a19e3dd34cd3c55a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 02:13:53 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 106
date: Mon, 16 Dec 2024 02:13:53 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 53077635-763c-405f-a40e-cacd7b304381.jpg
assets.infosecurity-magazine.com/webpage/feat/ 99 KB
100 KB 95ms
95ms Image
image/jpeg 3.168.102.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.infosecurity-magazine.com/webpage/feat/53077635-763c-405f-a40e-cacd7b304381.jpg

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.168.102.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-168-102-22.jfk52.r.cloudfront.net

Software

RX /

Resource Hash

ffa7a6f088ca5c5d0e99657677401d80754cced582b0e82681f8f4caf74d8a07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.infosecurity-magazine.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, max-age=2764800
x-content-type-options: nosniff
via: 1.1 347bcc361d70e358fe09ee2d36913dd6.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 101820
x-ua-compatible: IE=Edge
date: Mon, 16 Dec 2024 02:13:53 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
x-amz-cf-pop: JFK52-P6
server: RX
x-amz-cf-id: MEvO2Ja36Y_Qmctw_k7AiQvhdNUMLHkZMkkc39vOWi8Tqt_iCwkf6A==
x-frame-options: SAMEORIGIN

GET
H2 200 l
use.typekit.net/af/73dbad/00000000000000007735a197/30/ 24 KB
24 KB 37ms
18ms Font
application/font-woff2 2600:141b:1c00:8::1728:b335
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/73dbad/00000000000000007735a197/30/l?subset_id=2&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/phq8nwg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:8::1728:b335 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 4ca1e0e518aaf5d78abd4fc78268ac642cb679dbb56a905d2c57a296566a0bba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.infosecurity-magazine.com
Referer: https://use.typekit.net/phq8nwg.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "550ca47a88a465c010c13a8c017f04a91a75a9a4"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 24168
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/32b0e4/00000000000000007735a185/30/ 44 KB
45 KB 42ms
24ms Font
application/font-woff2 2600:141b:1c00:8::1728:b335
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/32b0e4/00000000000000007735a185/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/phq8nwg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:8::1728:b335 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 4f8059cfd6739160b9073e937833a58c728a9791b380f27fcf2d047d76951155

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.infosecurity-magazine.com
Referer: https://use.typekit.net/phq8nwg.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "dead750a1d4bc579636464295fb9e45aa84c4884"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 45468
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 l
use.typekit.net/af/2180b4/00000000000000007735a193/30/ 23 KB
23 KB 41ms
23ms Font
application/font-woff2 2600:141b:1c00:8::1728:b335
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2180b4/00000000000000007735a193/30/l?subset_id=2&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/phq8nwg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:8::1728:b335 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: a45a4393f8b7ac978e32ac46f58dad43eb83811a4b3d9f7b79cac1f864edd662

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.infosecurity-magazine.com
Referer: https://use.typekit.net/phq8nwg.css

Response headers

cache-control: public, max-age=31536000
timing-allow-origin: *
etag: "d42a9fe146eae2c4c65475dbd44806c5aed58d8b"
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23312
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: application/font-woff2
server: nginx

GET
H2 200 32483240-27a8-4f36-ac60-9d465c05a5d5.jpg
assets.infosecurity-magazine.com/s3/infosec-media/images/profile/ 1 KB
2 KB 7ms
6ms Image
image/webp 3.168.102.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.infosecurity-magazine.com/s3/infosec-media/images/profile/32483240-27a8-4f36-ac60-9d465c05a5d5.jpg?width=64&height=64&mode=crop&scale=both&format=webp

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.168.102.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-168-102-22.jfk52.r.cloudfront.net

Software

RX /

Resource Hash

d41d86d112c46e55250f324d33d2d4401c540d9ac8087befc156e931a777f5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

age: 1238636
x-content-type-options: nosniff
expires: Thu, 02 Jan 2025 18:09:57 GMT
x-cache: Hit from cloudfront
x-ua-compatible: IE=Edge
x-amz-cf-id: JHSnss8_tg0MhTBWuFlimcvuhQe_fV4GmU3dY9NcYho8RgTb6bnWbA==
date: Sun, 01 Dec 2024 18:09:57 GMT
content-type: image/webp
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public
x-aspnet-version: 4.0.30319
via: 1.1 347bcc361d70e358fe09ee2d36913dd6.cloudfront.net (CloudFront)
content-length: 1292
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P6
server: RX

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 69 B
305 B 76ms
40ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: application/json
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8f2b28205ca2438b-EWR
access-control-allow-origin: *
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
H2 200 / Show response
www.infosecurity-magazine.com/account-buttons/ 240 B
2 KB 205ms
204ms XHR
application/json 3.168.102.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/account-buttons/?time=1734315233300

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.168.102.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-168-102-22.jfk52.r.cloudfront.net

Software

RX /

Resource Hash

4e916eb59cd64cce6fc41e3355180f0284ae0edc2602686431e90f2e7f082652

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: Vg8GV1ZVCxACUFBSAgMEV1c=
Referer: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MTYwNjMiLCJhcCI6IjMyMjUzNTU3MiIsImlkIjoiNzg0MGIyZTAzNzRlZjczOSIsInRyIjoiMWU4ZWFmYmEwNWE0NmFlZjJmNWNlNGQxMmQ3YzUxMTQiLCJ0aSI6MTczNDMxNTIzMzMwMn19
traceparent: 00-1e8eafba05a46aef2f5ce4d12d7c5114-7840b2e0374ef739-01
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
tracestate: 2916063@nr=0-1-2916063-322535572-7840b2e0374ef739----1734315233302

Response headers

x-content-type-options: nosniff
access-control-allow-methods: *
expires: -1
x-cache: Miss from cloudfront
x-ua-compatible: IE=Edge
x-amz-cf-id: jlwTQJ71JDOTmbsS4wujMXo_0J9Ipmcq1_E2R6LBS-oMIaSGf9iyiA==
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: application/json; charset=utf-8
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none'
access-control-allow-headers: Content-Type
x-frame-options: SAMEORIGIN
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
cache-control: no-cache, no-store
pragma: no-cache
referrer-policy: same-origin
via: 1.1 347bcc361d70e358fe09ee2d36913dd6.cloudfront.net (CloudFront)
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=()
content-length: 240
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P6
server: RX

GET
H2 200 / Show response
www.infosecurity-magazine.com/nav/mobile/ 4 KB
2 KB 77ms
77ms XHR
text/html 3.168.102.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/nav/mobile/

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.168.102.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-168-102-22.jfk52.r.cloudfront.net

Software

RX /

Resource Hash

53fc4495c7705b2373e2b73ec881c82dffb40cfbd744d8e5bd8ba7f5a018575b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: Vg8GV1ZVCxACUFBSAgMEV1c=
Referer: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MTYwNjMiLCJhcCI6IjMyMjUzNTU3MiIsImlkIjoiMjgwM2M5NDljNzg3OTc1NCIsInRyIjoiODIwNDQyNzE4NWIxMjhjNDRjNDdmOWMzNWI0YmYxMzMiLCJ0aSI6MTczNDMxNTIzMzMwM319
traceparent: 00-8204427185b128c44c47f9c35b4bf133-2803c949c7879754-01
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
tracestate: 2916063@nr=0-1-2916063-322535572-2803c949c7879754----1734315233303

Response headers

content-encoding: br
x-content-type-options: nosniff
access-control-allow-methods: *
x-cache: Miss from cloudfront
x-ua-compatible: IE=Edge
x-amz-cf-id: 83JtrW_rgGov-ZduN5Ayn4SS65Xm9cBkV-3d5rlJpegwqdILwpR48A==
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none'
access-control-allow-headers: Content-Type
x-frame-options: SAMEORIGIN
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
cache-control: private
referrer-policy: same-origin
via: 1.1 347bcc361d70e358fe09ee2d36913dd6.cloudfront.net (CloudFront)
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=()
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P6
server: RX

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame F21D 0
0 24ms
5ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1565
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29117
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 16 Dec 2024 01:47:48 GMT
expires: Mon, 16 Dec 2024 02:37:48 GMT
last-modified: Mon, 09 Dec 2024 20:44:42 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
20 KB 64ms
63ms Fetch
text/plain 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1878746388259180&correlator=2054353379809527&eid=95345000&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&iu_parts=1165%2Crx_infosecurity_magazine%2Cnews%2Cincrease-microsoft-tool-exploits&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1734315233386&lmt=1734237039&adxs=436&adys=8&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&vis=1&psz=1600x50&msz=728x50&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734315233119&idt=192&cust_params=topics%3DIdentity%2520Access%2520Management%252CMalware%252CNetwork%2520Security%252CRisk%2520Management%252CResearch%2520Reports%252CRisk%2520and%2520Vulnerability%2520Assessment%252CVulnerability%2520Management%252CRansomware&adks=495710379&frm=20&eoidce=1&td=1&egid=48793&tan=4d96dde0-3a1e-4936-90b6-3fef8b8fb549&tdf=2

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f789e6c6729794e2a53822e32fb5eda0da82e5e6b8189919dbab32df09fb554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
google-lineitem-id: 6865662437
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138500389700
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.infosecurity-magazine.com
content-length: 19989
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
20 KB 60ms
59ms Fetch
text/plain 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1878746388259180&correlator=2696293939904491&eid=95345000&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&iu_parts=1165%2Crx_infosecurity_magazine%2Cnews%2Cincrease-microsoft-tool-exploits&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1734315233394&lmt=1734237039&adxs=1046&adys=760&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&vis=1&psz=364x329&msz=300x250&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734315233119&idt=192&cust_params=topics%3DIdentity%2520Access%2520Management%252CMalware%252CNetwork%2520Security%252CRisk%2520Management%252CResearch%2520Reports%252CRisk%2520and%2520Vulnerability%2520Assessment%252CVulnerability%2520Management%252CRansomware&adks=3125356031&frm=20&eoidce=1&td=1&egid=48793&tan=4d96dde0-3a1e-4936-90b6-3fef8b8fb54a&tdf=2

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a78a609f147a476981e2e83ff8e32cfb67c76636fa210756e22ac8f4eaf116b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
google-lineitem-id: 6865662437
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138500389439
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.infosecurity-magazine.com
content-length: 19986
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
20 KB 74ms
73ms Fetch
text/plain 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1878746388259180&correlator=1225066222465108&eid=95345000&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&iu_parts=1165%2Crx_infosecurity_magazine%2Cnews%2Cincrease-microsoft-tool-exploits&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1734315233398&lmt=1734237039&adxs=436&adys=1142&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&vis=1&psz=1600x50&msz=728x50&fws=512&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734315233119&idt=192&cust_params=topics%3DIdentity%2520Access%2520Management%252CMalware%252CNetwork%2520Security%252CRisk%2520Management%252CResearch%2520Reports%252CRisk%2520and%2520Vulnerability%2520Assessment%252CVulnerability%2520Management%252CRansomware&adks=266191940&frm=20&eoidce=1&td=1&egid=48793&tan=4d96dde0-3a1e-4936-90b6-3fef8b8fb54b&tdf=2

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5cb4e798c6fb342c8465e8788e1b32fb84f2b1fd3d09a6e13ff390a49e915ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
google-lineitem-id: 6865662437
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138500389700
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.infosecurity-magazine.com
content-length: 19993
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
266b2e2a281cc6f6500fb5a888b62066.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 394F 0
0 60ms
19ms Document
text/html 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://266b2e2a281cc6f6500fb5a888b62066.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 16 Dec 2024 02:13:53 GMT
expires: Mon, 16 Dec 2024 02:13:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202411.1.0/ 462 KB
112 KB 24ms
24ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202411.1.0/otBannerSdk.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5e5da9ad3458d5cbdf9c3262174f7689b8e42a1c7acf3675f7b2feb19afcf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5: 8fF3bQBAtsTV4Scm1Tq+rA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DD141864E1A335
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 70164
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: application/javascript
last-modified: Wed, 04 Dec 2024 04:01:56 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 2371e7f4-d01e-0086-3f09-46c758000000
cf-ray: 8f2b2820ea777271-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 114429
x-ms-blob-type: BlockBlob
server: cloudflare

POST
H3 200 collect
www.google.com/ccm/ 0
0 51ms
26ms Ping
text/plain 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=294135734.1734315233&dt=2024%20Sees%20Sharp%20Increase%20in%20Microsoft%20Tool%20Exploits%20-%20Infosecurity%20Magazine&auid=1087689695.1734315233&navt=n&npa=0&gtm=45He4cc1v78347448za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734315233461&tfd=567&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJ69SWF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 404 KB
131 KB 68ms
56ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8VSXE5KKGM&l=dataLayer&cx=c&gtm=45He4cc1v78347448za200

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9224efa39d020489a1c49dbe4e7afcf965f85e289d854ef0de008104dcd52b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 16 Dec 2024 02:13:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 133651
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 36ms
4ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 5103
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 02:48:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 00:48:50 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 291 KB
100 KB 48ms
41ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-875375440&l=dataLayer&cx=c&gtm=45He4cc1v78347448za200

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c63e8c3d9cd69f3e1a48d5c08c6707364e426dd79730b2301c3997872c14c97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Mon, 16 Dec 2024 02:13:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 16 Dec 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 101791
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 50ms
8ms Script
application/javascript 2600:141b:1c00:6::17df:d105
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d105 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

5615cdac4c30b1fb905891f5de1e1dcf7745b6b0ec88cfc89360ee48fc240977

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=79528
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 5114
date: Mon, 16 Dec 2024 02:13:53 GMT
last-modified: Wed, 11 Dec 2024 08:31:33 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 59ms
23ms Script
application/x-javascript 2a03:2880:f00e:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-3jsylkU0' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-3jsylkU0' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=23, mss=1232, tbw=4501, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: /OYqXiJ2KaP6/BKMSJMcPzlqLRoP3qGgOZFlu018LAfNsiFge6Hw0LVC7amWvnaUAG4L9T/xjMPGqwlyf4nm8g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62283
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 oct.js Show response
static.ads-twitter.com/ 57 KB
16 KB 62ms
11ms Script
application/javascript 146.75.36.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "4328e910de583ad53b3a7a76455af005+gzip"
accept-ranges: bytes
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15926
date: Mon, 16 Dec 2024 02:13:53 GMT
x-tw-cdn: FT
last-modified: Tue, 29 Oct 2024 20:04:45 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kcgs7200129-IAD
x-amz-server-side-encryption: AES256

GET
H2 200 tag.aspx Show response
ml314.com/ 38 KB
13 KB 31ms
7ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?15112024
Requested by: Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d0e12af8c4e560fe89643639e0c3ed4dc76125c62adeb2879b761d73dbaecf50

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=6sDw2Q==, md5=YyYW/xWCXwMKqzORpY7wQg==
content-encoding: br
age: 772
x-goog-stored-content-encoding: identity
x-cache-hit: hit
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 39162
date: Mon, 16 Dec 2024 02:01:01 GMT
last-modified: Wed, 24 Jul 2024 19:30:50 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC5cXnYvK0ZkSw1NNni5FJv5r649ZHGQ0ZoingzTQz2CngBlBuJJYxXC7ZTSmUyrSHLBb9S_JTk
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
via: 1.1 google
cache-id: LGA-12baf686
accept-ranges: bytes
x-goog-generation: 1721849450340665
content-length: 12522
server: UploadServer

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 5D8E 0
0 22ms
2ms Document
text/html 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.infosecurity-magazine.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJ69SWF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 221478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Fri, 13 Dec 2024 12:42:35 GMT
expires: Sat, 13 Dec 2025 12:42:35 GMT
last-modified: Thu, 12 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 426A 0
0 72ms
68ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEWbD3C8puGN7lR-t7umjPHynGlRgVR_L-k5d3Kn2TVdPoA9BuG-TfN-fpKLCM6JP3iMVjDggPk7_c3_rA5KjqVB8uEgXBU1jQSdPRtvCtJrY9gv1cRhyhpWuJ6cMUcDsrPdNSP-PPJmKU_aqHUWMBH4sOAcANxRsVlWEhOivem7F3lzDJaQWjEare5qVUSWOBBURDt2UsbdSG1gauS1Yq3PX9W6qLv7Z_H5i86nVj7VMEXrmaSnRFFvU8d6JT4HrO4RhY6M1Hm_nYxDTBF54KZhNF1nhyvNJoSSZrQ9a9fNrSk52i1wAOPaB3YeAhSc6ZHucAoION2gUT8QtefIr-zjkqdUrQnoc5xksoFAI4hYJ8FRrR9fhXd39glAm4bkebYe7eQetwgTg3ScPSxXJ7WZrHoa416bQg8OhEuM4gLzrdg1-F-6C4Yi_h2x8Pv4GYDxeDwy2FJdv1xw&sai=AMfl-YT0ssxYhseASUO0Nny08ymYKH5syqSRnHL3fWXkr2PyFOj74WugQyYcqwMCSmQwfuaqEtM-JADlAh3aGBUwg2NBzeEhq97CW25LytDyu0XNOEC_oL1BpgftBzj-n2sD988EgyyXujQEFCtYipM9&sig=Cg0ArKJSzDHIfC3A7vFXEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 02:13:53 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 16 Dec 2024 02:13:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241212/r20110914/client/ Frame 426A 3 KB
2 KB 75ms
4ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241212/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 6567774568227038691
age: 47889
x-content-type-options: nosniff
expires: Sun, 29 Dec 2024 12:55:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 15 Dec 2024 12:55:44 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1234
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 426A 218 KB
67 KB 68ms
19ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 15965780714114583650
age: 1271
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 02:52:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 16 Dec 2024 01:52:42 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69026
x-xss-protection: 0
server: cafe

GET
H2 200 3987499950302233422
tpc.googlesyndication.com/simgad/ Frame 426A 91 KB
92 KB 75ms
5ms Image
image/png 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3987499950302233422

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18112857f1e349075b55369c6789129b8e7e9ba4be9e6e6d67fa36ebe89351b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

age: 221881
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Sat, 13 Dec 2025 12:35:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Fri, 13 Dec 2024 12:35:52 GMT
last-modified: Mon, 09 Dec 2024 10:08:57 GMT
content-type: image/png
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 93626
x-xss-protection: 0
server: sffe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E55E 0
0 69ms
67ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGSaalcU73aokbrknDCr3JGTidEvJ6-GLD4FV9ds6NkXBscrvwSS0q-0Zv_mbemv-aBQxcyuRgUtcfPvUYwzJlDx33jfoQqR_wBYsjwj2Oi8_M_H5cc6Ag1hN5z5Jds15ipNJlTSWhPdUb3MbiJVaslt4VtIZuVY4H0RlcglcQ0FwnX8O7cBxBcJKVWedx4PesENr6bDGf46mpEkH08GtZRhMQGpH3hBHOhtXgpuvjPuSkAevNJHxKPFL7kAerdjZtJ6SgB650r_YlFq-NtANj4YeqaqdNdGMveOxGSGIQrJz4wC2dZ968fi_MSsB0aCMhWCtC8fVrR7-TH_JXC2oy7Qw0dH9I_-YCyrLNCT_dqAtc4geMB75vCPsKXKFPOwsHeakD0mhB5VhtPHvESe9fqAyGRUhKWxez9U5I5CaJL-UH26_2-wpRMQNTOcvR6gpW5Nmd5MoyGTAJLg&sai=AMfl-YS2fqTW0cxWqv2M4aNEC8WdNteMWQQPuqZ8sLiiz4Cz_qCz-s2OrIH0n52s6VM3VQHE8CaBzNYEL8v42bkqREg4Yw0vLrGxXPTqAFVy_8msaIaXQNsj9baNdNnSow6FPjoAmZqdZccQXthaiTmD&sig=Cg0ArKJSzHLCXLDK5KcsEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 02:13:53 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 16 Dec 2024 02:13:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241212/r20110914/client/ Frame E55E 3 KB
0 36ms
36ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241212/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 6567774568227038691
age: 47889
x-content-type-options: nosniff
expires: Sun, 29 Dec 2024 12:55:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 15 Dec 2024 12:55:44 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1234
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E55E 218 KB
0 30ms
30ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 15965780714114583650
age: 1271
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 02:52:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 16 Dec 2024 01:52:42 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69026
x-xss-protection: 0
server: cafe

GET
H2 200 14807556918793490054
tpc.googlesyndication.com/simgad/ Frame E55E 83 KB
83 KB 40ms
10ms Image
image/png 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14807556918793490054

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afcda59138d941b76c6cef7da75bcbf0cc1d881c898fa99f34ddc9e255d945d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

age: 216798
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Sat, 13 Dec 2025 14:00:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Fri, 13 Dec 2024 14:00:35 GMT
last-modified: Mon, 09 Dec 2024 10:08:14 GMT
content-type: image/png
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 85268
x-xss-protection: 0
server: sffe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C1A6 0
0 75ms
73ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOLLouBM-eaE1TCKeLOKrCvvw8tdualaA3Dk6bG4M0hApGAK2N8PyynqWQ7FhYc0c7CPUIwBbtNaK8D6x04FG5blp6VfLL3sa_Ii5cL_62Y3BWrVFbJNXzcB5Dl6Tbr_r78a41O8IKhh_heeQPAkYMJYNm89JBgYm2GGnVgoycYqnOm3JFfCVM7J7iy_cHejKt0DzmodnYf-tFE-vQ4m8V2VY5saSYcKM0_yXnutzKlRN4aPOfkUlOtficqTFmc9RhaWy-eTDyacQSSdajD0sPKDXjTpumbGGPtwGTT3f1L9SV33FyfxZB0XugJBcySaeYkipL2r9pfKPMAEfDG6nYZudm6q809NKfh7lxjGXYkGBKlxhkY8Ry1HaOQbiGiezRBzwfZ2YyQOlnr-roArkCrFus54n1ntgqO4AE0ayHoO3XNSAYNdEMhs5z8PKsY5Jez-6iZyFCTtrr8A&sai=AMfl-YR23OYiHV1QwycP1jZE7sSUK67IRmJHIQCR0LAVoJ8tGRgUPPNwwbOiK0iYZj6d8gWgGMM9kNR4mpkJvfkSoqgh0PFqVov0JgPaGjp59_cI8B49rvHj75uataNjRgUSoFiJ7xSKGzKWDIP6FhOU&sig=Cg0ArKJSzMnJwGZ8pc1GEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 16 Dec 2024 02:13:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 14807556918793490054
tpc.googlesyndication.com/simgad/ Frame C1A6 83 KB
0 1ms
1ms Image
image/png 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14807556918793490054

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afcda59138d941b76c6cef7da75bcbf0cc1d881c898fa99f34ddc9e255d945d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

age: 216798
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Sat, 13 Dec 2025 14:00:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Fri, 13 Dec 2024 14:00:35 GMT
last-modified: Mon, 09 Dec 2024 10:08:14 GMT
content-type: image/png
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 85268
x-xss-protection: 0
server: sffe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241212/r20110914/client/ Frame C1A6 3 KB
0 3ms
3ms Script
text/javascript 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241212/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 6567774568227038691
age: 47889
x-content-type-options: nosniff
expires: Sun, 29 Dec 2024 12:55:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Sun, 15 Dec 2024 12:55:44 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1234
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C1A6 218 KB
0 4ms
4ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 15965780714114583650
age: 1271
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 02:52:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 16 Dec 2024 01:52:42 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69026
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 426A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6ed867e253e82c175bf97ee695d335978bf2635bbd6b264fca42d8eac2d3dcd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E55E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b570a72b43aa0855fd437935fa38042bf4f6e985483e2e26211783bac0531626

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C1A6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cc1da126da93f4118899507e51e185b3f58c70557991f1a5015dd3143927a73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/018e2cd8-c28b-750d-9e58-7ba1eec301f0/ 82 KB
17 KB 22ms
21ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/018e2cd8-c28b-750d-9e58-7ba1eec301f0/en.json

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01363ea36a461108817250e3608c09dffd0058064fbc26a27d446d6a32ad2142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5: wKF6ksed7FU3s12pfatXAA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DD153B22220E9A
age: 40065
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Tue, 17 Dec 2024 02:13:53 GMT
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: application/json
last-modified: Thu, 05 Dec 2024 14:43:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 5df5f9cf-a01e-0082-5e24-4732da000000
cf-ray: 8f2b28223872de96-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17586
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C1A6 0
0 76ms
75ms Fetch
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 16 Dec 2024 02:13:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C1A6 0
0 66ms
66ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8QqVeU11nabGPcr7PGdp4C6yqDkBLCW47ntYiDWDckdfmh0q9HB9HXW-_mt5M_hDJ_pvAxIWl3rWI4rzfzpfFis6gMTUmuf69ijFdS9ALzWXHsYGbjIGrVax7xgpJA1IQSAlnz7PQwYdfJ1EDPnZs5u3gThZ7S2ZezMXF7l3kuylF2HXtxKpcuisYK9bOFzLxkDX-Pv2Es_RumQXPmc82SUrfoiduu-Vs-vc7MlUzqekjXcuYIBnP61vrjBN-Exi_SMmG74RQKTaFnuuzpLOmNRNHH5MjgzZTMhaIiFfgcrEws-ly1aSpJrmKatCWHKLIEmWGgmNc0O0GVmoNgHdCslpvMu1cQMsz-doyos2V7S9-9lR0_VZnAsvVjRXIqT7p7TUBiy18iz2lxAbVKmT-fUGNw_T7pbSBywrBUvV4t0sbVXkfxT1ZFG08WjszLwNzYA7oM7Wgt_xERc4Q&sai=AMfl-YRMYTVfwvZ61D2cMu4Xk26q0VefPBaDsftp8sxesNF--paClMbH3qSupZCSrNor66JlKyYhxeUGymW4gUIZmVGs7vKxiNyHprn7bIbj8Ec8nmEjml9BZxXJf11KmzzamDTNIP9e0tSkygZxo0CP&sig=Cg0ArKJSzNS0T1DtTyGKEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 02:13:53 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 16 Dec 2024 02:13:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E55E 0
0 116ms
71ms Fetch
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 16 Dec 2024 02:13:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E55E 0
0 67ms
66ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseoHzQm7IF0ZX1-HzqsuqJnWFEY3b3c_Bz9FOfb3VUzboKJA0TiK9Brq-mesSHPZCJd_3nLYMnAoblsBZ6n8R8YVuYa0tZGnfApJThFXEe_r7DcAZCtCwAf10Hs6DjQyDKONJO5QYzpUm12IrG36Mk7vmKlqf_hLY3qyLZbjsQO7N539EDUUnnAo53RBhNXWhX77CC4Vt2ToeUzw-yvZIRGc-A_hRpvbuNpkGMOmiAhbX-v0a9Qu4WNAMVnRBQ8km_hYxxDd2JCdxoyK_qfgIrF9eeJnXIteTRFhpM-43zFWZDaajiHXAQxSJ4KZ-f3mDMxAqPSvV6ZkAfjH00teiK0XzRk14TB9ikVLj6OQEYjaDIoqEkmf68Wmn8Mz5-912Rpo2Vxwi3il1g3rO1dy1l17p0dJiug-_SFR-Izk9GRGuMefn1C7BUqRCzHrvPpa-pZ_YGxekOb1DufmkA&sai=AMfl-YRCHkU-azH4B7BUU0viN1tpLYzc2LVKxD0HD_gHAwuLcA1EXrWRms69w6yTu-DsvYp0NLq8Za1FMDNXmXx8xwQ60JvCL39zbup4qeuboPy_04AChdTc-isaBBwxdcG7QfKV1Zw_rS3egaZ18Ngw&sig=Cg0ArKJSzBAV_WPEaCaZEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 02:13:53 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 16 Dec 2024 02:13:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 426A 0
0 158ms
64ms Fetch
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 16 Dec 2024 02:13:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 426A 0
0 69ms
68ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQrQM2tQIz38XEX2O_IoQnv6yaXQnIcPjSp4EmN7xqyMhfj5cNFPVjHhOdju6wRBQ_UwTUrpZFrOo2JrTbzIaDiin-G7Qesyp4RDJUbVJEgaJbZ9HFVqKI3g-_pk-WMn2YI-GSl9m8zM4il2tRqEpKoXsi4VEcWBIG_gnEZhCIaTNhtp-Sb0Dj9NeouXxPOuGX6O_0hO6gSC7htkebr7y507zJO1JybWKVAlkrHRD5GEdJwdI2YZu7NHPKjgcVmWz8MA4p4eNCyqgoh10ybEh3vucblrTEQGbKNSq_3ohLXNFqgwYvWRNUR7Ci4T82koi2h9Q7WzQUEDEU0jiN7ntRpexfVPkqwLvtTFbtPqVF5hKh01v9lH8U_6mtEyhpeCsNgQIQSticx0n4sLqqOeUnEnVvEIF67aIRYf1A7NgvnHRKcVcG78J_p7NFf0CFqPAaisF6nFKUxLxnwH48&sai=AMfl-YQnHCp0eTEWiWJnZmQ2T2C4ShpQXAaDnjHLZPcwqP12CJZC-Wf_1AZJInitvqPJDg0cFg4C2pP4JKlaVyXgqeBwsBrdURWWtaZ_waafe0ExYzlfQfzVEQf387uPzx5U6olShnFrfCiDrijIof20&sig=Cg0ArKJSzHAmEv1bpB16EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 02:13:53 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Mon, 16 Dec 2024 02:13:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 utsync.ashx Show response
ml314.com/ 641 B
1 KB 29ms
27ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=81370&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&pv=1734315233755_3jnl88ood&bl=en-us&cb=2670804&return=&ht=&d=&dc=&si=1734315233755_3jnl88ood&cid=&s=1600x1200&rp=&v=2.7.4.212
Requested by: Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 280e9bdb030f093750d0780f9729e06b42bb75526185f3f11f402d9f390e7eef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
via: 1.1 google
expires: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: application/javascript
server: Google Frontend

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ 36 B
497 B 147ms
69ms Script
application/javascript 54.147.65.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=15112024&v=2.7.4.212
Requested by: Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.147.65.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-147-65-197.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 46641a3cd4c211689f3110382ceb957dee3e6bddcd1984191eea9b7905381975

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control: public
X-AspNet-Version: 4.0.30319
Content-Encoding: gzip
Connection: keep-alive
Expires: Tue, 17 Dec 2024 02:13:53 GMT
Content-Length: 153
Date: Mon, 16 Dec 2024 02:13:53 GMT
Content-Type: application/javascript; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
369 B 20ms
19ms XHR
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1727725703&t=pageview&_s=1&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&ul=en-us&de=UTF-8&dt=2024%20Sees%20Sharp%20Increase%20in%20Microsoft%20Tool%20Exploits%20-%20Infosecurity%20Magazine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAACAAI~&jid=914733508&gjid=1778211698&cid=335296838.1734315234&tid=UA-7632735-1&_gid=921443898.1734315234&_r=1&_slc=1&gtm=45He4cc1n81MJ69SWFv78347448za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=76650816

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 02:13:53 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.infosecurity-magazine.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ 35 B
407 B 4ms
3ms Image
image/gif 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1727725703&t=pageview&_s=1&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&ul=en-us&de=UTF-8&dt=2024%20Sees%20Sharp%20Increase%20in%20Microsoft%20Tool%20Exploits%20-%20Infosecurity%20Magazine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAACAAI~&jid=&gjid=&cid=335296838.1734315234&tid=UA-7632735-1&_gid=921443898.1734315234&gtm=45He4cc1n81MJ69SWFv78347448za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=158577398

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

age: 17060
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 21:29:33 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 7ms
6ms Script
application/javascript 2600:141b:1c00:6::17df:d105
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:6::17df:d105 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=65960
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14634
date: Mon, 16 Dec 2024 02:13:53 GMT
last-modified: Tue, 26 Nov 2024 13:42:26 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 adsct
t.co/i/ 43 B
628 B 173ms
144ms Image
image/gif 172.66.0.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=1&dv=Pacific%2FHonolulu%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2616%2624%261600%261200%260%26na&eci=1&event_id=39decc7c-07e7-49dc-a23c-a8af4504a58f&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c3a77627-9052-475c-829f-9725079aa762&tw_document_href=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7tzd&type=javascript&version=2.3.31

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=0
x-transaction-id: 51c94816d2339772
cache-control: no-cache, no-store, max-age=0
x-connection-hash: e562add0bd99a188b82823c3ef121181ab0e63a36bfb6c3f5c262f04526055b3
cf-cache-status: DYNAMIC
cf-ray: 8f2b282379d18c05-EWR
x-response-time: 79
content-length: 43
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_b

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 118ms
40ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=1&dv=Pacific%2FHonolulu%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2616%2624%261600%261200%260%26na&eci=1&event_id=39decc7c-07e7-49dc-a23c-a8af4504a58f&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c3a77627-9052-475c-829f-9725079aa762&tw_document_href=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7tzd&type=javascript&version=2.3.31

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: abe44c1b57f59fa3
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 0741b7b200ee7a90bbc4e55f72cfa46efd9e7b2b8685ffe4377c674ee2789055
x-response-time: 5
content-length: 43
date: Mon, 16 Dec 2024 02:13:53 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_b

GET
H3 200 580638648955413 Show response
connect.facebook.net/signals/config/ 79 KB
16 KB 18ms
18ms Script
application/x-javascript 2a03:2880:f00e:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/580638648955413?v=2.9.179&r=stable&domain=www.infosecurity-magazine.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f66cf25254aed9cc93405fb52c07e6750328dcc77551074c82679bf26ec07cd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-Bke1XGme' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-Bke1XGme' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=77, mss=1232, tbw=71321, tp=67, tpl=0, uplat=2, ullat=-1
pragma: public
x-fb-debug: vsyiSd6wTVi1b/lTyfMLADF6u/oLbKI+bz5GwrZ1qqdHtYv3ZfY9rq773eSJ/CDL0tdfY9JOYVcJZbYKgsw75Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 16264
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/875375440/ 5 KB
3 KB 50ms
27ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/875375440/?random=1734315233849&cv=11&fst=1734315233849&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457z878347448za201zb78347448&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=2024%20Sees%20Sharp%20Increase%20in%20Microsoft%20Tool%20Exploits%20-%20Infosecurity%20Magazine&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1087689695.1734315233&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&rfmt=3&fmt=4

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

88e7cd943a41e8e3e5a4d4bc899054269088171ffb14c6008dc8c32fe6776310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2645
date: Mon, 16 Dec 2024 02:13:53 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 875375440
td.doubleclick.net/td/rul/ Frame 599B 0
0 45ms
28ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/875375440?random=1734315233849&cv=11&fst=1734315233849&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457z878347448za201zb78347448&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=2024%20Sees%20Sharp%20Increase%20in%20Microsoft%20Tool%20Exploits%20-%20Infosecurity%20Magazine&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1087689695.1734315233&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Dec 2024 02:13:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C1A6 0
0 66ms
66ms Fetch
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 16 Dec 2024 02:13:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E55E 0
0 131ms
64ms Fetch
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 16 Dec 2024 02:13:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 426A 0
0 194ms
66ms Fetch
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Mon, 16 Dec 2024 02:13:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 collect
analytics.google.com/g/ 0
0 42ms
18ms Fetch
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-8VSXE5KKGM&gtm=45je4cc1v898772242z878347448za200zb78347448&_p=1734315233221&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=335296838.1734315234&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1734315233&sct=1&seg=0&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&dt=2024%20Sees%20Sharp%20Increase%20in%20Microsoft%20Tool%20Exploits%20-%20Infosecurity%20Magazine&en=page_view&_fv=1&_ss=1&tfd=1053
Requested by: Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.infosecurity-magazine.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
564 B 47ms
19ms Ping
text/plain 2607:f8b0:4004:c21::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8VSXE5KKGM&cid=335296838.1734315234&gtm=45je4cc1v898772242z878347448za200zb78347448&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8VSXE5KKGM&l=dataLayer&cx=c&gtm=45He4cc1v78347448za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c21::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.infosecurity-magazine.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame FDCD 0
0 23ms
23ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-8VSXE5KKGM&gacid=335296838.1734315234&gtm=45je4cc1v898772242z878347448za200zb78347448&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1030360000

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Dec 2024 02:13:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
312 B 69ms
33ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 0C0B2DA3A7474A9290329A1007F8E5A5 Ref B: EWR30EDGE1015 Ref C: 2024-12-16T02:13:54Z
x-li-fabric: prod-lva1
access-control-allow-credentials: true
x-li-uuid: AAYpWbt0Whc8snlbBsjNQg==
x-li-proto: http/2
access-control-allow-origin: https://www.infosecurity-magazine.com
x-cache: CONFIG_NOCACHE
date: Mon, 16 Dec 2024 02:13:53 GMT
vary: Origin

GET
H2

200

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3649151541154152509&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3649151541154152509&redir=

42 B
716 B

16ms
14ms

Image
image/gif

54.242.160.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3649151541154152509&redir=

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Server

54.242.160.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-242-160-112.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-va6-1-v068-01809d2ad.edge-va6.demdex.com 4 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: ahsrTFEdQnQ=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Mon, 16 Dec 2024 02:13:54 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3649151541154152509&redir=
dcs: dcs-prod-va6-2-v068-06722f346.edge-va6.demdex.com 0 ms
pragma: no-cache
x-tid: RH1GJCvTSJE=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Mon, 16 Dec 2024 02:13:54 GMT

GET
H3

200

csync.ashx
ml314.com/
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=3649151541154152509
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0OTE1MTU0MTE1NDE1MjUwORAAGg0I4pn-ugYSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=10469d07f9f1ab5d8765b54538d51befbfef10a0631a974b68410d9e686728e9f4cb09cee1a4f8eb&person_id=3649151541154152509&eid=50082

43 B
56 B

44ms
43ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=10469d07f9f1ab5d8765b54538d51befbfef10a0631a974b68410d9e686728e9f4cb09cee1a4f8eb&person_id=3649151541154152509&eid=50082
Requested by: Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/
Protocol: H3
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

via: 1.1 google
expires: Tue, 17 Dec 2024 02:13:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 02:13:54 GMT
content-type: image/gif
server: Google Frontend

Redirect headers

cache-control: no-cache, no-store
timing-allow-origin: *
location: https://ml314.com/csync.ashx?fp=10469d07f9f1ab5d8765b54538d51befbfef10a0631a974b68410d9e686728e9f4cb09cee1a4f8eb&person_id=3649151541154152509&eid=50082
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 0
date: Mon, 16 Dec 2024 02:13:54 GMT

GET
H3

200

utsync.ashx
ml314.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=ee098646-d73a-42a9-8a20-a53aeb923c2d&gdpr=0&gdpr_consent=

43 B
60 B

40ms
39ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=53819&et=0&fp=ee098646-d73a-42a9-8a20-a53aeb923c2d&gdpr=0&gdpr_consent=
Requested by: Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/
Protocol: H3
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
via: 1.1 google
expires: 0,Tue, 17 Dec 2024 02:13:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
date: Mon, 16 Dec 2024 02:13:54 GMT
content-type: image/gif
server: Google Frontend

Redirect headers

location: https://ml314.com/utsync.ashx?eid=53819&et=0&fp=ee098646-d73a-42a9-8a20-a53aeb923c2d&gdpr=0&gdpr_consent=
content-length: 241
date: Mon, 16 Dec 2024 02:13:54 GMT
server: Kestrel

GET
H3

200

csync.ashx
ml314.com/
Redirect Chain

https://ib.adnxs.com/getuid?https://ml314.com/csync.ashx%3Ffp=$UID%26person_id=3649151541154152509%26eid=2
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fml314.com%2Fcsync.ashx%253Ffp%3D%24UID%2526person_id%3D3649151541154152509%2526eid%3D2
https://ml314.com/csync.ashx?fp=1268237498779862649&person_id=3649151541154152509&eid=2

43 B
56 B

45ms
44ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=1268237498779862649&person_id=3649151541154152509&eid=2
Requested by: Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/
Protocol: H3
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

via: 1.1 google
expires: Tue, 17 Dec 2024 02:13:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 02:13:54 GMT
content-type: image/gif
server: Google Frontend

Redirect headers

cache-control: no-store, no-cache, private
location: https://ml314.com/csync.ashx?fp=1268237498779862649&person_id=3649151541154152509&eid=2
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.134; 5.181.234.134; 1043.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: c2d58ae4-4831-4673-ad1f-242583fe8bee
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Mon, 16 Dec 2024 02:13:54 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2cFs2LcsaaVZtmoKFDRQhItos_el55IzPtIIbK_0r6rI&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20

70 B
440 B

13ms
12ms

Image
image/gif

44.196.77.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Requested by: Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/
Protocol: HTTP/1.1
Server: 44.196.77.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-77-126.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date: Mon, 16 Dec 2024 02:13:54 GMT
Content-Type: image/gif

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
pragma: no-cache
via: 1.1 google
expires: 0,Tue, 17 Dec 2024 02:13:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
content-length: 43
date: Mon, 16 Dec 2024 02:13:54 GMT
content-type: image/gif
x-cloud-trace-context: cd69fd16bc8b0953ce2cfcc313eb4bd4
server: Google Frontend

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 291 KB
99 KB 47ms
46ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-875375440

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c1099679bdedfa99f39494e16dc941eb940d20d0489e41fa385b987b0d47e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 16 Dec 2024 02:13:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 02:13:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 16 Dec 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 101684
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/202411.1.0/assets/ 9 KB
3 KB 26ms
25ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202411.1.0/assets/otCenterRounded.json

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64aff3262c56fa48ad38b8d9d4d674a6ee3759d1ce4cb52c66865e3fc2c16d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5: axHCM7K/XWJYJsdaKqr9wQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DD141861A7CAE1
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 39819
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 02:13:54 GMT
content-type: application/json
last-modified: Wed, 04 Dec 2024 04:01:50 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 26e935d1-301e-00c3-3e24-471ac9000000
cf-ray: 8f2b2824c9adde96-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2597
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202411.1.0/assets/ 62 KB
15 KB 26ms
26ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202411.1.0/assets/otPcCenter.json

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf05b33db78a3d7912dac0ca71269dcd90f16451fbafa610f5399c8117597b07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5: 01XeOgI0x6emiMaXG0bOdQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DD141861903EA3
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 40066
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 02:13:54 GMT
content-type: application/json
last-modified: Wed, 04 Dec 2024 04:01:50 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 8faf2123-f01e-00f7-4024-47b561000000
cf-ray: 8f2b2824c9b3de96-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15013
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202411.1.0/assets/ 24 KB
4 KB 27ms
26ms Fetch
text/css 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202411.1.0/assets/otCommonStyles.css

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2afa04c9a3e080712c94d68b9c1d33587fddcbaeaba9dfcaf1d53d19f6a280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5: A9jekd5UoO8SyzJ6LiStug==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 39819
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 02:13:54 GMT
content-type: text/css
last-modified: Wed, 04 Dec 2024 04:02:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 6fa1085b-801e-001d-3f24-474a60000000
cf-ray: 8f2b2824c9b8de96-EWR
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 44ms
17ms Image
text/plain 2a03:2880:f10e:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=580638648955413&ev=PageView&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&rl=&if=false&ts=1734315234043&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1734315234040.7585934468850057&cs_est=true&ler=empty&cdl=API_unavailable&it=1734315233815&coo=false&rqm=GET

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=23, mss=1232, tbw=4552, tp=10, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 16 Dec 2024 02:13:54 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 138ms
111ms Image
image/png 2a03:2880:f10e:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=580638648955413&ev=PageView&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&rl=&if=false&ts=1734315234043&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1734315234040.7585934468850057&cs_est=true&ler=empty&cdl=API_unavailable&it=1734315233815&coo=false&rqm=FGET

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7448827212192581986"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Dec 2024 02:13:54 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: guNfONkXCiGOLA/0d/bO2SgZccUiDNWOZAUmgnxHnqLKp3M2M2jy0kwEPmEhxgdAlEv9ppU4WbdsOBJd+fIDgA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7448827212192581986", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=23, mss=1232, tbw=4920, tp=13, tpl=0, uplat=92, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 9ms
8ms Image
image/gif 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1727725703&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&ul=en-us&de=UTF-8&dt=2024%20Sees%20Sharp%20Increase%20in%20Microsoft%20Tool%20Exploits%20-%20Infosecurity%20Magazine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Bombora&ea=Profile%20Load&_u=aEDAAAABAAAAACAAI~&jid=&gjid=&cid=335296838.1734315234&tid=UA-7632735-1&_gid=921443898.1734315234&gtm=45He4cc1n81MJ69SWFv78347448za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=432792213

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

age: 17061
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 15 Dec 2024 21:29:33 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H3

200

/
www.google.com/pagead/1p-conversion/875375440/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875375440/?random=556005210&cv=11&fst=1734315233849&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457z878347448za201zb78347448&gcd=13...
https://www.google.com/pagead/1p-conversion/875375440/?random=556005210&cv=11&fst=1734315233849&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457z878347448za201zb78347448&gcd=13l3l3l3l1l1&dma=0&tag_...

42 B
64 B

28ms
28ms

Image
image/gif

2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/875375440/?random=556005210&cv=11&fst=1734315233849&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457z878347448za201zb78347448&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=2024%20Sees%20Sharp%20Increase%20in%20Microsoft%20Tool%20Exploits%20-%20Infosecurity%20Magazine&value=0&npa=0&pscdl=noapi&auid=1087689695.1734315233&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkondHJpZ2dlcj1uYXZpZ2F0aW9uLXNvdXJjZSwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIrJbH25urigMVFCGICR0orQIfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSQlhDaEVJZ0puNnVnWVFzSi03cWFmSTB0Q0pBUkl0QVBKdkt5NnNNaFFuU2w4Q2drdzVaV0lPVENZS3NuOFZQN2xzTTNBZlVONjc5U3dOQ1I2LTFFbW9CSHNh&is_vtc=1&cid=CAQSKQCa7L7d6KRZYjEy5QASwDdtviCw4TUITGWfNh1CGl4mzZeGyt-p7Ybz&eitems=ChEIgJn6ugYQxZDivP-Z15G-ARIdADhtPI5tVCty9CPPs_P6Xn5ODEp8xUy-TfY8qGo&random=404052772

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Server

2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 16 Dec 2024 02:13:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://www.google.com/pagead/1p-conversion/875375440/?random=556005210&cv=11&fst=1734315233849&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457z878347448za201zb78347448&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=2024%20Sees%20Sharp%20Increase%20in%20Microsoft%20Tool%20Exploits%20-%20Infosecurity%20Magazine&value=0&npa=0&pscdl=noapi&auid=1087689695.1734315233&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkondHJpZ2dlcj1uYXZpZ2F0aW9uLXNvdXJjZSwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIrJbH25urigMVFCGICR0orQIfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSQlhDaEVJZ0puNnVnWVFzSi03cWFmSTB0Q0pBUkl0QVBKdkt5NnNNaFFuU2w4Q2drdzVaV0lPVENZS3NuOFZQN2xzTTNBZlVONjc5U3dOQ1I2LTFFbW9CSHNh&is_vtc=1&cid=CAQSKQCa7L7d6KRZYjEy5QASwDdtviCw4TUITGWfNh1CGl4mzZeGyt-p7Ybz&eitems=ChEIgJn6ugYQxZDivP-Z15G-ARIdADhtPI5tVCty9CPPs_P6Xn5ODEp8xUy-TfY8qGo&random=404052772
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Mon, 16 Dec 2024 02:13:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
979 B 53ms
35ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=5460932&time=1734315234053&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&tm=gtmv2
Requested by: Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: *
Referer

Response headers

content-encoding: gzip
x-li-fabric: prod-lva1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
access-control-allow-methods: GET, OPTIONS
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: application/json
access-control-allow-headers: *
x-li-pop: afd-prod-lva1-x
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-fs-uuid: 00062959bb74a989cfc1298bcd130657
x-msedge-ref: Ref A: B2E3565E552A48C7BB9B4845882A09C6 Ref B: EWR30EDGE1610 Ref C: 2024-12-16T02:13:54Z
x-restli-protocol-version: 1.0.0
x-li-uuid: AAYpWbt0qYnPwSmLzRMGVw==
access-control-allow-origin: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1734315234053&li_adsId=d0490701-5e4f-41b1-9d22-616c689e788f&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microso...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1734315234053&li_adsId=d0490701-5e4f-41b1-9d22-616c689e788f&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microso...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5460932%26time%3D1734315234053%26li_adsId%3Dd0490701-5e4f-41b1-9d22-616c689e788f%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1734315234053&li_adsId=d0490701-5e4f-41b1-9d22-616c689e788f&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microso...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1734315234053&li_adsId=d0490701-5e4f-41b1-9d22-616c689e788f&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-micros...

0
487 B

74ms
54ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1734315234053&li_adsId=d0490701-5e4f-41b1-9d22-616c689e788f&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQImwQ4h9nFcMwAAAZPNPlOgIo8gWagOqNiNps762fzV7p0nbgB7MLKmPRO4UiL0eLMo9tS4Cac37tsRCuacQgnOiKNuLg0
Requested by: Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 3DF5818B11B442F987CBA70DA022FED9 Ref B: EWR30EDGE0120 Ref C: 2024-12-16T02:13:54Z
x-li-fabric: prod-lva1
x-li-uuid: AAYpWbt3OIcCgE0x41kcwg==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Mon, 16 Dec 2024 02:13:53 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1734315234053&li_adsId=d0490701-5e4f-41b1-9d22-616c689e788f&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQImwQ4h9nFcMwAAAZPNPlOgIo8gWagOqNiNps762fzV7p0nbgB7MLKmPRO4UiL0eLMo9tS4Cac37tsRCuacQgnOiKNuLg0
x-msedge-ref: Ref A: 62EF0034D49A42069F9421B4B0F1AA37 Ref B: EWR30EDGE1015 Ref C: 2024-12-16T02:13:54Z
x-li-fabric: prod-lva1
x-li-uuid: AAYpWbt2jzVIZtPRQ+DvIQ==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Mon, 16 Dec 2024 02:13:53 GMT

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 63 KB
22 KB 7ms
6ms Other
text/plain 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4443559573512225521
age: 24391
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 19:27:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 15 Dec 2024 19:27:23 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22952
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202412050101"

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/875375440/ 5 KB
2 KB 31ms
31ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875375440/?random=1734315234168&cv=11&fst=1734315234168&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&hn=www.googleadservices.com&frm=0&tiba=2024%20Sees%20Sharp%20Increase%20in%20Microsoft%20Tool%20Exploits%20-%20Infosecurity%20Magazine&npa=0&pscdl=noapi&auid=1087689695.1734315233&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6f3efab781d27418012c483acc26f5a2aed5a40e061a8db5f035a63dd016263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2308
date: Mon, 16 Dec 2024 02:13:54 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 875375440
td.doubleclick.net/td/rul/ Frame 4B60 0
0 28ms
27ms Document
text/html 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/875375440?random=1734315234168&cv=11&fst=1734315234168&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&hn=www.googleadservices.com&frm=0&tiba=2024%20Sees%20Sharp%20Increase%20in%20Microsoft%20Tool%20Exploits%20-%20Infosecurity%20Magazine&npa=0&pscdl=noapi&auid=1087689695.1734315233&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Dec 2024 02:13:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/875375440/ 42 B
64 B 27ms
27ms Image
image/gif 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/875375440/?random=1734315234168&cv=11&fst=1734314400000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&hn=www.googleadservices.com&frm=0&tiba=2024%20Sees%20Sharp%20Increase%20in%20Microsoft%20Tool%20Exploits%20-%20Infosecurity%20Magazine&npa=0&pscdl=noapi&auid=1087689695.1734315233&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dz5-zvvkP0HP1lT8ZjlZiFtH3gMyntS8QVvr9ZRL_yIlvHAwT&random=390388452&rmt_tld=0&ipr=y

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 16 Dec 2024 02:13:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ 49 KB
17 KB 16ms
5ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1216.min.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=300
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: br
etag: "63e2df852d15ab21d7ff8fc4363222e8"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 17587
date: Mon, 16 Dec 2024 02:13:54 GMT
last-modified: Wed, 18 Oct 2023 21:31:16 GMT
content-type: application/javascript
x-served-by: cache-lga21950-LGA
x-cache-hits: 22731
vary: Accept-Encoding

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 43ms
29ms XHR
application/json 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412090101&st=env

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

407e376924a8a713c360606d19834cb87f0e76511a58d78a32955564db2c4463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13227
date: Mon, 16 Dec 2024 02:13:54 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 RX_Logo_-_primary_logo_for_everyday_use.png
cdn.cookielaw.org/logos/c7f35e9f-bc78-43c8-9f0e-7cd83009704c/d5d2d0ac-164a-4501-8141-3a264a81333e/95f66c83-9442-43f5-9fb4-8a136c33442a/ 51 KB
51 KB 36ms
33ms Image
image/png 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/c7f35e9f-bc78-43c8-9f0e-7cd83009704c/d5d2d0ac-164a-4501-8141-3a264a81333e/95f66c83-9442-43f5-9fb4-8a136c33442a/RX_Logo_-_primary_logo_for_everyday_use.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

279b6c8b97bfb37476d6d075d1431d85a380ca36ebe6af4146844cfb135c21d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5: yxwPB4FKahj/CgrZY2+Gbg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8D9559A5FD49D88
age: 71738
cf-cache-status: HIT
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 02:13:54 GMT
content-type: image/png
last-modified: Mon, 02 Aug 2021 09:46:17 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: dc34fa49-701e-0065-22dd-3322d7000000
cf-ray: 8f2b28267a967271-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 52319
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 20ms
18ms Image
image/svg+xml 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5: Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 61138
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 02:13:54 GMT
content-type: image/svg+xml
last-modified: Sat, 14 Dec 2024 03:35:43 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 769832aa-201e-0093-5824-4e05c1000000
cf-ray: 8f2b28267a987271-EWR
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H/1.1 200 NRJS-70b3f9b2c6f17cc4471 Show response
bam.eu01.nr-data.net/1/ 87 B
634 B 227ms
183ms Script
text/javascript 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/1/NRJS-70b3f9b2c6f17cc4471?a=241052313&v=1216.487a282&to=MhBSZQoZXxEDUkdRWQtacWIoV0UHD0FfWUIABh9GHRpBAwVUHVlFFQ0%3D&rst=1429&ck=1&ref=https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/&ap=13&be=249&fe=1398&dc=400&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1734315232894,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:17,%22c%22:17,%22s%22:20,%22ce%22:129,%22rq%22:130,%22rp%22:218,%22rpe%22:223,%22dl%22:225,%22di%22:400,%22ds%22:400,%22de%22:400,%22dc%22:1398,%22l%22:1398,%22le%22:1421%7D,%22navigation%22:%7B%7D%7D&fp=521&fcp=521&jsonp=NREUM.setToken
Requested by: Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 3760d63ed8e68860d86d057801a3da30fd547fdeea6659d7a5e90a5bebaa9257

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers: Date
timing-allow-origin: *
x-envoy-upstream-service-time: 3
cross-origin-resource-policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-origin: *
Content-Length: 87
date: Mon, 16 Dec 2024 02:13:54 GMT
content-type: text/javascript
x-served-by: cache-lga21985-LGA
server: istio-envoy

GET
H2 200 favicon.ico
www.infosecurity-magazine.com/ 15 KB
17 KB 7ms
7ms Other
image/x-icon 3.168.102.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.168.102.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-168-102-22.jfk52.r.cloudfront.net

Software

RX /

Resource Hash

298718a23e658b099c5c1f9aa683dd448e518e1f6c91c4832d4ccd8fba4a4cdf

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Response headers

etag: "c9436846ac6d91:0"
age: 63143
x-content-type-options: nosniff
access-control-allow-methods: *
x-cache: Hit from cloudfront
x-ua-compatible: IE=Edge
x-amz-cf-id: PIggWG2Wbz44BkCu4mR2C71gtIT3q3lEpbN6C7sBJ0JoCFGMt5GuIg==
date: Sun, 15 Dec 2024 08:41:31 GMT
content-type: image/x-icon
feature-policy: accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none'
last-modified: Thu, 03 Aug 2023 12:59:01 GMT
access-control-allow-headers: Content-Type
x-frame-options: SAMEORIGIN
content-security-policy: default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
referrer-policy: same-origin
via: 1.1 347bcc361d70e358fe09ee2d36913dd6.cloudfront.net (CloudFront)
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
content-length: 15406
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK52-P6
server: RX

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 46ms
20ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 02:13:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 02:13:54 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 04C5 0
0 16ms
2ms Document
text/html 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 16 Dec 2024 01:36:12 GMT
expires: Mon, 16 Dec 2024 02:26:12 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame F9CE 0
0 37ms
27ms Document
text/html 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OjrfntCXv3I4cCP8dZtbiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-OjrfntCXv3I4cCP8dZtbiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Mon, 16 Dec 2024 02:13:54 GMT
expires: Mon, 16 Dec 2024 02:13:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200 NRJS-70b3f9b2c6f17cc4471 Show response
bam.eu01.nr-data.net/resources/1/ 36 B
362 B 199ms
197ms XHR
text/plain 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/resources/1/NRJS-70b3f9b2c6f17cc4471?a=241052313&v=1216.487a282&to=MhBSZQoZXxEDUkdRWQtacWIoV0UHD0FfWUIABh9GHRpBAwVUHVlFFQ0%3D&rst=1660&ck=1&ref=https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/&st=1734315232894
Requested by: Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 14e981d81f44c2c2eb3f1896cc00c91b01d011c442e8efa04b60b13d0235c727

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-origin: https://www.infosecurity-magazine.com
Content-Length: 36
date: Mon, 16 Dec 2024 02:13:54 GMT
content-type: text/plain
x-served-by: cache-lga21985-LGA

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E55E 42 B
65 B 67ms
67ms Fetch
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss57hgscQG7viN6a_N92f9XNuHF_BNUvZdZUSYiO4OCHvmKO78kVig7v5L6ZyXxRV4VOEq7O-B9oO6PBDzQxwXvAiqx67HVEA-RpZxq8CXSmDh-1tKk27cpHUjAXqP1oxZZ7C39zp3DWH1tQVd3NHrz4vppUQA1bmdMN2DjVohfkpxS9IfuMBNxNb061e2Bmxl_7Q&sig=Cg0ArKJSzDaWhElvdhy6EAE&id=lidar2&mcvt=1001&p=8,436,98,1164&tm=1007.2999992370605&tu=6.69999885559082&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=495710379&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3024803300&rst=1734315233554&rpt=171&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 16 Dec 2024 02:13:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C1A6 42 B
65 B 68ms
68ms Fetch
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCM6B3T2mtDq-fvDIgNgLeNO-S5Oz-DSX9z_2yzmLza_bLVMGL-PXToiIdfcQ2pnR-lx1JQzStWtvoqwDY2hy-l0_p5bnVr_jAenEUdC-fOpqYOQMDtq8WYLQxmJnGZ7h8kET_gMqtaIgU5nzT9nj8QeD0ZPnIkUPTcflwgf6ZG2kmUAPF3RXlpynsHtKmJV-3AA&sig=Cg0ArKJSzM404i_EsBLOEAE&id=lidar2&mcvt=1003&p=1102,436,1192,1164&tm=1033.1000003814697&tu=29.799999237060547&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=266191940&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3024803300&rst=1734315233601&rpt=101&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 16 Dec 2024 02:13:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 426A 42 B
65 B 67ms
67ms Fetch
image/gif 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukbeE5WmoDhuO42s4aDoQfENTeczR4G3ddz-c2rJrdsrmh9CCc7-X49sfvel6GozDelr59uf8cci5pNnIijRQ8O3fWr7ccqpB7YnCCgPzBjfnb30FiEoHWHlRA79VUOs490rueaeLycxFM6kqgZ6HjN7CADX4GWuN-XHzbiIF9_RjtqhBubbxyCcmWLMOLlqaF5Q&sig=Cg0ArKJSzKyneR2UqUn4EAE&id=lidar2&mcvt=1000&p=809,1046,1059,1346&tm=1135.2999992370605&tu=135&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3125356031&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3024803300&rst=1734315233513&rpt=238&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 16 Dec 2024 02:13:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412090101&jk=1878746388259180&bg=!YmGlYS7NAAbtGp3CzRo7ADQBe5WfOO5nH3GNT_KADWR61Jlq2hDNWKI5n8tyNXwRiOQgtvZuYZZV53NDHZWEtgjgLAVrAgAAAD9SAAAAA2gBB34ANlynybcrrLhJKRcSjJ--TxggYeZvhJ8M1PItlGREEUPxZOEM7cQ4wb1EwMwhy2JffdFiuZydVwoAgzeb6vQ8uhj-oLQoDaA7BVEN-UXBdrsQzV2-6VCgVNqDTl9W1HcdwFW7SYFXqiu5a1NrAoH6jA_dMlVcEoIKV6hI_vm7QbcWxEZDJEupuJhitqpDfmkzIOgYB7ai57650NP32-B8lG-mvzSAeq-Z7DzB_fwSO4dKHaI5oRm6VuIsLF78mQKwtWn-auJp8qPB5pw6XpF_nEOfII52ZfLkVDg17XDqwv8wuc5c6ZEtC3RsgNG6CsZq5fPCsMCo-SEeSTomBkwkscquV1Ni1yJ7XxXZPH1ZZB23T-5qG_WftpSFLaYypnEBRKwOgRGjnlmFKJuW0m2xecY95B_9tUFaEJdbD2_haKmm0SEZkREns1e0KUzvVOJd1xWMeDf-3Yrk4XGvUeOhldJ0m-z8JQV_pNq7zsUyjDD0el_Uq5tAh4xIZtTuRtPbjCJ2UR-Pjf8IxaM0LFK05kMuckg-Eaa_ouSfdUfbw7J5DMpsW3iGCBQwUMBSxebil2LP_52phXOzwOd3IwfMwyRmUzdOvRvGY7cG8dY8zQMDleI2s2rv1CO8sefIcqDtSmKS-UZr3VGhVXf-zHuxAWarThyXN0wTM1f_jOAvloUZ9QTxwHyU66lnLuH5M6DYNc80vBnHUQ9KxcABAyofJDPsn8at9nKiPtKHwn-YsqM2LxJ_Yt67Skqgg3LbcxiS7OK2FJ27XYe_t5RC3v9BTSU1zVnlyD4uqMFzHaeIvWfgifzlmg0Co0KDUxu5rT4d_0hpEj9gHAG5IKSLI3fRJJsbTPLE07UGxPM3TZIzoZUvv86Uvh0r6IcjkvGu8tuXjLMs38iUsWn16eUBn_cMkQ3S6y3CqZYUnOS0KA9A939EZUxmDLJCwTNJOXGL9uhqoy7snOHBz13VAGmmHBK22JGRAJb4hOFQm-1xrhxBVwAc3sHpL_73lMonZC8ET1DsgScyBwHp4v4c-xF0AiVDlDjiKKA9Ig2BOlbrMdGSXUEMcERlnvIRV26IiZrpflcVs8CNUjgBEfIjEdtakrhDK0S9Fkn-K0mpmXgUmhbUj6zAQi61ConHwuyTU7VGP81Mc3ouKk1SETMiPm0_ykrFJg

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.infosecurity-magazine.com/news/increase-microsoft-tool-exploits	1969-12-31 23:59:59	Name: ISM.ScreenSize Value: 1600
.infosecurity-magazine.com/	1970-01-21 03:54:51	Name: _gcl_au Value: 1.1.1087689695.1734315233
.infosecurity-magazine.com/	1970-01-21 11:06:51	Name: __gads Value: ID=22a549604c8e9fbd:T=1734315233:RT=1734315233:S=ALNI_Mbmni6cXisooTwq6hZdtrlYE-1buw
.infosecurity-magazine.com/	1970-01-21 11:06:51	Name: __gpi Value: UID=00000fb630910c29:T=1734315233:RT=1734315233:S=ALNI_MZCVB46zNbOtib3ijv-a0N5wsLPKg
.infosecurity-magazine.com/	1970-01-21 06:04:27	Name: __eoi Value: ID=5b0d8453b41f7b4b:T=1734315233:RT=1734315233:S=AA-AfjbBVG-W3fn9KWgHTkVFmakD
.doubleclick.net/	1970-01-21 11:21:15	Name: IDE Value: AHWqTUnzqDxSEYMo0DbRZ9SYjR8CjpmzD6EXSD7undQ0I6cI6Z5YVcT4AGQ1Is2HyDE
.infosecurity-magazine.com/	1970-01-21 01:46:41	Name: _gid Value: GA1.2.921443898.1734315234
.infosecurity-magazine.com/	1970-01-21 01:45:15	Name: _gat_UA-7632735-1 Value: 1
.ml314.com/	1970-01-21 01:45:15	Name: u Value: aHR0cHM6Ly93d3cuaW5mb3NlY3VyaXR5LW1hZ2F6aW5lLmNvbS9uZXdzL2luY3JlYXNlLW1pY3Jvc29mdC10b29sLWV4cGxvaXRzLw%3D%3D
.ml314.com/	1970-01-21 10:30:51	Name: pi Value: 3649151541154152509
.ml314.com/	1970-01-21 02:05:24	Name: tp Value: 4%253B12%252F16%252F2024%2B02%253A13%253A53
.twitter.com/	1970-01-21 11:21:15	Name: personalization_id Value: "v1_P2ptzlIt5AT3xD7/i5R+2Q=="
.infosecurity-magazine.com/	1970-01-21 11:21:15	Name: _ga_8VSXE5KKGM Value: GS1.1.1734315233.1.0.1734315233.60.0.0
.t.co/	1970-01-21 11:21:15	Name: muc_ads Value: 91df7d8b-a1a3-4003-9519-9a98fd6ab1c5
.t.co/	1970-01-21 01:45:17	Name: __cf_bm Value: V1GeRu_OrxIbdUl_5mIDX2oUrwIWQC3k.t8hWl.g970-1734315233-1.0.1.1-dFlhwFJuUIFziE2HYJaaMOP.rpZi1mxB.SRH8yVnY_UQgFMzHS2n.bWs37nuCkTn6qj8Y1P7mA_MofuWiQixIg
.adnxs.com/	1970-01-21 03:54:51	Name: XANDR_PANID Value: GdRRg3MCy1ZJ3fkS_HQ4oxJ0Gh8AMmfXPOOMpmZU4ad91Y7ftKMuxPH7MfiZj2f_IKgkq1WRLvOl-C9ZDErdB92Eo2StMO6ayU7Fgu2R8IQ.
.adnxs.com/	1970-01-21 11:21:15	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 03:54:51	Name: uuid2 Value: 1268237498779862649
.infosecurity-magazine.com/	1970-01-21 03:54:51	Name: _fbp Value: fb.1.1734315234040.7585934468850057
.infosecurity-magazine.com/	1970-01-21 11:21:15	Name: _ga Value: GA1.2.335296838.1734315234
.adsrvr.org/	1970-01-21 10:30:51	Name: TDID Value: ee098646-d73a-42a9-8a20-a53aeb923c2d
.eyeota.net/	1970-01-21 10:30:51	Name: mako_uid Value: 193cd3e530f-64a80000010a5bf9
.eyeota.net/	1970-01-21 01:45:15	Name: SERVERID Value: 23545~DM
.adsrvr.org/	1970-01-21 10:30:51	Name: TDCPM Value: CAESFgoHZDB0cm8xahILCKDT6aiq4M49EAUYBSABKAIyCwiS8tTVwODOPRAFOAE.
.demdex.net/	1970-01-21 06:04:27	Name: demdex Value: 27624304627636178794379701569282239456
.linkedin.com/	1970-01-21 03:54:51	Name: li_sugr Value: 771db7bc-a73a-4552-9540-2ac319de8920
.linkedin.com/	1970-01-21 01:46:41	Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=3416:u=1:x=1:i=1734315234:t=1734401634:v=2:sig=AQHaiPyyT9ySu6Wm8fdLu3qC4_5buBQv"
.dpm.demdex.net/	1970-01-21 06:04:27	Name: dpm Value: 27624304627636178794379701569282239456
.rlcdn.com/	1970-01-21 10:30:51	Name: rlas3 Value: GzwnM+UjuUeiSv0DlFjzSPN7j765r4qEfu2ShrJf6vE=
.rlcdn.com/	1970-01-21 03:11:39	Name: pxrc Value: COKZ/roGEgUI6AcQABIFCNtOEAA=
.linkedin.com/	1970-01-21 02:28:27	Name: UserMatchHistory Value: AQIMsjL7D23GGgAAAZPNPlMv9aStLhXUyPS7CZYCSwiBnW9xb84F60uKzcAqwqU9enSCmJmKytpgeQ
.linkedin.com/	1970-01-21 02:28:27	Name: AnalyticsSyncHistory Value: AQLT9kIpb9F2jgAAAZPNPlMvjfcgqk8rpxF9qgGrvOL6KlCY_FEHGzrBlmPrAd9qAbp8hcClktTJZB3mP9qgfg
.linkedin.com/	1970-01-21 10:30:51	Name: bcookie Value: "v=2&fec595bd-1f6a-4644-8ca6-4011b3633201"
.www.linkedin.com/	1970-01-21 10:30:51	Name: bscookie Value: "v=1&20241216021354c074a2fb-3393-4239-8c6e-05d0e38eac72AQG_VEbBVI3YzsNs98wETa6dLo9hylB1"
.infosecurity-magazine.com/	1970-01-21 10:30:51	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sun+Dec+15+2024+16%3A13%3A54+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202411.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=911229d4-a953-471a-8d20-a48c97063da6&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fincrease-microsoft-tool-exploits%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 71156116ab6553c

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'encrypted-media:'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'layout-animations'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'legacy-image-formats'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'navigation-override'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'oversized-images'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'speaker-selection'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: accelerometer, autoplay, camera, display-capture, fullscreen, geolocation, magnetometer, microphone, midi, payment, picture-in-picture, publickey-credentials-get, sync-xhr, usb, xr-spatial-tracking. Values defined in Permissions-Policy header will be used.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

266b2e2a281cc6f6500fb5a888b62066.safeframe.googlesyndication.com
analytics.google.com
analytics.twitter.com
assets.infosecurity-magazine.com
bam.eu01.nr-data.net
cdn.cookielaw.org
cdn.jsdelivr.net
connect.facebook.net
dpm.demdex.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
geolocation.onetrust.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
in.ml314.com
js-agent.newrelic.com
match.adsrvr.org
ml314.com
p.typekit.net
pagead2.googlesyndication.com
ps.eyeota.net
px.ads.linkedin.com
px4.ads.linkedin.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
td.doubleclick.net
tpc.googlesyndication.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.infosecurity-magazine.com
www.linkedin.com
ep1.adtrafficquality.google
104.244.42.131
13.107.42.14
142.250.80.98
146.75.36.157
172.66.0.227
185.221.87.23
2001:4860:4802:36::181
2600:141b:1c00:6::17df:d105
2600:141b:1c00:8::1728:b335
2600:141b:1c00:8::1728:b337
2602:816:5001::39
2606:4700:4400::ac40:9b77
2606:4700::6812:572a
2607:f8b0:4004:c21::9d
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80b::2001
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80e::2002
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81e::2008
2607:f8b0:4006:821::200e
2607:f8b0:4006:823::2004
2607:f8b0:4006:824::2001
2620:1ec:21::14
2a03:2880:f00e:13:face:b00c:0:3
2a03:2880:f10e:83:face:b00c:0:25de
2a04:4e42:400::485
3.168.102.22
34.117.77.79
35.244.154.8
35.71.131.137
44.196.77.126
54.147.65.197
54.242.160.112
68.67.181.248
01363ea36a461108817250e3608c09dffd0058064fbc26a27d446d6a32ad2142
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
096a248d914f3da68f3230ed3ae0bbb5406a167a8df720573fdea094a97ac1f5
0c5e5da9ad3458d5cbdf9c3262174f7689b8e42a1c7acf3675f7b2feb19afcf7
14e981d81f44c2c2eb3f1896cc00c91b01d011c442e8efa04b60b13d0235c727
18112857f1e349075b55369c6789129b8e7e9ba4be9e6e6d67fa36ebe89351b9
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c63e8c3d9cd69f3e1a48d5c08c6707364e426dd79730b2301c3997872c14c97
1ceb249f42db7f411265a9c11e2ce10d063e2f3a6121505a19e3dd34cd3c55a7
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
279b6c8b97bfb37476d6d075d1431d85a380ca36ebe6af4146844cfb135c21d6
280e9bdb030f093750d0780f9729e06b42bb75526185f3f11f402d9f390e7eef
298718a23e658b099c5c1f9aa683dd448e518e1f6c91c4832d4ccd8fba4a4cdf
2f66cf25254aed9cc93405fb52c07e6750328dcc77551074c82679bf26ec07cd
3760d63ed8e68860d86d057801a3da30fd547fdeea6659d7a5e90a5bebaa9257
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
407e376924a8a713c360606d19834cb87f0e76511a58d78a32955564db2c4463
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
452e848011addd295fb703e4160153e3d1b126765b6ec39529d4265b7370296d
46641a3cd4c211689f3110382ceb957dee3e6bddcd1984191eea9b7905381975
4ca1e0e518aaf5d78abd4fc78268ac642cb679dbb56a905d2c57a296566a0bba
4e916eb59cd64cce6fc41e3355180f0284ae0edc2602686431e90f2e7f082652
4f8059cfd6739160b9073e937833a58c728a9791b380f27fcf2d047d76951155
50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81
53fc4495c7705b2373e2b73ec881c82dffb40cfbd744d8e5bd8ba7f5a018575b
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
5615cdac4c30b1fb905891f5de1e1dcf7745b6b0ec88cfc89360ee48fc240977
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
5a78a609f147a476981e2e83ff8e32cfb67c76636fa210756e22ac8f4eaf116b
5c1099679bdedfa99f39494e16dc941eb940d20d0489e41fa385b987b0d47e11
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
64aff3262c56fa48ad38b8d9d4d674a6ee3759d1ce4cb52c66865e3fc2c16d2f
6f789e6c6729794e2a53822e32fb5eda0da82e5e6b8189919dbab32df09fb554
778f93243401b2fd6663834b51f4d3f32012d6ee11f40f6169af721331bd1682
7db00738fa7c8cb87b3943e427f1cbf5daed460881a3634070dc53c69dd37b9a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85b50ffe6b0cb56f765532dbac925599ddd984fcaefb0e2590099105dbd044da
88e7cd943a41e8e3e5a4d4bc899054269088171ffb14c6008dc8c32fe6776310
9224efa39d020489a1c49dbe4e7afcf965f85e289d854ef0de008104dcd52b03
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
9cc1da126da93f4118899507e51e185b3f58c70557991f1a5015dd3143927a73
a45a4393f8b7ac978e32ac46f58dad43eb83811a4b3d9f7b79cac1f864edd662
a6ed867e253e82c175bf97ee695d335978bf2635bbd6b264fca42d8eac2d3dcd
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
afcda59138d941b76c6cef7da75bcbf0cc1d881c898fa99f34ddc9e255d945d7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b570a72b43aa0855fd437935fa38042bf4f6e985483e2e26211783bac0531626
b5cb4e798c6fb342c8465e8788e1b32fb84f2b1fd3d09a6e13ff390a49e915ff
bb20d24b99fd1eae4fd77c1e833ce0a4536189961ceb1114fd272ca31e8ebd82
c08e633b39381743b6e6bca9c5922e9aa9ba5f3044c29031b0076a47b4af1927
cbe5296bf61f4ee88ecab204fe1ec3a144660caa32b71d9744f01102286df62a
cf05b33db78a3d7912dac0ca71269dcd90f16451fbafa610f5399c8117597b07
d0e12af8c4e560fe89643639e0c3ed4dc76125c62adeb2879b761d73dbaecf50
d41d86d112c46e55250f324d33d2d4401c540d9ac8087befc156e931a777f5ef
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e2afa04c9a3e080712c94d68b9c1d33587fddcbaeaba9dfcaf1d53d19f6a280a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c
e6f3efab781d27418012c483acc26f5a2aed5a40e061a8db5f035a63dd016263
e954ef100514b913e55662c2a5a3737b3129822937e47908ad6effc9d3327aa4
ecde3c0d9f4721fd5bc3989d1e6103966b836786849f65ead031a1c758687ef0
ee5433b01168a70ea302bd586815440586d5addb86e7676c2cb06dd5731b17fe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fded88b84aecf0d550b1d26a85a971351a138a573dbd6bd88cb646de1e7ab42a
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
ffa7a6f088ca5c5d0e99657677401d80754cced582b0e82681f8f4caf74d8a07

www.infosecurity-magazine.com Open in urlscan Pro 3.168.102.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

109 Requests

93 %HTTPS

61 %IPv6

27 Domains

39 Subdomains

34 IPs

3 Countries

1686 kBTransfer

4915 kBSize

36 Cookies

11 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.infosecurity-magazine.com Open in urlscan Pro
3.168.102.22 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

93 %
HTTPS

61 %
IPv6

27
Domains

39
Subdomains

34
IPs

3
Countries

1686 kB
Transfer

4915 kB
Size

36
Cookies

109 HTTP transactions
3 data transactions