www.scmagazine.com Open in urlscan Pro
2606:4700:20::ac43:44ea Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cra.omeclk.com/portal/wts/ugmcnr-d4Baqog2h3c%5EcerFAkqEgpsFEfdto9na
Effective URL:
https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_m...
Submission: On March 25 via manual (March 25th 2021, 6:25:16 pm UTC) from US

Summary HTTP 125 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 33 IPs in 5 countries across 23 domains to perform 125 HTTP transactions. The main IP is 2606:4700:20::ac43:44ea, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.scmagazine.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 13th 2020. Valid for: a year.

This is the only time www.scmagazine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	205.162.42.171 205.162.42.171	53866 (QTS-AS) (QTS-AS)
4 31	2606:4700:20:... 2606:4700:20::ac43:44ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	204.180.130.159 204.180.130.159	53866 (QTS-AS) (QTS-AS)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	52.217.50.30 52.217.50.30	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1 14	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.226.146.155 13.226.146.155	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:710... 2a02:26f0:7100:18c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 5	2606:4700:e4:... 2606:4700:e4::ac40:a417	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.226.159.66 13.226.159.66	16509 (AMAZON-02) (AMAZON-02)
2	52.18.215.87 52.18.215.87	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1	3.214.0.136 3.214.0.136	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2 3	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
3	3.229.100.58 3.229.100.58	14618 (AMAZON-AES) (AMAZON-AES)
4	204.180.130.165 204.180.130.165	53866 (QTS-AS) (QTS-AS)
1	52.10.46.90 52.10.46.90	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	52.208.188.183 52.208.188.183	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
125	33

1 205.162.42.171 (United States) 1 redirects

ASN53866 (QTS-AS, US)
PTR: omeclk.com

cra.omeclk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2606:4700:20::ac43:44ea (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

www.scmagazine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 204.180.130.159 (United States)

ASN53866 (QTS-AS, US)
PTR: my.omedastaging.com

olytics.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.217.50.30 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:216 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.146.155 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-146-155.dus51.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:18c::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e4::ac40:a417 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

api.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-52-10-46-90.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-66.dus51.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.215.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-215-87.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

15bc07d6ae308859f18b13a34fe71c4a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:119:50e1:101::6cae:b25 (United States)

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.214.0.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-0-136.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.52 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.229.100.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-100-58.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.180.130.165 (United States)

ASN53866 (QTS-AS, US)

oqs.omeda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.10.46.90 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-46-90.us-west-2.compute.amazonaws.com

v4-api-52-10-46-90.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.188.183 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-188-183.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	scmagazine.com 4 redirects www.scmagazine.com	448 KB
20	googlesyndication.com 15bc07d6ae308859f18b13a34fe71c4a.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	379 KB
16	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	140 KB
12	omeda.com olytics.omeda.com oqs.omeda.com	78 KB
7	google.com adservice.google.com www.google.com	729 B
6	b2c.com 1 redirects api.b2c.com api-52-10-46-90.b2c.com v4-api-52-10-46-90.b2c.com	7 KB
6	googletagservices.com www.googletagservices.com	154 KB
5	google.de adservice.google.de www.google.de	729 B
5	google-analytics.com www.google-analytics.com	53 KB
4	dpmsrv.com s.dpmsrv.com a.dpmsrv.com	40 KB
3	adnxs.com 2 redirects ib.adnxs.com	4 KB
3	ml314.com ml314.com in.ml314.com	14 KB
3	gstatic.com fonts.gstatic.com	69 KB
3	amazonaws.com s3.amazonaws.com	2 MB
2	adsrvr.org js.adsrvr.org insight.adsrvr.org	3 KB
2	googleapis.com fonts.googleapis.com	991 B
1	rlcdn.com idsync.rlcdn.com	42 B
1	linkedin.com px.ads.linkedin.com	404 B
1	licdn.com snap.licdn.com	2 KB
1	crazyegg.com script.crazyegg.com
1	lytics.io c.lytics.io	456 B
1	googletagmanager.com www.googletagmanager.com	52 KB
1	omeclk.com 1 redirects cra.omeclk.com	478 B
125	23

	Domain	Requested by
31	www.scmagazine.com	4 redirects www.scmagazine.com
14	securepubads.g.doubleclick.net	1 redirects www.googletagservices.com securepubads.g.doubleclick.net www.scmagazine.com
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.scmagazine.com tpc.googlesyndication.com
8	olytics.omeda.com	www.scmagazine.com olytics.omeda.com
6	pagead2.googlesyndication.com	olytics.omeda.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	www.googletagservices.com	www.scmagazine.com securepubads.g.doubleclick.net olytics.omeda.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	oqs.omeda.com	olytics.omeda.com
4	api-52-10-46-90.b2c.com	1 redirects www.scmagazine.com api-52-10-46-90.b2c.com
4	adservice.google.com	securepubads.g.doubleclick.net
4	adservice.google.de	securepubads.g.doubleclick.net
3	a.dpmsrv.com	www.scmagazine.com s.dpmsrv.com
3	ib.adnxs.com	2 redirects
3	www.google.com	www.scmagazine.com securepubads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	s3.amazonaws.com	www.scmagazine.com
2	ml314.com	www.scmagazine.com ml314.com
2	fonts.googleapis.com	www.scmagazine.com
1	insight.adsrvr.org	js.adsrvr.org
1	idsync.rlcdn.com	www.scmagazine.com
1	cm.g.doubleclick.net	1 redirects
1	v4-api-52-10-46-90.b2c.com	www.scmagazine.com
1	www.google.de	www.scmagazine.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	in.ml314.com	ml314.com
1	px.ads.linkedin.com	www.scmagazine.com
1	15bc07d6ae308859f18b13a34fe71c4a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	s.dpmsrv.com	www.scmagazine.com
1	api.b2c.com	www.googletagmanager.com
1	snap.licdn.com	www.scmagazine.com
1	js.adsrvr.org	www.googletagmanager.com
1	script.crazyegg.com	www.googletagmanager.com
1	c.lytics.io	www.scmagazine.com
1	www.googletagmanager.com	www.scmagazine.com
1	cra.omeclk.com	1 redirects
125	35

This site contains links to these domains. Also see Links.

Domain
www.parsintl.com
infosecworldusa.com
www.risksecconference.com
www.scmagazineuk.com
www.facebook.com
twitter.com
www.linkedin.com
reddit.com
threatpost.com
www.youtube.com
cyberrisk.dragonforms.com
events.cyberriskalliance.com
scawards.secure-platform.com
adclick.g.doubleclick.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-13` - `2021-08-13`	a year	crt.sh
*.omeda.com SSL.com RSA SSL subCA	`2020-07-31` - `2021-08-18`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.dpmsrv.com Amazon	`2020-06-15` - `2021-07-15`	a year	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.b2c.com R3	`2021-01-06` - `2021-04-06`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
Frame ID: 73AEEEAACD0B89FF431FF63CC45AB948
Requests: 95 HTTP requests in this frame

Frame: data://truncated
Frame ID: 6D86BFD06F59AC579FAF64A79F14AE78
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=znpsh7f&ref=https%3A%2F%2Fwww.scmagazine.com%2Fbriefs%2Fbogus-android-clubhouse-app-drops-credential-swiping-malware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D9352I9980323E7D&upid=e4qkh98&upv=1.1.0
Frame ID: 140A1011B5812BAD5D09361F91EEA7A9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 86B230866D5E17C262775D99F2E704A6
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvokQovfKCmiBJWBPctSFNKE3M4367LLlXycGbV5oSodF4w_afiJaJjYsENOKwgfTb-R0PQGNQp0SHAuKM5Irvlw1MxnlraQir7jBneenEWDBm7mEy1DnjEFjzzyufakCTDLQZUBjvDbNlnHepfQG8OOe5GVIM98zSELneRmWXxeKPxb1GR4M8jG-iMK-nzjtn7TxdF15N2q090SEwwp8iaV5aRRwj1sqQ0InFQI7SwJVvNr3Pgz2YKST2mXFBs2t7nNX5KhaOUc1P2lrX5K_y8hcyOvI18IKkhluu96LU2o5yk&sig=Cg0ArKJSzFcSF_KiTRlfEAE&adurl=
Frame ID: F4122FE2C578DF12F49DA27C094E6492
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcOt843pCAmeREj8BF4upoGKJ5LiB3Be204D2nTTXTRl4pxYoRfKnQT7-9OhNmtqBG2vbVXyT7ykNYOIzkHibo6GT6bV5ao6wXrHn-teHP8uo9gn783YZm1tWUy9_qUoop4M8Fuq5bFePpj0bFG5AY9ZRDqt0gKH34W2BKYgxFJKKJC_DkV6OvSqNH3ZMZcuOaCXdm96KhJBYUjfhulvBZVdEb05ncXXM_miDzaKX7wWaF1BUk-f9e5w-qy0J96FeMcqjGPg9xJyiqyGjId9nwOOimnTdRux7mKJVz0yU&sig=Cg0ArKJSzLtyTGS0XNySEAE&adurl=
Frame ID: B0B1D792995B15E1D512C8FAA12614DE
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHHoqYNmsIlc0YA70cje_ODOPMgmeVq5E6J6VM0UDEzwJJuPFg-cIVzGiIlEzoxXPlsfUN36zsGkYgOs_KKbZf0tKrstVEo-DVbQPWQ5j8h2cMz1r8i338E857rIITfbBfIujg9WOHfd-VWcg2d2ryuQeiKNxW7jc4rwKfcTf2VD-ZKewq9mB6-wI4DkUuDJx91NA4oQCbdXsOCQrg-sC499_KtS3wqshuXZ6LkR1KYjTMixa9ULN7tVSPjFdpGoKVXSGgJc53cIIZ8movbVQnP6wqHZHYL6YNXhNWHXM&sig=Cg0ArKJSzAaEKQKH0tM4EAE&adurl=
Frame ID: D01B525CAEA850DA9A6050B52BF11F66
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://cra.omeclk.com/portal/wts/ugmcnr-d4Baqog2h3c%5EcerFAkqEgpsFEfdto9na HTTP 302
https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_sou... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Page Statistics

125
Requests

100 %
HTTPS

56 %
IPv6

23
Domains

35
Subdomains

33
IPs

5
Countries

3092 kB
Transfer

4970 kB
Size

11
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.parsintl.com/publication/sc/
Title: Licensing & Product Reviews

Search URL Search Domain Scan URL

URL: http://infosecworldusa.com/
Title: InfoSec World

Search URL Search Domain Scan URL

URL: https://www.risksecconference.com/
Title: RiskSec

Search URL Search Domain Scan URL

URL: https://www.scmagazineuk.com/
Title: SC UK

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/&text=Bogus%20Android%20Clubhouse%20app%20drops%20credential-swiping%20malware
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/
Title: Share on LinkedIn

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/&title=Bogus%20Android%20Clubhouse%20app%20drops%20credential-swiping%20malware
Title: Share on Reddit

Search URL Search Domain Scan URL

URL: https://threatpost.com/android-clubhouse-app-malware/164915/
Title: Threatpost

Search URL Search Domain Scan URL

URL: https://www.facebook.com/SCMag/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/scmagazine
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/scmediaus/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/SCMagazineUS
Title:

Search URL Search Domain Scan URL

URL: https://cyberrisk.dragonforms.com/loading.do?omedasite=SCM_newsletter
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://events.cyberriskalliance.com/risksec-2020
Title: RiskSec Conference

Search URL Search Domain Scan URL

URL: https://scawards.secure-platform.com/a/organizations/main/home
Title: SC Awards

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssGz8pwpxbz34iOGadPBKzVrwVJTXdZjlVRI0CGWfOnbHCfKuBxhLEtMtKBUGUWFdmPHRQRynkjzBgXe9MBjUKbTZl3ArouG59MzcJbKPvTCA2vfmdfr22lg2QkfI8uy8y7fDo6PD-bKjumex9iHgIDCfri1s21aG6teqenSztyZ1-KsxaJlXGoxQVVeaX722M5rcOX43KrRzT5u7qVlIzpLsEpphyjB2HeEyUsXyK0UDMNyvkNzFGX4wdUUZbv9rc9GsascSHcLXpHrmXW-at4bZb16tenq73SugTf8j7xIEw&sai=AMfl-YRNzBrX6NbwtxCKlZ9eXdSJgJ0DVanGF6l5gqdniHfaoSWyX_x-s4IFc1sTORrMnzGYxGbmUUjXE9xEhz_LxjpNGwCR4A2DIFht-aOkdaFADX2mWjzUlNw2NRoU1S4H&sig=Cg0ArKJSzAtIYaI2nWtLEAE&urlfix=1&adurl=https://securityweekly.com/category-shows/the-ciso-stories-podcast

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cra.omeclk.com/portal/wts/ugmcnr-d4Baqog2h3c%5EcerFAkqEgpsFEfdto9na HTTP 302
https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://www.scmagazine.com/wp-content/uploads/sites/2/2020/10/WIS_Category.jpg HTTP 301
https://www.scmagazine.com/wp-content/uploads/2020/10/WIS_Category.jpg

Request Chain 18

https://www.scmagazine.com/wp-content/uploads/sites/2/2020/10/WIS_Category_NEW3.png HTTP 301
https://www.scmagazine.com/wp-content/uploads/2020/10/WIS_Category_NEW3.png

Request Chain 19

https://www.scmagazine.com/wp-content/uploads/sites/2/2020/11/WIS_Category_CyberVeterans.png HTTP 301
https://www.scmagazine.com/wp-content/uploads/2020/11/WIS_Category_CyberVeterans.png

Request Chain 20

https://www.scmagazine.com/wp-content/uploads/sites/2/2020/10/WIS_Category_NEW4.png HTTP 301
https://www.scmagazine.com/wp-content/uploads/2020/10/WIS_Category_NEW4.png

Request Chain 62

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOHw8TxuICZKcA9fmPg9Vhxphua0iXrOLB7n-EJF4pNTxNKAt7eca5oIeTvKZ0DKK8qfR6AhOuHBUtETYxcl_gXv481RiUonQZHvH3ggren9NLeIP87zT9cvjGnI5srsxJC6tU7u5kmxrDnabTr6sRcCuo-IFMU1gq6OA6eiQU0npd2Ev1T71d9b2hgC41V-KcHrPNQ1cyVcwiiGIk3PfgnW66ocPEu1m_M5i7dbzLaDwmKetefHntDs_mXXvoTxyB-PyQWoJMenSw08K6N00h8I0lh1tjKyVHtdTxYPJeSYPU7edwfx_07yHp5qWcB8H1OqPdMWlvbv17Tu64pxZ0KoRmFg3CKSfHKyDoIvJELak&sai=AMfl-YTF3GXNaxWN8dKFK-BYL_vtS-8ZtLcfUq_8_wlOvvFmrwcleqmefegzVLyZjPuPRPqGH3N-548Al5OM9JT9NL0kXusC5uFfU-u2AnPGqiFicJRoDLdgurpgYtGO6upC&sig=Cg0ArKJSzO5Hf6rvXvMFEAE&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/15002726667886746698? HTTP 302
https://tpc.googlesyndication.com/simgad/15002726667886746698

Request Chain 65

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D1122%26pixelIndex%3D0%26r%3D75844%26tzOffset%3D-60%26url%3Dhttps%253A%252F%252Fwww.scmagazine.com%252Fbriefs%252Fbogus-android-clubhouse-app-drops-credential-swiping-malware%252F%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253DSCUS_Newswire_%257B%257B%252527now%252527%257Cdate%253A%252527%2525Y%2525m%2525d%252527%257D%257D%2526hmSubId%253D%257B%257Bcontact.cms_id_encrypted%257D%257D%2526email_hash%253D%257B%257Bcontact.email%257Cmd5%257D%257D%2526oly_enc_id%253D9352I9980323E7D&_=1616696683843 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D1122%2526pixelIndex%253D0%2526r%253D75844%2526tzOffset%253D-60%2526url%253Dhttps%25253A%25252F%25252Fwww.scmagazine.com%25252Fbriefs%25252Fbogus-android-clubhouse-app-drops-credential-swiping-malware%25252F%25253Futm_source%25253Dnewsletter%252526utm_medium%25253Demail%252526utm_campaign%25253DSCUS_Newswire_%25257B%25257B%25252527now%25252527%25257Cdate%25253A%25252527%252525Y%252525m%252525d%25252527%25257D%25257D%252526hmSubId%25253D%25257B%25257Bcontact.cms_id_encrypted%25257D%25257D%252526email_hash%25253D%25257B%25257Bcontact.email%25257Cmd5%25257D%25257D%252526oly_enc_id%25253D9352I9980323E7D%26_%3D1616696683843 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=7430666091954594850&q=xImp&v=1.x&cl=1122&pixelIndex=0&r=75844&tzOffset=-60&url=https%3A%2F%2Fwww.scmagazine.com%2Fbriefs%2Fbogus-android-clubhouse-app-drops-credential-swiping-malware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D9352I9980323E7D&_=1616696683843

Request Chain 73

https://api-52-10-46-90.b2c.com/api/x?iYIi8fk6mGgfPr2p$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vYnJpZWZzL2JvZ3VzLWFuZHJvaWQtY2x1YmhvdXNlLWFwcC1kcm9wcy1jcmVkZW50aWFsLXN3aXBpbmctbWFsd2FyZS8_dXRtX3NvdXJjZT1uZXdzbGV0dGVyJnV0bV9tZWRpdW09ZW1haWwmdXRtX2NhbXBhaWduPVNDVVNfTmV3c3dpcmVfe3slMjdub3clMjd8ZGF0ZTolMjclWSVtJWQlMjd9fSZobVN1YklkPXt7Y29udGFjdC5jbXNfaWRfZW5jcnlwdGVkfX0mZW1haWxfaGFzaD17e2NvbnRhY3QuZW1haWx8bWQ1fX0mb2x5X2VuY19pZD05MzUySTk5ODAzMjNFN0QiLCJyZWZlcnJlciQwJCIsImFuY2VzdG9yT3JpZ2lucyQwJCIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQwIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJoYXNGb2N1cyQwJDEiLCJ3aW5kb3ckMCQxNjAweDEyMDAiLCJwaXhlbHJhdGlvJDAkMSIsImlubmVyJDAkMTYwMHgxMjAwIiwib3V0ZXIkMCQxNjAweDEyMDAiLCJsb2NhbFN0b3JhZ2UkMCRFcnJvcjogVHlwZUVycm9yOiBDYW5ub3QgcmVhZCBwcm9wZXJ0eSAnc2V0SXRlbScgb2YgbnVsbCIsInNlc3Npb25TdG9yYWdlJDEkMSIsImFwcENvZGVOYW1lJDEkTW96aWxsYSIsImFwcE5hbWUkMSROZXRzY2FwZSIsImFwcFZlcnNpb24kMSQ1LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwiY29va2llRW5hYmxlZCQxJHRydWUiLCJkb05vdFRyYWNrJDEkIiwiaGFyZHdhcmVDb25jdXJyZW5jeSQxJDE2IiwibGFuZ3VhZ2UkMSRlbi1VUyIsInBsYXRmb3JtJDEkTGludXggeDg2XzY0IiwicHJvZHVjdCQxJEdlY2tvIiwicHJvZHVjdFN1YiQxJDIwMDMwMTA3Iiwic2VuZEJlYWNvbiQxJDEiLCJ1c2VyQWdlbnQkMSRNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ2ZW5kb3IkMSRHb29nbGUgSW5jLiIsInZlbmRvclN1YiQxJCIsImZvbnRyZW5kZXIkNyQxIiwid2ViZ2wkOSRuL2EiLCJ0aW1lJDkkMTYxNjY5NjY4Mzg3MSIsInRpbWV6b25lJDkkLTYwIiwicGx1Z2lucyQ5JE5vbmUiLCJtZW0tdG90YWxKU0hlYXBTaXplJDkkMTAiLCJtZW0tdXNlZEpTSGVhcFNpemUkOSQxMCIsIm1lbS1qc0hlYXBTaXplTGltaXQkOSQzNzYwIiwidGltZS1mZXRjaFN0YXJ0JDkkMTUzIiwidGltZS1kb21haW5Mb29rdXBTdGFydCQ5JDE1MyIsInRpbWUtZG9tYWluTG9va3VwRW5kJDkkMTUzIiwidGltZS1jb25uZWN0U3RhcnQkOSQxNTMiLCJ0aW1lLWNvbm5lY3RFbmQkOSQxNTMiLCJ0aW1lLXJlcXVlc3RTdGFydCQ5JDE1NCIsInRpbWUtcmVzcG9uc2VTdGFydCQ5JDI3NSIsInRpbWUtcmVzcG9uc2VFbmQkOSQyNzciLCJ0aW1lLWRvbUxvYWRpbmckOSQyODAiLCJ0aW1lLWRvbUludGVyYWN0aXZlJDkkNzM5IiwibmF2aWdhdGlvbi1yZWRpcmVjdENvdW50JDkkMCIsIm5hdmlnYXRpb24tdHlwZSQ5JG5hdmlnYXRlIiwiZ2xvYmFscy10aW1lJDE4JDIuMTg1IiwiZ2xvYmFscyQxOCQxM2FiY2QxZiIsImRvY3VtZW50LXRpbWUkMjMkMS4zNSIsImRvY3VtZW50JDI0JDYxODhjM2YwIiwiY29ubmVjdGlvbiQyNCQiLCJkb3dubGlua01heCQyNCQiLCJnZXRVc2VyTWVkaWEkMjQkMiIsImNsb2NrJDMwJDIxMzgiLCJiYXR0ZXJ5JDM3JDEgMSAwIEluZmluaXR5IiwicGVybWlzc2lvbi1nZW9sb2NhdGlvbiQzNyRwcm9tcHQiLCJpbnRlcnNlY3Rpb24tc2l6ZSQ2NiQxNjAweDEyMDAiLCJpbnRlcnNlY3Rpb24kNjYkNDUiLCJhdWRpb2NvbnRleHQkNjYkZjdlNzEyZDkiLCJwZXJtaXNzaW9uLW5vdGlmaWNhdGlvbnMkNzAkcHJvbXB0IiwicGVybWlzc2lvbi1jYW1lcmEkNzAkcHJvbXB0IiwicGVybWlzc2lvbi1taWNyb3Bob25lJDcwJHByb21wdCIsInBlcm1pc3Npb24tcGVyc2lzdGVudC1zdG9yYWdlJDcwJHByb21wdCIsInNvcnQkMTMzJDE4LjI0NSIsImZyYW1lcmF0ZSQxMzMkMzA~ HTTP 302
https://v4-api-52-10-46-90.b2c.com:444/api/4?iYIi8fk6mGgfPr2p

Request Chain 74

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=7430666091954594850&pixelIndex=0&_=1616696683844 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7430666091954594850&pixelIndex=0&_=1616696683844&google_gid=CAESEMKxqRE__cHKlzCPg1OUggU&google_cver=1

125 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/
Redirect Chain

https://cra.omeclk.com/portal/wts/ugmcnr-d4Baqog2h3c%5EcerFAkqEgpsFEfdto9na
https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmS...

76 KB
17 KB

121ms
121ms

Document
text/html

2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

fa37452d89b7a0c41976af5d096a3717a37592fe27036938193e567bd738525a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.scmagazine.com
:scheme: https
:path: /briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=de77ee0f3ee78d2f2a6025a69bef067131616696683; expires=Sat, 24-Apr-21 18:24:43 GMT; path=/; domain=.scmagazine.com; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie,X-WPENGINE-SEGMENT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-frame-options: SAMEORIGIN
link: <https://www.scmagazine.com/wp-json/>; rel="https://api.w.org/" <https://www.scmagazine.com/wp-json/wp/v2/newsml_post/115653>; rel="alternate"; type="application/json" <https://www.scmagazine.com/?p=115653>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
cf-cache-status: DYNAMIC
cf-request-id: 090c3ac1f500002c19170de000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8qTA0KTYhZl%2BOCcp2oTAmXm8bIQ0PDiNHCoNPLu07cfRErQY5Vv8gagFuzS4%2F5b9vBP89KSb9rh7YdiMEYjjq35gSvDIQhLswNk5LPfukDNMM4MQPD0YMmweW4rnEOg%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 635a2d7cbfc02c19-FRA
content-encoding: br

Redirect headers

X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Location: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{'now'|date:'%Y%m%d'}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
Content-Length: 0
Date: Thu, 25 Mar 2021 19:24:42 CET
Server: Apache

GET
H2 200 style.min.css
www.scmagazine.com/wp-includes/css/dist/block-library/ 57 KB
8 KB 17ms
14ms Stylesheet
text/css 2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7

Requested by

Host: www.scmagazine.com
URL: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29778a6252b89c79ad8a313692c3f4b8ff5e300c463858732f28da488dd2cc05

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 713263
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 090c3ac27800002c193d8de000000001
last-modified: Wed, 17 Mar 2021 12:11:33 GMT
server: cloudflare
etag: W/"6051f1f5-e358"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Nj5PegMxA4npPNFRmNwo0F3WL%2B6cvXtxy4Y4YflSYSn6nyGOdRs4ObtQx%2BMPgx4USWm6rPOkq%2BbIEgSZTvgkTAI9Ge9wUsAyFtUA%2FIZe9O72NzYYZFdzNoq6j1DRsio%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 635a2d7d8a0e2c19-FRA

GET
H2 200 blocks.style.build.css
www.scmagazine.com/wp-content/plugins/cra-block-webcast-speaker/dist/ 749 B
578 B 22ms
19ms Stylesheet
text/css 2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/plugins/cra-block-webcast-speaker/dist/blocks.style.build.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca37bf1c015f6ec3fe5202b335909d309c3f599e98f29810c1fff90451fb1fda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6775484
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 090c3ac27c00002c194aafc000000001
last-modified: Wed, 06 Jan 2021 08:11:45 GMT
server: cloudflare
etag: W/"5ff570c1-2ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BByBqJALmR1gMlEhYhMCBKHa2yeZnYv2lGKKb298abOYY%2BYh0drNC0xC5qjj70BNmx0DBuWItoLIGDhyTUi9oS0X24O7CoF9g2KSr%2FqZr%2BDySRcdtvKEI5vgHw%2BhwZo%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 635a2d7d8a142c19-FRA

GET
H2 200 shared-style.min.css
www.scmagazine.com/wp-content/themes/haymarket/dist/css/ 48 KB
6 KB 22ms
19ms Stylesheet
text/css 2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/themes/haymarket/dist/css/shared-style.min.css?ver=1614249820

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c14a8290acb46be64049515cd5e3f390cfc0b024ed8315ec7e103bb31d0080b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2446198
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 090c3ac27a00002c192d2a8000000001
last-modified: Thu, 25 Feb 2021 10:43:40 GMT
server: cloudflare
etag: W/"60377f5c-c073"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=liUNol3Kl9343UJnLXcCAnvjRtHpOCLDJCHJo6Wza0OoQ4Ji5vGJn6WhDCu0Khsh6SFWaJFfMxXq0nTLItV8ehcz%2FvKdnjQV%2B9EeZelSsIXiHv2Q0UpztoJ150b%2BqBE%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 635a2d7d8a162c19-FRA

GET
H/1.1 200 olytics.css
olytics.omeda.com/olytics/css/v3/p/ 28 KB
3 KB 152ms
149ms Stylesheet
text/css 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/css/v3/p/olytics.css?ver=1.0.4

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

d17c5960d10953cc9057006480986d62c352bfd9fa78db9cf222307b414bc747

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 18:24:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 22 Nov 2020 17:38:02 GMT
Server: Apache
ETag: W/"28730-1606066682000"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=21600
Transfer-Encoding: chunked
Accept-Ranges: bytes
vary: accept-encoding
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Mar 2021 00:24:43 GMT

GET
H2 200 style.min.css
www.scmagazine.com/wp-content/themes/haymarket/dist/css/ 280 KB
32 KB 24ms
21ms Stylesheet
text/css 2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/themes/haymarket/dist/css/style.min.css?ver=1616607554

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd1d4467ce25ac23eb090a623e648c0b760890aa9b29e12cf6a7bb6fb2143385

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 89060
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 090c3ac27a00002c195688c000000001
last-modified: Wed, 24 Mar 2021 17:39:14 GMT
server: cloudflare
etag: W/"605b7942-45f93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nAVOTmZXB99q%2BvSXLBq2%2FMboakSuEWSN6BaRCI15N3xbSWbK5MihIh5%2Bg0VOupeubUgDhKeRtrh9Isa6JnPQaRZI9u0tssi8AkF1bv1Iz0wdnSKxoN%2Bdkf7CtxNg%2Bx8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 635a2d7d9a1a2c19-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
530 B 19ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20568af44ab9b900de7d9f4d286cb26181af272d5ca6d1bb0789ae5483003643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Mar 2021 17:39:50 GMT
server: ESF
date: Thu, 25 Mar 2021 18:24:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Mar 2021 18:24:43 GMT

GET
H2 200 lytics.min.css
www.scmagazine.com/wp-content/themes/haymarket/dist/css/ 37 KB
3 KB 15ms
12ms Stylesheet
text/css 2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/themes/haymarket/dist/css/lytics.min.css?ver=1614249820

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ece5f25bbc643556099a200aa2df5c428d74048e55db71c1880afd1adcb425a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2446198
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 090c3ac27a00002c195c949000000001
last-modified: Thu, 25 Feb 2021 10:43:40 GMT
server: cloudflare
etag: W/"60377f5c-95f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HrbmeNrCDy9kBUu1bciwRxFd7pppQCRc9xFWonK2VX3MMgu8Y6ePiCEtjy%2FXz1i7EnjQXGkHckkTBaUfdTijgGZfbrM0b0m%2BCTlAyMMvjwgP2rVZA4a85wn2h%2BFYJQg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 635a2d7d9a1b2c19-FRA

GET
H2 200 css
fonts.googleapis.com/ 702 B
461 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bree+Serif&ver=0.1.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b34b5f8c62763df4b14ac8364ae7022cfc2389be4a115bfd5a2cb5506ce41b79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Mar 2021 17:55:20 GMT
server: ESF
date: Thu, 25 Mar 2021 18:24:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Mar 2021 18:24:43 GMT

GET
H2 200 jquery.min.js Show response
www.scmagazine.com/wp-includes/js/jquery/ 87 KB
30 KB 25ms
23ms Script
application/javascript 2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5623403
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 090c3ac27b00002c191d076000000001
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: cloudflare
etag: W/"5f7dedd5-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r0UIg3phPWzA3SBrO5KWesGH2NJ41IM79DJW0KeiL3vppjRFAWEVc6%2FRBXZAGFOHs64vynsOT6uZ9aOKeo7yTMUrRL%2BlUcyWFy2Zw3ApFhK4y8HEmlEhDkKaeIN36IM%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 635a2d7d9a1d2c19-FRA

GET
H2 200 jquery-migrate.min.js Show response
www.scmagazine.com/wp-includes/js/jquery/ 11 KB
4 KB 23ms
20ms Script
application/javascript 2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5623403
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 090c3ac27b00002c1975a36000000001
last-modified: Thu, 19 Nov 2020 09:31:13 GMT
server: cloudflare
etag: W/"5fb63b61-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ONJ1huBNbuYQ6MNWWGabmjvayGFiGzD8euUttqmhl6%2Fo9nkdwlaXgpCTrG8g5E8daCOtRq4yXaeb6AS6wQxe6TKgN7aVJA%2BNBDdPFLc3lsScDMQolVtdgYMbGjLJCrQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 635a2d7d9a1e2c19-FRA

GET
H2 200 cookie.min.js Show response
www.scmagazine.com/wp-content/mu-plugins/cookie-controller/js/ 2 KB
1 KB 16ms
14ms Script
application/javascript 2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/mu-plugins/cookie-controller/js/cookie.min.js?ver=1.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e828282e92509efc0f7bc57888382c5816bd403e0abbb685eda5c4372cc7daa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 12137960
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 090c3ac27b00002c1962215000000001
last-modified: Tue, 17 Dec 2019 09:37:13 GMT
server: cloudflare
etag: W/"5df8a1c9-834"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2Vez0sU6CBPyuPsbUtClqUv%2BiX4rOcr5hQKahTogbZBZOHIb%2BPBGXHN92NsZ03zCavU1PQawFxA2tbIWOd6mKPMSeT35w0MH4AyBkOPC18T6BHtvk7CEIRHL1a8zxjw%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 635a2d7d9a202c19-FRA

GET
H2 200 hm-olytics-beacon.js Show response
www.scmagazine.com/wp-content/plugins/hm-olytics-beacon/js/ 1 KB
799 B 16ms
15ms Script
application/javascript 2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/plugins/hm-olytics-beacon/js/hm-olytics-beacon.js?ver=1.0.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90a260084cfdf97ada7a8e0650eb310a4206d79f1b3a53225d2b9053cc9e4c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 713466
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 090c3ac27c00002c1941b68000000001
last-modified: Thu, 25 Feb 2021 10:43:38 GMT
server: cloudflare
etag: W/"60377f5a-421"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NpoESS78hJm8fu4cQHLYM7TNlxvJZL1W%2FwHAO8rdAjiGl8h%2Blr31p55Oxh3OGmJGcaGva3pRXTI03gix1nQHqZNBRTyFQBY1q%2B36p%2Bzjns3qssvzI0Dw38vksgSYwDs%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 635a2d7d9a222c19-FRA

GET
H2 200 UtilityMove-custom.min.js Show response
www.scmagazine.com/wp-content/themes/haymarket/assets/vendor/ 2 KB
1 KB 30ms
28ms Script
application/javascript 2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/themes/haymarket/assets/vendor/UtilityMove-custom.min.js?ver=1614249820

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cffef365e4b53f1a6e9d33a7d42c0d1542b573360f774069589240f75f0e84f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2446198
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 090c3ac27f00002c198939f000000001
last-modified: Thu, 25 Feb 2021 10:43:40 GMT
server: cloudflare
etag: W/"60377f5c-751"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9p%2F6B1gTm58m6mfY0wdCh3MC1CPyDw%2BNSAVZkY9WNYeBxHxQyzGCh9JJm9Fe8gPml9ZoE7iIEp5AMRqC16pdfkYd1LvlvePiyVVk4FICJFI%2BPg2OGaHPZL76g0AptJM%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 635a2d7d9a242c19-FRA

GET
H2 200 polyfill.min.js Show response
www.scmagazine.com/wp-content/themes/haymarket/assets/js/frontend/ 102 KB
33 KB 26ms
25ms Script
application/javascript 2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/themes/haymarket/assets/js/frontend/polyfill.min.js?ver=1614249820

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59173f786dd1f3802f7ab26fd339aac4099dc10c6cb54a6a92213e6af277592a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2446198
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 090c3ac27d00002c1943a88000000001
last-modified: Thu, 25 Feb 2021 10:43:40 GMT
server: cloudflare
etag: W/"60377f5c-19873"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B5ViQL1Y22WaEeVhfTf4rtYidmmUExkfEkKrZYA8aGn0xroZbMwjcER%2FrDwfQ0fpYMWmTXE37to5KKy7f9etbgT4YtjE1W2HU8o2TJfRI339aJ%2BR%2F810%2FRfmbCO5Lzo%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 635a2d7d9a292c19-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 57 KB
19 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ece0dedc172c2dc1ecd1f1324c6f3e3cdd76a06e83688d0d85c5853374c4213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "823 / 287 of 1000 / last-modified: 1616680504"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19685
x-xss-protection: 0
expires: Thu, 25 Mar 2021 18:24:43 GMT

GET
H2 200 head.min.js Show response
www.scmagazine.com/wp-content/themes/haymarket/dist/js/ 43 KB
12 KB 20ms
19ms Script
application/javascript 2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/head.min.js?ver=1614249820

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a9bcb1cc2cb1d0cf031ef290b4df3594eb3e4486db13dfcf1f74c3e2a3e7460

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2446198
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 090c3ac27e00002c19708a8000000001
last-modified: Thu, 25 Feb 2021 10:43:40 GMT
server: cloudflare
etag: W/"60377f5c-ac71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i8AvTLHF5vh3TU0SuPr8GEQRoCaQy6%2FA44BiqoXHsUgWV1zo56%2F0WIne64SBV%2BUn%2BZq4%2BQannX9bCOeB3dWCiZp0STaoeYNQaGF%2Fn%2BthDoCQB%2B64eMot5Ov%2BfNFOrTY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 635a2d7d9a2d2c19-FRA

GET
H2 200 SC-MEDIACYBERSOURCEnotag.jpg
www.scmagazine.com/wp-content/uploads/2020/01/ 37 KB
38 KB 12ms
12ms Image
image/webp 2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.scmagazine.com/wp-content/uploads/2020/01/SC-MEDIACYBERSOURCEnotag.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa7628aebcdb63eb0dc126fa57ffcb0ee507df4c2a851b0c176e347b3174fc6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 8049
cf-polished: origFmt=jpeg, origSize=141243
content-disposition: inline; filename="SC-MEDIACYBERSOURCEnotag.webp"
vary: Accept
content-length: 38184
cf-request-id: 090c3ac30e00002c192f097000000001
last-modified: Tue, 21 Jan 2020 20:09:10 GMT
server: cloudflare
etag: "5e275a66-227bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4VEgNeOOSZohguhNS7HrhQkTsj5JyNFy9qZeeEFN9%2BM%2F2CHju86UZStWPDBYwI%2FBsidD5XJdQhDdr1L1a3AryOIGSj48K8Eu9w%2FKpocYL9ok%2BYR99OPHnKj9KzdEFU8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 635a2d7e7c292c19-FRA
cf-bgj: imgq:100,h2pri

GET
H2

200

WIS_Category.jpg
www.scmagazine.com/wp-content/uploads/2020/10/
Redirect Chain

https://www.scmagazine.com/wp-content/uploads/sites/2/2020/10/WIS_Category.jpg
https://www.scmagazine.com/wp-content/uploads/2020/10/WIS_Category.jpg

24 KB
24 KB

37ms
37ms

Image
image/webp

2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.scmagazine.com/wp-content/uploads/2020/10/WIS_Category.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ccbfc1b382f564f55d62e74b96d2ba307e20a9e24ec81a4b312facf0115ebf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 605649
cf-polished: origFmt=jpeg, origSize=32071
content-disposition: inline; filename="WIS_Category.webp"
vary: Accept
content-length: 24432
cf-request-id: 090c3ac32600002c19708b5000000001
last-modified: Fri, 23 Oct 2020 19:45:05 GMT
server: cloudflare
etag: "5f9332c1-7d47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BBHix6%2BpVjbzaAJRfo2%2B1Ob3Z9vTK1Cxg51ql%2B47kHSbiJr%2Fb9iNq0I2L6Dr5V2IlzW9eGn3QlUgfav4xpMHs2pjIaj1QyzF5NY8EjmzM4v2VL%2FL0W%2BpDFudAElfpNc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 635a2d7eac882c19-FRA
cf-bgj: imgq:100,h2pri

Redirect headers

date: Thu, 25 Mar 2021 18:24:43 GMT
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I6qGS6lQq%2Fc3zi6fGDczZeHkmdrhkdtkjhBQk7rjouZPDqDuST1vPdrO2wLpkXO9maCQzEkPryJCiA9ZQsao2SmWI6WL%2BzGVwue0WhVAcDwOL4Ko6b%2BBGgC4xSd7G5Q%3D"}],"max_age":604800,"group":"cf-nel"}
location: https://www.scmagazine.com/wp-content/uploads/2020/10/WIS_Category.jpg
cache-control: max-age=3600
strict-transport-security: max-age=15552000
cf-ray: 635a2d7e9c562c19-FRA
cf-request-id: 090c3ac31b00002c1975a46000000001
expires: Thu, 25 Mar 2021 19:24:43 GMT

GET
H2

200

WIS_Category_NEW3.png
www.scmagazine.com/wp-content/uploads/2020/10/
Redirect Chain

https://www.scmagazine.com/wp-content/uploads/sites/2/2020/10/WIS_Category_NEW3.png
https://www.scmagazine.com/wp-content/uploads/2020/10/WIS_Category_NEW3.png

68 KB
69 KB

18ms
18ms

Image
image/webp

2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.scmagazine.com/wp-content/uploads/2020/10/WIS_Category_NEW3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb5715d55cc019b082a09f7c21af37a0dbc58fbb1504642904dfd2a0efb308fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 246510
cf-polished: origFmt=png, origSize=138407
content-disposition: inline; filename="WIS_Category_NEW3.webp"
vary: Accept
content-length: 69696
cf-request-id: 090c3ac35a00002c190dab6000000001
last-modified: Fri, 23 Oct 2020 21:20:21 GMT
server: cloudflare
etag: "5f934915-21ca7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i08rzrorNEYXni5rMRj1uxv%2BMNHhamzkUMXPes5Bx7NHDdWmXbSW8hLusVxcwifTxQESbfJAEXfWTnUvi4vht7xr3N6tuPz9zOXUg1odNT%2BjFN6v4Bhh7IBh8mh%2FLYA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 635a2d7efd372c19-FRA
cf-bgj: imgq:100,h2pri

Redirect headers

date: Thu, 25 Mar 2021 18:24:43 GMT
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j3LPc5CjKaJ2BzUoRZuw98YmhgjrfT%2BuohNfqRSgrRdhH6Gtlh%2BHgNxs6YS%2BolAONQeodSgVzAI7lVOoinIWmCdj2o58zytcltPtNqFrcDLOpr7GqPx5JD1%2BWn%2BZWyk%3D"}],"max_age":604800,"group":"cf-nel"}
location: https://www.scmagazine.com/wp-content/uploads/2020/10/WIS_Category_NEW3.png
cache-control: max-age=3600
strict-transport-security: max-age=15552000
cf-ray: 635a2d7eed062c19-FRA
cf-request-id: 090c3ac34d00002c19132fe000000001
expires: Thu, 25 Mar 2021 19:24:43 GMT

GET
H2

200

WIS_Category_CyberVeterans.png
www.scmagazine.com/wp-content/uploads/2020/11/
Redirect Chain

https://www.scmagazine.com/wp-content/uploads/sites/2/2020/11/WIS_Category_CyberVeterans.png
https://www.scmagazine.com/wp-content/uploads/2020/11/WIS_Category_CyberVeterans.png

56 KB
57 KB

14ms
14ms

Image
image/webp

2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.scmagazine.com/wp-content/uploads/2020/11/WIS_Category_CyberVeterans.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4319d3c755ba162f9b1d5b7557ff75a4b92d4d90496e51e577753e7a3a5fbfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 605101
cf-polished: origFmt=png, origSize=91795
content-disposition: inline; filename="WIS_Category_CyberVeterans.webp"
vary: Accept
content-length: 57656
cf-request-id: 090c3ac37b00002c1963a09000000001
last-modified: Mon, 02 Nov 2020 17:03:57 GMT
server: cloudflare
etag: "5fa03bfd-16693"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l3LOWJkI4rcJSII%2BlIA%2BZqGvnc4UEwkasC3CErAzM4nHBpwypIOalsBEzWh%2FtJ7ZKfhG7yFiqnRejh44iuHjjwadEGL2dF0NQ20l2ycMA1d4Xfj12GkDHwzlEKcjSrU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 635a2d7f2db52c19-FRA
cf-bgj: imgq:100,h2pri

Redirect headers

date: Thu, 25 Mar 2021 18:24:43 GMT
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HznU3xKN94YXq5SXa2Sc%2ByyR7her4hyWeaEgfpY2mdZIEPAtMamGMgZHzC7arfT48Ijg4mmXwX6qruiUFf9lt9%2FhQpOiA%2B0b56glMIOUh2rkwz9o1VVb4FB1C8UNJks%3D"}],"max_age":604800,"group":"cf-nel"}
location: https://www.scmagazine.com/wp-content/uploads/2020/11/WIS_Category_CyberVeterans.png
cache-control: max-age=3600
strict-transport-security: max-age=15552000
cf-ray: 635a2d7f1d762c19-FRA
cf-request-id: 090c3ac36c00002c197aa9d000000001
expires: Thu, 25 Mar 2021 19:24:43 GMT

GET
H2

200

WIS_Category_NEW4.png
www.scmagazine.com/wp-content/uploads/2020/10/
Redirect Chain

https://www.scmagazine.com/wp-content/uploads/sites/2/2020/10/WIS_Category_NEW4.png
https://www.scmagazine.com/wp-content/uploads/2020/10/WIS_Category_NEW4.png

55 KB
55 KB

15ms
12ms

Image
image/webp

2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.scmagazine.com/wp-content/uploads/2020/10/WIS_Category_NEW4.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01b14536c00a6ed83d9131542f43205d26a2991623b670bb74d76cf27e418592

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2426901
cf-polished: origFmt=png, origSize=105335
content-disposition: inline; filename="WIS_Category_NEW4.webp"
vary: Accept
content-length: 56254
cf-request-id: 090c3ac3cd00002c195c96b000000001
last-modified: Fri, 23 Oct 2020 21:20:19 GMT
server: cloudflare
etag: "5f934913-19b77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MNr2Y%2FDtr9KeCq2h%2BNWvg3jmg8O3gSCccjOctrUrvQAbUKlUNfVgjGNUBvQpmQj1SdnPWHdRPEdqwq1d2o73k%2F%2FFnX7SiSIJcNeH1PQkhPVTwiAYbKPgNXTRPr28Qk4%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 635a2d7faee72c19-FRA
cf-bgj: imgq:100,h2pri

Redirect headers

date: Thu, 25 Mar 2021 18:24:43 GMT
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bb3EjJg9hms2ddfdnLHq0GGh%2ByPgJZF9v6G%2FYt2dHK0%2B2Gi%2B8Nwnam9x3fIl1cWVDmzVUSrE5FCxfvjHs4velD6rUXXtLpvRGp9QSGwTmd09GsJmY26FucGp6PZmi3k%3D"}],"max_age":604800,"group":"cf-nel"}
location: https://www.scmagazine.com/wp-content/uploads/2020/10/WIS_Category_NEW4.png
cache-control: max-age=3600
strict-transport-security: max-age=15552000
cf-ray: 635a2d7f4df82c19-FRA
cf-request-id: 090c3ac38a00002c194a04c000000001
expires: Thu, 25 Mar 2021 19:24:43 GMT

GET
H2 200 spinner.svg
www.scmagazine.com/wp-content/themes/haymarket/assets/svg/src/ 694 B
871 B 19ms
19ms Image
image/svg+xml 2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.scmagazine.com/wp-content/themes/haymarket/assets/svg/src/spinner.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abb1dd7905b3797711e15609800d43cabead4c0358dc0030a1932a20e82a37d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 10087084
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 090c3ac38b00002c197811a000000001
last-modified: Tue, 17 Dec 2019 09:37:16 GMT
server: cloudflare
etag: W/"5df8a1cc-2b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pIR91p7wZjepS1XewRAnKamE6bqdgBJPz5RUDdQog0K0XnqkFNFzMCCwqTJC7y9XfOmDY8vf7mE1xPUPyLnY3OT7k0E5gWsTY3ZAnA8%2Fz%2ByhVwR8n1ADYODBUbfFBxw%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 635a2d7f4dfc2c19-FRA

GET
H2 200 email-decode.min.js Show response
www.scmagazine.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 8ms
8ms Script
application/javascript 2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
cf-request-id: 090c3ac2a000002c192f08e000000001
last-modified: Tue, 16 Mar 2021 22:16:23 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60512e37-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sIOwhg9VdkFX8bbWBBOxCiEMMk%2BFTI9QVYdvW8YdEJQsvFfVragE9GrWGHS%2F8I6dThcY0s0pj6qjrvU0ygEatA9sc%2Fw3KfMPiSd1Q8LGAecxOV2ah6OyJBOVGWej17k%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 635a2d7dca8f2c19-FRA
expires: Sat, 27 Mar 2021 18:24:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 161 KB
52 KB 16ms
14ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MHZ6C39

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc367e9f5c93b6eed0f23d6fb7b9df08cc13e4924c6774d6188c760622aca609

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53076
x-xss-protection: 0
last-modified: Thu, 25 Mar 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Mar 2021 18:24:43 GMT

GET
H2 200 blocks.min.js Show response
www.scmagazine.com/wp-content/themes/haymarket/dist/js/ 8 KB
3 KB 16ms
15ms Script
application/javascript 2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/blocks.min.js?ver=1614249820

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0afd4d6b0313d25f689ed18a3ead599ce543f82035f33dda56ca529a0d7981f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2446198
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 090c3ac2af00002c196fbf4000000001
last-modified: Thu, 25 Feb 2021 10:43:40 GMT
server: cloudflare
etag: W/"60377f5c-1fb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=31znY5IFTpt0oNgSPyU2QW5vF70150YU6V4i1hlFr3UwhR84knfVmuncy9U9aWQdyZNuqLyGf6um3zfYtO8uVgGyep54%2FY1Lqza3vSMtUux%2FrTNQg%2B1qkUo1P%2B%2BM7I4%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 635a2d7deacd2c19-FRA

GET
H2 200 hm-olytics-page-tag.js Show response
www.scmagazine.com/wp-content/plugins/hm-olytics-beacon/js/ 239 B
503 B 14ms
13ms Script
application/javascript 2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/plugins/hm-olytics-beacon/js/hm-olytics-page-tag.js?ver=1.0.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0c4e5ffb84f98caaa33a1ccdfe81fe0a6d76c025cebf712fbcd3199e28f0031

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 713466
vary: Accept-Encoding, Accept-Encoding
cf-request-id: 090c3ac3b900002c196c3c4000000001
last-modified: Wed, 17 Mar 2021 12:11:33 GMT
server: cloudflare
etag: W/"6051f1f5-ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Foe9IRgZ37HWzEo%2F548zbJTRth3rgb5tU896zGuzPVx472tUOa6%2BxJTDbVhpdgIOZBw5KbSrA30J32kXVdWmAOgwYTxw2RSqMTaTD4AeDmgciLczkc%2FsaON5bCSVbdo%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 635a2d7f8e9a2c19-FRA

GET
H/1.1 200
OK hmi-registration-ui.manifest.js Show response
s3.amazonaws.com/haymarket-reg-js/develop/production/ 870 B
1 KB 532ms
142ms Script
application/javascript 52.217.50.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/haymarket-reg-js/develop/production/hmi-registration-ui.manifest.js?ver=0.1.1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.50.30 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5e8095cad5b71456e02e88835892814dba44009f6403b5a84416db008e5d357f

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 18:24:44 GMT
Last-Modified: Tue, 11 Aug 2020 02:56:01 GMT
Server: AmazonS3
x-amz-request-id: X6P2G5H44CASYGPV
ETag: "da9d29c4843b0bac5dd6ef34da93b22e"
Content-Type: application/javascript
x-amz-version-id: lBVwAglHDmp6fLxZy4fz12pXZDZUxHyZ
Accept-Ranges: bytes
Content-Length: 870
x-amz-id-2: cIsfbS1JVi4FNpoxzgNP+WjEA3b8p9zBYzULmr0y671txkjn9rSiNk5snQ+o+44Uhl6KFkLs/8g=

GET
H/1.1 200
OK hmi-registration-ui.vendor.js Show response
s3.amazonaws.com/haymarket-reg-js/develop/production/ 357 KB
357 KB 540ms
144ms Script
application/javascript 52.217.50.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/haymarket-reg-js/develop/production/hmi-registration-ui.vendor.js?ver=0.1.1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.50.30 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8e1c678764d16a66f783dfd8bee93916cf2b055635cef0362bc0640b610df5b5

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 18:24:44 GMT
Last-Modified: Tue, 11 Aug 2020 02:56:01 GMT
Server: AmazonS3
x-amz-request-id: X6P4Q2GJ4P5DARS3
ETag: "3d50e45eac853d7ff5898c6e8355f1cb"
Content-Type: application/javascript
x-amz-version-id: wulLLPFCPRcEdDRYL1_1QW.A2D.Je67N
Accept-Ranges: bytes
Content-Length: 365126
x-amz-id-2: cD3P9dMFkvHRMxvkCoyzoywss+DzQBRKzefRiAF9WDB0eSj2EgaUsbwOjVQxXtVotXUMc5xCdQM=

GET
H/1.1 200
OK hmi-registration-ui.bundle.js Show response
s3.amazonaws.com/haymarket-reg-js/develop/production/ 1 MB
1 MB 557ms
155ms Script
application/javascript 52.217.50.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/haymarket-reg-js/develop/production/hmi-registration-ui.bundle.js?ver=0.1.1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.50.30 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f8c3bc6b4612e018296f32dec014b0e8d4c8ef0c7ff449f26a28b641d3497da1

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 18:24:44 GMT
Last-Modified: Tue, 11 Aug 2020 02:56:01 GMT
Server: AmazonS3
x-amz-request-id: X6P8DN3YWW97MBXE
ETag: "7f48d5418252c54a9baf9ce1a74980be"
Content-Type: application/javascript
x-amz-version-id: P5VRJucwn2qmvNWevdaMGPbAlXCLHFuw
Accept-Ranges: bytes
Content-Length: 1322506
x-amz-id-2: WZ3xqXhp0uIj09cuiBa2VHCWaPqQtFnkejYvqwin2FlzsCgMtB2hUi7nYb/SwnPXyz6XAGqfoYE=

GET
H2 200 frontend.min.js Show response
www.scmagazine.com/wp-content/themes/haymarket/dist/js/ 139 KB
34 KB 20ms
20ms Script
application/javascript 2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1614249820

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb2822d278051ae981b2652bb06e8b3fe430ba1d5f803ae07c9a0580e6a7588c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2446197
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 090c3ac2c000002c19639f8000000001
last-modified: Thu, 25 Feb 2021 10:43:40 GMT
server: cloudflare
etag: W/"60377f5c-22c6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Pk68L1acZTNifRUpvZABAvgLE%2BNR3tsCSJNwjbm3gkg%2BtSPrh86arF%2FoOGCVqzu4tF4FHfUNJVwxPXdMNFqLzyDtYTa8OIkN%2B5OH%2Bvtb6EvcKI0kHeCSyX%2B9mDwZnLY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 635a2d7dfb052c19-FRA

GET
H2 200 iab.min.js Show response
www.scmagazine.com/wp-content/themes/haymarket/dist/js/ 8 KB
2 KB 15ms
15ms Script
application/javascript 2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1614249820

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1d0b1a9de0c9552e3fa4072ae4007a3a98a1855fc2736dd46dacaf121441eed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2446197
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 090c3ac2da00002c1932248000000001
last-modified: Thu, 25 Feb 2021 10:43:40 GMT
server: cloudflare
etag: W/"60377f5c-1ecd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bEfjGNpFWGfa%2FS7KESFtitT7Tj%2BuvslEzCUelIZJA%2BHXSiEA5t5A1soURGRsCKDFdklkDcTSIk4gXobs9%2FFkX0UqZKXsfB6e5sfxDPBIwXNBcouJmV0PJ7e0lgMoEBw%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 635a2d7e2b542c19-FRA

GET
H2 200 wp-embed.min.js Show response
www.scmagazine.com/wp-includes/js/ 1 KB
1 KB 15ms
15ms Script
application/javascript 2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-includes/js/wp-embed.min.js?ver=5.7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 713466
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 090c3ac2ea00002c19398d4000000001
last-modified: Tue, 09 Mar 2021 08:28:27 GMT
server: cloudflare
etag: W/"604731ab-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F7m7xodgoV2dnQwpHzbQCQ0YS4ig41v7qkcMkIms%2FUcRPcICfr9%2Fx6tsktWucCvJrynaLiTxZrALqhAkiDX4cyOccD%2F%2FGnRY2jse1raCQVZBE0LLSVCJDdqtoZtYpls%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 635a2d7e4ba12c19-FRA

GET
H/1.1 200 olytics.min.js Show response
olytics.omeda.com/olytics/js/v3/p/ 271 KB
73 KB 156ms
156ms Script
application/javascript 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Requested by

Host: www.scmagazine.com
URL: https://www.scmagazine.com/wp-content/plugins/hm-olytics-beacon/js/hm-olytics-beacon.js?ver=1.0.4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

f2554304acc687068f6dd84b750d742d1233e7ab21bf29837c68dfafc15dcc86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 18:24:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Feb 2021 23:44:02 GMT
Server: Apache
ETag: W/"277271-1614123842000"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=21600
Transfer-Encoding: chunked
Accept-Ranges: bytes
vary: accept-encoding
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Mar 2021 00:24:43 GMT

GET
H2 200 src.svg
www.scmagazine.com/wp-content/themes/haymarket/assets/svg/ 33 KB
9 KB 18ms
18ms Other
image/svg+xml 2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-content/themes/haymarket/assets/svg/src.svg?ver=1614249820

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

866e74600600f8647c979414828f3538d646101dc8504de84c2ed00e30460811

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2446197
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-request-id: 090c3ac3bd00002c1975a55000000001
last-modified: Thu, 25 Feb 2021 10:43:40 GMT
server: cloudflare
etag: W/"60377f5c-8317"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JqH4KBJFM1Jm5DbePsCbyPphzvWJqufMAkjbOjXbrGs%2Fl774454tI4sSKaRXErk67rb5ehQz%2BXPiBFbtwoR12A5g2zzHXoqseM7yeF%2Bj0KG3SJ3GlLRD177msMSCU3o%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 635a2d7f8e9e2c19-FRA

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.scmagazine.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 15:17:59 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 11204
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
expires: Fri, 25 Mar 2022 15:17:59 GMT

GET
H2 200 pubads_impl_2021031801.js Show response
securepubads.g.doubleclick.net/gpt/ 286 KB
100 KB 53ms
53ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

ecf0ffde6e56a2c058421a0ca1a3446a00d047de48239cd168f7eb93a07a9269

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Mar 2021 08:39:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102478
x-xss-protection: 0
expires: Thu, 25 Mar 2021 18:24:43 GMT

GET
H3-Q050 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
22 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.scmagazine.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 03:49:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
age: 52489
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
expires: Fri, 25 Mar 2022 03:49:54 GMT

GET
H3-Q050 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v17/ 24 KB
24 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.scmagazine.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 02:33:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:06 GMT
server: sffe
age: 143486
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24440
x-xss-protection: 0
expires: Thu, 24 Mar 2022 02:33:17 GMT

GET
H2 200 lio.js Show response
c.lytics.io/api/tag// 40 B
456 B 19ms
18ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag//lio.js

Requested by

Host: www.scmagazine.com
URL: https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1614249820

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6557812bb342a14c23635e24733f11e5752f9807a85053be80b6fbd955a34ed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
via: 1.1 google
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4045
content-encoding: br
cf-request-id: 090c3ac434000005e4c9189000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kDDzr7yAsz%2Bn1vP8XGkMgjt8OBY9Lz%2FOyl%2Brj3kuleEF672BsXEnLeugv%2FysWQFhEMu4ggySyswi2ljbDouVCgeqrLq2arXx668IJbc83wrBA0AbsI2VLw%3D%3D"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cf-ray: 635a2d804f7b05e4-FRA

GET
H2 200 most-widget Show response
www.scmagazine.com/wp-json/haymarket/v1/ 5 KB
2 KB 293ms
292ms XHR
application/json 2606:4700:20::ac43:44ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scmagazine.com/wp-json/haymarket/v1/most-widget?id=most-5

Requested by

Host: www.scmagazine.com
URL: https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/frontend.min.js?ver=1614249820

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:44ea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

7da0e9b124405f1d1a7b97e8be52b87c446b1cc990b5610e7998ced38978621f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-cacheable: SHORT
x-powered-by: WP Engine
x-cache: HIT: 57
strict-transport-security: max-age=15552000
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
cf-request-id: 090c3ac43300002c195f113000000001
x-cache-group: normal
pragma: no-cache
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
x-robots-tag: noindex
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"max_age":604800,"report_to":"cf-nel"}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VFF21eUTRr2Ltc0ZoDPmKU0F9EJ1MxklZ3TAgJ4MDgKA7kn2BzTLiILgwFCLAubNYZjkNI8o82Q1cXCnwHDpiQGg8FAbrXd5yIEnejAfyx9nmZf9BRXznauGxMItSEQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=600, must-revalidate
cf-ray: 635a2d80585b2c19-FRA
link: <https://www.scmagazine.com/wp-json/>; rel="https://api.w.org/"
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHZ6C39

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 5
date: Thu, 25 Mar 2021 18:24:38 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 25 Mar 2021 20:24:38 GMT

GET
H2 410 7341.js
script.crazyegg.com/pages/scripts/0034/ 0
0 13ms
12ms Script
application/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0034/7341.js?449082
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHZ6C39
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
cf-cache-status: HIT
last-modified: Thu, 25 Mar 2021 12:43:37 GMT
server: cloudflare
age: 20466
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 635a2d8088064e80-FRA
content-length: 0
cf-request-id: 090c3ac45600004e8080164000000001

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 62ms
61ms Script
application/x-javascript 13.226.146.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHZ6C39
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.146.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-155.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 01:50:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 59638
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: 14LrPjZtzIz4hsjm6QCsIxbiWt6uCqKDD3VLqge6dEKFhFimrJHhBQ==

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 8ms
7ms Script
application/x-javascript 2a02:26f0:7100:18c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18c::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 18:24:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=20846
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 init-131xlxqjsfx7lh82dpc.js Show response
api.b2c.com/api/ 469 B
791 B 206ms
206ms Script
text/javascript 2606:4700:e4::ac40:a417
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.b2c.com/api/init-131xlxqjsfx7lh82dpc.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHZ6C39
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a417 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5b3465fe21c461eddade8f637c5c3090fd99b31f216c215534a9a4d4135ec4a

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lgN4MCHSnSpUwoN2lnR%2BKUHaEE%2FZjcSgRcnnKN0gUgGDc6BB2akF%2F%2F5RZ1XqLS2TP3lUzDItFSDTEQ0Bwf77JUP5LcEQaQbW4XLPOgUDvalx%2B7BB73u3Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cf-ray: 635a2d809fc82c3a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 090c3ac45a00002c3ae5a1d000000001
expires: -1

GET
H/1.1 200
OK dpm_00fd4b4549a1094aae926ef62e9dbd3cdcc2e456.min.js Show response
s.dpmsrv.com/ 108 KB
38 KB 184ms
182ms Script
application/x-javascript 13.226.159.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_00fd4b4549a1094aae926ef62e9dbd3cdcc2e456.min.js
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-66.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0e1496a92d5756e5d4da2993d5bf9af1d22fdf9afef1a830b044f9bee4bbc0e

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 24 Mar 2021 22:29:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Oct 2020 14:40:15 GMT
Server: AmazonS3
Age: 71686
ETag: "f646e62f3bcaac64b7fc46d6b66c0ed9"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 38263
X-Amz-Cf-Id: yr6DoElAkbMf50whHaNq__XZ4Ls01x3aHcbS5gQuQ2K5LVYbuWxzKA==

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 28 KB
13 KB 78ms
77ms Script
application/javascript 52.18.215.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?2522021
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.215.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-215-87.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3cc4d52780a21eb51474c98c4693fd91cd8d2fc583e33a16dad087809f61cdc9

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 18:24:42 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Mar 2021 23:50:47 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=19563
Connection: keep-alive
Content-Length: 12550
Expires: Thu, 25 Mar 2021 23:50:47 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.scmagazine.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.scmagazine.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 440 B
372 B 81ms
80ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3861284811742753&correlator=1500310278356600&output=ldjh&impl=fif&eid=31060550%2C31060367%2C44739387&vrg=2021031801&ptt=17&sc=1&sfv=1-0-38&ecs=20210325&iu_parts=21883553441%2CSkin&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&prev_scp=pos%3D&eri=1&cust_params=pagetype%3Dnewsml_post%26author%3DJill%2520Aitoro%26postID%3D115653%26env%3Dlive%26sid%3D%26cat%3DMalware%26isnht%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1616696683&dt=1616696683655&dlt=1616696683121&idt=499&frm=20&biw=1600&bih=1200&oid=3&adxs=200&adys=0&adks=1385187290&ucis=1&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fbriefs%2Fbogus-android-clubhouse-app-drops-credential-swiping-malware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D9352I9980323E7D&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x2269&msz=1200x-1&ga_vid=1803363419.1616696684&ga_sid=1616696684&ga_hid=2086280394&ga_fc=false&fws=516&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c0f894bf78f9ce19b782cf37bda57237f6b86384179aa718dc196c29cdfb2b78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 226
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
15bc07d6ae308859f18b13a34fe71c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 32ms
16ms Other
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://15bc07d6ae308859f18b13a34fe71c4a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 7ms
6ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 94ms
93ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3861284811742753&correlator=1500310278356600&output=ldjh&impl=fif&eid=31060550%2C31060367%2C44739387&vrg=2021031801&ptt=17&sc=1&sfv=1-0-38&ecs=20210325&iu_parts=21883553441%2CPrestitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&prev_scp=pos%3D&eri=1&cust_params=pagetype%3Dnewsml_post%26author%3DJill%2520Aitoro%26postID%3D115653%26env%3Dlive%26sid%3D%26cat%3DMalware%26isnht%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1616696683&dt=1616696683660&dlt=1616696683121&idt=499&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=2268&adks=1753008912&ucis=2&ifi=2&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fbriefs%2Fbogus-android-clubhouse-app-drops-credential-swiping-malware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D9352I9980323E7D&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x2269&msz=1600x1&ga_vid=1803363419.1616696684&ga_sid=1616696684&ga_hid=2086280394&ga_fc=false&fws=4&ohw=1600&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

b718959e57f4ad310cc47d5e2cbc65b72bee6dafb609409c2621740dcd6954e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3771
x-xss-protection: 0
google-lineitem-id: 5641914383
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138342325908
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight_tag_errors.gif
px.ads.linkedin.com/ 43 B
404 B 198ms
198ms Image
image/gif 2620:119:50e1:101::6cae:b25
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/insight_tag_errors.gif?v=2&pid=68780&error=URI%20malformed&href=https%3A%2F%2Fwww.scmagazine.com%2Fbriefs%2Fbogus-android-clubhouse-app-drops-credential-swiping-malware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D9352I9980323E7D
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: gzip
server: Play
linkedin-action: 1
vary: Accept-Encoding
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-esv5
content-type: image/gif
content-length: 65
x-li-uuid: okE+eRGpbxaQsxg1dysAAA==

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 86 KB
34 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TCMLVLP&t=gtm2&cid=1803363419.1616696684

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c93e46aee76bd74ee44788a8191746b06cd28ac0d6c8217d7e457af33c629283

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34706
x-xss-protection: 0
last-modified: Thu, 25 Mar 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Mar 2021 18:24:43 GMT

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 62 B
572 B 64ms
63ms Script
application/javascript 52.18.215.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=84882&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.scmagazine.com%2Fbriefs%2Fbogus-android-clubhouse-app-drops-credential-swiping-malware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D9352I9980323E7D&pv=1616696683694_elemudyg4&bl=en-us&cb=2123591&return=&ht=&d=&dc=&si=1616696683694_elemudyg4&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?2522021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.215.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-215-87.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Mar 2021 18:24:42 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 147
Expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ 20 B
482 B 208ms
207ms Script
application/javascript 3.214.0.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=2522021
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?2522021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.0.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-0-136.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 18:24:43 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Fri, 26 Mar 2021 18:24:43 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=2086280394&t=pageview&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fbriefs%2Fbogus-android-clubhouse-app-drops-credential-swiping-malware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D9352I9980323E7D&ul=en-us&de=UTF-8&dt=Bogus%20Android%20Clubhouse%20app%20drops%20credential-swiping%20malware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjAAAADQAAAAC~&jid=1723643529&gjid=1754990867&cid=1803363419.1616696684&tid=UA-1290429-10&_gid=719015590.1616696684&_r=1&gtm=2wg3h0MHZ6C39&cd1=115653%3A0&cd2=&cd3=SC%20Staff&cd4=50&cd5=newsml_post&cd6=&cd7=&cd9=2021-03-19&cd10=164&cd12=&cd14=&cd15=&cd66=&cd70=&z=1626369785

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 18:24:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-1290429-10&cid=1803363419.1616696684&jid=1723643529&gjid=1754990867&_gid=719015590.1616696684&_u=aCjAAAACQAAAAC~&z=87077398

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 25 Mar 2021 18:24:43 GMT
content-type: text/plain
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-1290429-10&cid=1803363419.1616696684&jid=1723643529&_u=aCjAAAACQAAAAC~&z=268898299

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 18:24:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-1290429-10&cid=1803363419.1616696684&jid=1723643529&_u=aCjAAAACQAAAAC~&z=268898299

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 18:24:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 6D86 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 044b9eb888146c31d6e1be89fabd833c352d1f10f98bf15bfcd7d76699317aaf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050

200

15002726667886746698
tpc.googlesyndication.com/simgad/
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOHw8TxuICZKcA9fmPg9Vhxphua0iXrOLB7n-EJF4pNTxNKAt7eca5oIeTvKZ0DKK8qfR6AhOuHBUtETYxcl_gXv481RiUonQZHvH3ggren9NLeIP87zT9cvjGnI5srsxJC6tU7u5km...
https://tpc.googlesyndication.com/simgad/15002726667886746698?

131 KB
131 KB

8ms
8ms

Image
image/png

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15002726667886746698?

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b510adc7de1c652f886fa28731ea40e2b2b94606f80ae37d6c210ade3915c9b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 06:46:54 GMT
x-content-type-options: nosniff
age: 41869
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134088
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 22:52:35 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Mar 2022 06:46:54 GMT

Redirect headers

timing-allow-origin: *
date: Thu, 25 Mar 2021 18:24:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://tpc.googlesyndication.com/simgad/15002726667886746698?
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cac02e231c61068da6a4e6c177f2ccd14a5360aa3509af3be992bfbbad0c127b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616585787019197"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28245
x-xss-protection: 0
expires: Thu, 25 Mar 2021 18:24:43 GMT

GET
H2 200 pp.js Show response
api-52-10-46-90.b2c.com/s/ 12 KB
5 KB 17ms
16ms Script
text/javascript 2606:4700:e4::ac40:a417
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-52-10-46-90.b2c.com/s/pp.js
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a417 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 865de4cfa5e42ddb0e0c3ddba2ced28a31786a76ed314a8d32d18d40aeff50d3

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Mar 2021 16:18:04 GMT
server: cloudflare
age: 4845
etag: W/"6058c33c-2fdc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2tk7YdlqAY6c9Vq%2F9BoAFhsXQ7Ch1Io5DUR11q9NltUBe89KyfK5lmhplwSkAwyhXAJXPACdx3lRVp%2BRpDhjIQkq0ohSU3vjLzpTsnMp49Lcx6lqvp7vc1Id%2BT4npiR35c2FNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 635a2d81fab12c3a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 090c3ac53d00002c3ada295000000001

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D1122%26pixelIndex%3D0%26r%3D75844%26tzOffset%3D-60%26url%3Dhttps%253A%252F%252Fwww.scmagazine.com...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D1122%2526pixelIndex%253D0%2526r%253D75844%2526tzOffset%25...
https://a.dpmsrv.com/dpmpxl/index.php?id=7430666091954594850&q=xImp&v=1.x&cl=1122&pixelIndex=0&r=75844&tzOffset=-60&url=https%3A%2F%2Fwww.scmagazine.com%2Fbriefs%2Fbogus-android-clubhouse-app-drops...

243 B
997 B

140ms
140ms

Script
text/javascript

3.229.100.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=7430666091954594850&q=xImp&v=1.x&cl=1122&pixelIndex=0&r=75844&tzOffset=-60&url=https%3A%2F%2Fwww.scmagazine.com%2Fbriefs%2Fbogus-android-clubhouse-app-drops-credential-swiping-malware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D9352I9980323E7D&_=1616696683843
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.100.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-100-58.compute-1.amazonaws.com
Software: /
Resource Hash: 2cd94986af2d2e1350f0278b2b0e74616a507f50b57ae2671d82528e1d0d7f07

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 218
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 25 Mar 2021 18:24:44 GMT
X-Proxy-Origin: 37.120.211.172; 37.120.211.172; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.116:80
AN-X-Request-Uuid: add15597-6fe8-4203-921c-73159d9118ea
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://a.dpmsrv.com/dpmpxl/index.php?id=7430666091954594850&q=xImp&v=1.x&cl=1122&pixelIndex=0&r=75844&tzOffset=-60&url=https%3A%2F%2Fwww.scmagazine.com%2Fbriefs%2Fbogus-android-clubhouse-app-drops-credential-swiping-malware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D9352I9980323E7D&_=1616696683843
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ad.gif
api-52-10-46-90.b2c.com/api/ 43 B
396 B 211ms
210ms Image
image/gif 2606:4700:e4::ac40:a417
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-52-10-46-90.b2c.com/api/ad.gif
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a417 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:44 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"max_age":604800,"report_to":"cf-nel"}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hU9B2NJbiiXTMVdBPWbR3Wb%2BNQwjtvLQ9BF%2F0HNjNtELTiy0sizkQn6rDSjHgF9bka7NL%2F8RAY9Rr1RrG3ldU%2Bm%2Bl54FmHNi0Bop9hJyFJHnA1I%2BK4BmgKiK4jdG1BCinOVWjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 635a2d825b752c3a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
cf-request-id: 090c3ac57a00002c3aea177000000001

OPTIONS
H/1.1 200 olytics
oqs.omeda.com/oqs/rest/ Frame 0
0 179ms
179ms Preflight
text/plain 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Protocol

HTTP/1.1

Server

204.180.130.165 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.scmagazine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 600
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Content-Type: text/plain
Content-Length: 0
Date: Thu, 25 Mar 2021 18:24:43 GMT
Server: Apache

POST
H/1.1 200 olytics Show response
oqs.omeda.com/oqs/rest/ 15 B
307 B 159ms
159ms XHR
application/json 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.165 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

8f78cfd70561bfbb767311940126a4ccdfe36f1b955a5fd385df8617bca6417a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 25 Mar 2021 18:24:43 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 23ms
23ms Fetch
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Mar 2021 18:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 7077728925628168260
vary: Accept-Encoding, Origin
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 25 Mar 2021 18:24:43 GMT

OPTIONS
H/1.1 200 olytics
oqs.omeda.com/oqs/rest/ Frame 0
0 166ms
165ms Preflight
text/plain 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Protocol

HTTP/1.1

Server

204.180.130.165 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.scmagazine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 600
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Content-Type: text/plain
Content-Length: 0
Date: Thu, 25 Mar 2021 18:24:43 GMT
Server: Apache

POST
H/1.1 200 olytics Show response
oqs.omeda.com/oqs/rest/ 15 B
307 B 150ms
150ms XHR
application/json 204.180.130.165
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oqs.omeda.com/oqs/rest/olytics

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.165 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

68330f6767efe4ea90f23cb4bb722810d19758395bc24f59c7c893c0d4ae69ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 25 Mar 2021 18:24:43 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

HEAD
H3-Q050 200 gpt.js
www.googletagservices.com/tag/js/ 0
0 14ms
14ms Fetch
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "823 / 317 of 1000 / last-modified: 1616680504"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19685
x-xss-protection: 0
expires: Thu, 25 Mar 2021 18:24:44 GMT

GET
H/1.1

200
OK

4 Show response
v4-api-52-10-46-90.b2c.com/api/
Redirect Chain

https://api-52-10-46-90.b2c.com/api/x?iYIi8fk6mGgfPr2p$dXJsJDAkaHR0cHM6Ly93d3cuc2NtYWdhemluZS5jb20vYnJpZWZzL2JvZ3VzLWFuZHJvaWQtY2x1YmhvdXNlLWFwcC1kcm9wcy1jcmVkZW50aWFsLXN3aXBpbmctbWFsd2FyZS8_dXRtX3...
https://v4-api-52-10-46-90.b2c.com:444/api/4?iYIi8fk6mGgfPr2p

43 B
441 B

206ms
206ms

XHR
image/gif

52.10.46.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v4-api-52-10-46-90.b2c.com:444/api/4?iYIi8fk6mGgfPr2p
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.46.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-46-90.us-west-2.compute.amazonaws.com
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Mar 2021 18:24:44 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: openresty
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: null
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
Expires: -1

Redirect headers

date: Thu, 25 Mar 2021 18:24:44 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://v4-api-52-10-46-90.b2c.com:444/api/4?iYIi8fk6mGgfPr2p
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: https://www.scmagazine.com
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u0ZJSP0jOpL5wugPjXsGvxO0f2gOJVlN4w8jAWjJxV7PbYv%2B1bCWDSoxOtLSk%2FZBKcKyWH%2BylMp2DYopPLxp0eEdZdfExYOzVL%2BvNuUCgXW%2BAROP4HWWO1RmFwi77xuWJL%2BgxQ%3D%3D"}]}
access-control-allow-credentials: true
cf-ray: 635a2d8409514e2b-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 090c3ac68700004e2ba0966000000001

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=7430666091954594850&pixelIndex=0&_=1616696683844
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7430666091954594850&pixelIndex=0&_=1616696683844&google_gid=CAESEMKxqRE__cHKlzCPg1OUggU&google_cver=1

0
598 B

135ms
133ms

Script
text/javascript

3.229.100.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7430666091954594850&pixelIndex=0&_=1616696683844&google_gid=CAESEMKxqRE__cHKlzCPg1OUggU&google_cver=1
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.100.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-100-58.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 25 Mar 2021 18:24:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=7430666091954594850&pixelIndex=0&_=1616696683844&google_gid=CAESEMKxqRE__cHKlzCPg1OUggU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 368
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 423396.gif
idsync.rlcdn.com/ 0
42 B 49ms
48ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=7430666091954594850
Requested by: Host: www.scmagazine.com
URL: https://www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware/?utm_source=newsletter&utm_medium=email&utm_campaign=SCUS_Newswire_{{%27now%27|date:%27%Y%m%d%27}}&hmSubId={{contact.cms_id_encrypted}}&email_hash={{contact.email|md5}}&oly_enc_id=9352I9980323E7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:44 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

POST
H2 200 x
api-52-10-46-90.b2c.com/api/ 0
401 B 212ms
212ms Other
text/plain 2606:4700:e4::ac40:a417
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-52-10-46-90.b2c.com/api/x?iYIi8fk6mGgfPr2p$YWRibG9jayQzMDUkMA~~
Requested by: Host: api-52-10-46-90.b2c.com
URL: https://api-52-10-46-90.b2c.com/s/pp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a417 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Mar 2021 18:24:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 090c3ac72900002c3aceacd000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=McVy2kJ4ogCMwLje76Bkt%2Fk0tuP5dJPCfA0Rmd68JVD3PnIbybceWEumAiPERkdnooyuEZBQfnE%2FjLPv20b%2F%2BilVIyXaz%2BNAhHG12whHO1evXcP77Ud1SxAmrIlOR2d8Bm0QiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 635a2d8509a22c3a-FRA
expires: -1

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d85e6fa93a5310f5ab42fb0e4276d186a20c5dd39bf9a0b8ea49613f37776fe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Mar 2021 18:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6511
x-xss-protection: 0

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 140A 0
181 B 66ms
65ms Document
text/html 52.208.188.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=znpsh7f&ref=https%3A%2F%2Fwww.scmagazine.com%2Fbriefs%2Fbogus-android-clubhouse-app-drops-credential-swiping-malware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D9352I9980323E7D&upid=e4qkh98&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.188.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-188-183.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=znpsh7f&ref=https%3A%2F%2Fwww.scmagazine.com%2Fbriefs%2Fbogus-android-clubhouse-app-drops-credential-swiping-malware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D9352I9980323E7D&upid=e4qkh98&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.scmagazine.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.scmagazine.com/

Response headers

date: Thu, 25 Mar 2021 18:24:44 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 6ms
6ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=2086280394&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fbriefs%2Fbogus-android-clubhouse-app-drops-credential-swiping-malware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D9352I9980323E7D&ul=en-us&de=UTF-8&dt=Bogus%20Android%20Clubhouse%20app%20drops%20credential-swiping%20malware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fbriefs%2Fbogus-android-clubhouse-app-drops-credential-swiping-malware%2F&el=25%25&ev=25&_u=aCjAAAADQAAAAC~&jid=&gjid=&cid=1803363419.1616696684&tid=UA-1290429-10&_gid=719015590.1616696684&gtm=2wg3h0MHZ6C39&z=1465001603

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 12:28:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21376
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 25 Mar 2021 18:24:44 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 86B2 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.scmagazine.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.scmagazine.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 25 Mar 2021 16:17:32 GMT
expires: Fri, 25 Mar 2022 16:17:32 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7632
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 86B2 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:36:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 13670
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Fri, 25 Mar 2022 14:36:54 GMT

GET
H/1.1 200
OK index.php Show response
a.dpmsrv.com/dpmpxl/ 5 B
1 KB 134ms
133ms Script
text/javascript 3.229.100.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=xSeg&v=1.x&ep%5Bids%5D=20986004&cl=1122&pixelIndex=0&r=337104&tzOffset=-60&url=https%3A%2F%2Fwww.scmagazine.com%2Fbriefs%2Fbogus-android-clubhouse-app-drops-credential-swiping-malware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D9352I9980323E7D&id=7430666091954594850&_=1616696683845
Requested by: Host: s.dpmsrv.com
URL: https://s.dpmsrv.com/dpm_00fd4b4549a1094aae926ef62e9dbd3cdcc2e456.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.100.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-100-58.compute-1.amazonaws.com
Software: /
Resource Hash: fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 31
Expires: 0

GET
H/1.1 200
OK seg
ib.adnxs.com/ 43 B
1 KB 53ms
53ms Image
image/gif 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/seg?member=%env(APPNEXUS_ID)&add=20986004

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Mar 2021 18:24:44 GMT
X-Proxy-Origin: 37.120.211.172; 37.120.211.172; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.121:80
AN-X-Request-Uuid: 00ade319-eac0-44be-abc9-63f191882f65
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 41ms
41ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021031801&jk=3861284811742753&bg=!GRqlGl7NAAbUo7L91KM7ACkAdvg8WouF9rzxQiJBL0wbsOlHx5HKtN3ExJGJ_Ras6cI0ulahECypuwIAAAB6UgAAAA1oAQcKAchh_HYZXJLvnt0l-vL1cZ1raX0_wf3k8r6N0U2GnNulRN7W_OdBLYMjK-_qGE7Ountaei-Zdw1BLIbhfiE21qGR6uL7whdZo5ajLbaqs356GC73IbVg1rUIPqAbPmKEu9fRAHf1IK-LGd6L6WZzgYTgaMjBwAyRTvgJXjDXtHMn792SitRyFkyOY1lDKnrDgrZLWGQVNAAUlbo66YceO5mTEfLJfLiuMB1RAs6Fit7qnYc3eyXuJL8PeF-te0k_pwefdFi93TKCfstYeNcTrNHNL48eo5pdVqczBmV7NPO6JB09IPTzZ5-eqwoFBxz5roTKexeQS-kXrOTWhnQjXw-7xZSgFVQ7LOKyMU3rpUiC6hTv-WjWby7Ko75bOjUZRs9SSroRuz7OnR1R6wbAOgk5khOeHW5Mlnq-9zJax9cpn7WcGMJYX1Su9cDLvc0miuvdhn8Fcea4P4RL0XNNngu3xMXjslM2_Dkl1QgADcYCpQHC94lxuruNeWSYX-GpVyOrrxTRQMhNjYU3PWp2prEMZtanrKyOtb3x9r5D6VObA0rzIgbCzbPB5PPzwugaZhFiknVSjFOMB29Sk4zUeyal4teLrw8kH4qZAdEznlvpic2_Bvheh5Pu66oEs2E0td0SUpPufizzYcuFFm_5LLBFXt_wak8rkmpzVZMU_CJtArvrs-Gm3RJ7Phl824s3oxhZawrdeb2guDeohRQLzqr_dxJs_MoyQIYF8FIr90bAvsFSyQAa6gtbiA8e3RKYhSrJSn-Y4CzTzA5zgE31lwFtH7zxDZqPc76b06qbP_L4omaFu3flfxKf_SyUR35sBtqlJKRAiSPU_Rdgl5nsLU8m-e76w-k7IIH75reicRwzrt2Gs22ooSQT_eUzXjGK9YkJCHthEYE3HWG3FiP8weUd6ydsiR-I8z6d2qKBPEkpu9lp1FX4HSTHKHUJCF4gw5qQbXQZ16MlpG7TOhnxplt_M41pyp3bdODdLInIiKm0lYdv7931PKv26wrjS_rapDPad8bBCvDRXGUvn1Kim9p4qrXj4gfj8iJSBdVeb5eyj_B2RjMj54te7hXjIFF1QfErg8dsOIc-oPxmEQcxzcILWO32R93ZlIFVa19XshR0UncNr0SWhaeeGz5MiSaL32Jn_uEnu1AJfSlPF5yArKx1Eqoof-w3_OXzMafFltsJeQVVLpExSPi8mO-iRWTo3zjlCn0S7oKQa6sEMr0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 18:24:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200 p
olytics.omeda.com/olytics/segments/ Frame 0
0 150ms
150ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://olytics.omeda.com/olytics/segments/p
Protocol: HTTP/1.1
Server: 204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.scmagazine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
vary: Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length: 0
Date: Thu, 25 Mar 2021 18:24:44 GMT
Server: Apache

OPTIONS
H/1.1 200 /
olytics.omeda.com/olytics/segments/form/check/ Frame 0
0 148ms
147ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://olytics.omeda.com/olytics/segments/form/check/
Protocol: HTTP/1.1
Server: 204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.scmagazine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
vary: Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length: 0
Date: Thu, 25 Mar 2021 18:24:44 GMT
Server: Apache

OPTIONS
H/1.1 200 cswitch
olytics.omeda.com/olytics/segments/ Frame 0
0 148ms
147ms Preflight 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://olytics.omeda.com/olytics/segments/cswitch
Protocol: HTTP/1.1
Server: 204.180.130.159 , United States, ASN53866 (QTS-AS, US),
Reverse DNS: my.omedastaging.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.scmagazine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
vary: Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Headers: access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length: 0
Date: Thu, 25 Mar 2021 18:24:44 GMT
Server: Apache

POST
H/1.1 200 p Show response
olytics.omeda.com/olytics/segments/ 20 B
313 B 178ms
178ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/segments/p

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 25 Mar 2021 18:24:44 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

POST
H/1.1 200 / Show response
olytics.omeda.com/olytics/segments/form/check/ 20 B
313 B 172ms
172ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/segments/form/check/

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 25 Mar 2021 18:24:44 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

POST
H/1.1 200 cswitch Show response
olytics.omeda.com/olytics/segments/ 20 B
313 B 147ms
147ms XHR
application/json 204.180.130.159
QTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://olytics.omeda.com/olytics/segments/cswitch

Requested by

Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.180.130.159 , United States, ASN53866 (QTS-AS, US),

Reverse DNS

my.omedastaging.com

Software

Apache /

Resource Hash

a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 25 Mar 2021 18:24:44 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
146 B 16ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.scmagazine.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Mar 2021 18:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
146 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.scmagazine.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Mar 2021 18:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
11 KB 102ms
101ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3861284811742753&correlator=1500310278356600&output=ldjh&impl=fif&eid=31060550%2C31060367%2C44739387&vrg=2021031801&ptt=17&sc=1&sfv=1-0-38&ecs=20210325&iu_parts=21883553441%2CLeaderboard&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x250&prev_scp=pos%3Dleaderboard1&eri=1&cust_params=pagetype%3Dnewsml_post%26author%3DJill%2520Aitoro%26postID%3D115653%26env%3Dlive%26sid%3D%26cat%3DMalware%26isnht%3Dfalse&cookie=ID%3D88da03d186f9ff7d-2268871fe3ba0083%3AT%3D1616696683%3AS%3DALNI_MbnW-6lbC75kYN8_yVpe4xhNd7XyQ&bc=31&abxe=1&lmt=1616696685&dt=1616696685750&dlt=1616696683121&idt=499&frm=20&biw=1600&bih=1200&oid=3&adxs=216&adys=170&adks=490734277&ucis=3&ifi=3&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fbriefs%2Fbogus-android-clubhouse-app-drops-credential-swiping-malware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D9352I9980323E7D&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1200x106&msz=1168x90&psts=AGkb-H9Nu-RHeER7iUWA9luTMuByIPoSX84zELBi12sKkpbkUVTFRX15xtXpeZazDSDF8WoAKZ33rWD-6TSLMZw%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1803363419.1616696684&ga_sid=1616696684&ga_hid=2086280394&ga_fc=false&fws=4&ohw=1600&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

7919d819ceb189db6991027833b6c50eb1c1c3ad61c3b6fe2b6ae1263fcb27d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11609
x-xss-protection: 0
google-lineitem-id: 5639645984
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138342325314
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame F412 0
0 82ms
82ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvokQovfKCmiBJWBPctSFNKE3M4367LLlXycGbV5oSodF4w_afiJaJjYsENOKwgfTb-R0PQGNQp0SHAuKM5Irvlw1MxnlraQir7jBneenEWDBm7mEy1DnjEFjzzyufakCTDLQZUBjvDbNlnHepfQG8OOe5GVIM98zSELneRmWXxeKPxb1GR4M8jG-iMK-nzjtn7TxdF15N2q090SEwwp8iaV5aRRwj1sqQ0InFQI7SwJVvNr3Pgz2YKST2mXFBs2t7nNX5KhaOUc1P2lrX5K_y8hcyOvI18IKkhluu96LU2o5yk&sig=Cg0ArKJSzFcSF_KiTRlfEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Mar 2021 18:24:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/ Frame F412 17 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab2acc5edb2198c0c0c25a5a4a470df2a048c69e982d11b4b96f22b21332fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 14491782869175424788
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Apr 2021 18:23:02 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame F412 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Apr 2021 18:21:07 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F412 118 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e705dfac9d3d11ae87071979b2bbb52db73d03fff6252c1b73ce5b3c7ebb6e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616585768493349"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36563
x-xss-protection: 0
expires: Thu, 25 Mar 2021 18:24:45 GMT

GET
H3-Q050 200 145082772911611829
tpc.googlesyndication.com/simgad/ Frame F412 41 KB
41 KB 9ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/145082772911611829

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c33af80285d91a8e4208a1c273b2f0dc387726f992a06b02d597a73f7a7a18a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 10:10:17 GMT
x-content-type-options: nosniff
age: 29668
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42075
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 22:50:46 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Mar 2022 10:10:17 GMT

GET
DATA 200
OK truncated
/ Frame F412 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 520b381a5ca7da96fac317cfeb9ed82e4f1bc835e8560b37b271462c31048ec8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame F412 0
0 84ms
83ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9xb3rDngSXH1MSS9bnPSOIS8T8HOcmXw_R78jJW50Vrav_t9TWZUKJEbVqNZ6bhYFYyh9E6kzOGqzPXSn89orXpefkmJ-Z8OsexTpfv4Vejk6tt7cDHtSfZhFS66YXnTRGLWcXzLuVlLpd9bMxuraISkUr6QOUhCTTd-KzjSuYhLKyBIZg8DSamZRFlQsgpsmwy7W8kuH1wxFSzQxfxMWahsh4XSCsFIEIQbjKY50sWf0zjbMIcg0NJqlja7EOnCd419iCNPOXldO_OnIewp68YbZI8HXFb6V3S5myUREtGSzcRU&sig=Cg0ArKJSzP1HD4gthIRLEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Mar 2021 18:24:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 25 Mar 2021 18:24:45 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.scmagazine.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Mar 2021 18:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.scmagazine.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Mar 2021 18:24:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 450 B
417 B 89ms
89ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3861284811742753&correlator=1500310278356600&output=ldjh&impl=fif&eid=31060550%2C31060367%2C44739387&vrg=2021031801&ptt=17&sc=1&sfv=1-0-38&ecs=20210325&iu_parts=21883553441%2CLeaderboard&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x250&prev_scp=pos%3Dleaderboard2%26lid%3D5639645984&eri=1&cust_params=pagetype%3Dnewsml_post%26author%3DJill%2520Aitoro%26postID%3D115653%26env%3Dlive%26sid%3D%26cat%3DMalware%26isnht%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1616696686&dt=1616696686872&dlt=1616696683121&idt=499&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=2232&adks=2588316086&ucis=4&ifi=4&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fbriefs%2Fbogus-android-clubhouse-app-drops-credential-swiping-malware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D9352I9980323E7D&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x2046&msz=1600x90&psts=AGkb-H8PE-dUMqaBe1JLI0sLAkBiIFy97E6-lCbNO_RfQI22Tqd3HPxR7EINAlDjG1tEU2JjkYZNJp4NZiiKc7w%2CAGkb-H9Nu-RHeER7iUWA9luTMuByIPoSX84zELBi12sKkpbkUVTFRX15xtXpeZazDSDF8WoAKZ33rWD-6TSLMZw%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1803363419.1616696684&ga_sid=1616696684&ga_hid=2086280394&ga_fc=false&fws=4&ohw=1600&btvi=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

592c3cccb05fe6dee17eb77f5acab4235ce8f1da28520b3e8ce012ce6854c399

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 239
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F412 42 B
108 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQoFfNRKescRs11dvfbNS9Eu60r25hj99bi4SPvq-oZ_XxIAjaAqSjVHcLiwYlKr1h8srQvDnTvxZv46BxiMkPu8uOgReb__-ZFkKFe3g&sig=Cg0ArKJSzIwxSijswTetEAE&id=osdim&mcvt=1000&p=170,436,260,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210324&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=490734277&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616696685867&dlt=0&rpt=73&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 18:24:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
146 B 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.scmagazine.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Mar 2021 18:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
146 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.scmagazine.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Mar 2021 18:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
12 KB 94ms
93ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3861284811742753&correlator=1500310278356600&output=ldjh&impl=fif&eid=31060550%2C31060367%2C44739387&vrg=2021031801&ptt=17&sc=1&sfv=1-0-38&ecs=20210325&iu_parts=21883553441%2CBox&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600%7C300x1050&prev_scp=pos%3Dbox1%26lid%3D5639645984%2Cnull&eri=1&cust_params=pagetype%3Dnewsml_post%26author%3DJill%2520Aitoro%26postID%3D115653%26env%3Dlive%26sid%3D%26cat%3DMalware%26isnht%3Dfalse&cookie=ID%3D470b6f51df16d3f7-222febabe0ba00b5%3AT%3D1616696686%3AS%3DALNI_MZ2HfaUu4Y5rt8QfhBaRmk0MeoKRQ&bc=31&abxe=1&lmt=1616696687&dt=1616696687976&dlt=1616696683121&idt=499&frm=20&biw=1600&bih=1200&oid=3&adxs=1084&adys=403&adks=607498164&ucis=5&ifi=5&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fbriefs%2Fbogus-android-clubhouse-app-drops-credential-swiping-malware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D9352I9980323E7D&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H8PE-dUMqaBe1JLI0sLAkBiIFy97E6-lCbNO_RfQI22Tqd3HPxR7EINAlDjG1tEU2JjkYZNJp4NZiiKc7w%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9Nu-RHeER7iUWA9luTMuByIPoSX84zELBi12sKkpbkUVTFRX15xtXpeZazDSDF8WoAKZ33rWD-6TSLMZw%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1803363419.1616696684&ga_sid=1616696684&ga_hid=2086280394&ga_fc=false&fws=4&ohw=1600&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

880e77d9ac0f0e73a45c0a9a60d15cd40366ce887c8a3e37d8cbb51747a398c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11706
x-xss-protection: 0
google-lineitem-id: 5639645984
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138342325317
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
12 KB 108ms
108ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3861284811742753&correlator=1500310278356600&output=ldjh&impl=fif&eid=31060550%2C31060367%2C44739387&vrg=2021031801&ptt=17&sc=1&sfv=1-0-38&ecs=20210325&iu_parts=21883553441%2CBox&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=pos%3Dbox2%26lid%3D5639645984%2Cnull&eri=1&cust_params=pagetype%3Dnewsml_post%26author%3DJill%2520Aitoro%26postID%3D115653%26env%3Dlive%26sid%3D%26cat%3DMalware%26isnht%3Dfalse&cookie=ID%3D470b6f51df16d3f7-222febabe0ba00b5%3AT%3D1616696686%3AS%3DALNI_MZ2HfaUu4Y5rt8QfhBaRmk0MeoKRQ&bc=31&abxe=1&lmt=1616696687&dt=1616696687983&dlt=1616696683121&idt=499&frm=20&biw=1600&bih=1200&oid=3&adxs=1084&adys=2432&adks=1048971383&ucis=6&ifi=6&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.scmagazine.com%2Fbriefs%2Fbogus-android-clubhouse-app-drops-credential-swiping-malware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D9352I9980323E7D&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x283&msz=300x250&psts=AGkb-H8PE-dUMqaBe1JLI0sLAkBiIFy97E6-lCbNO_RfQI22Tqd3HPxR7EINAlDjG1tEU2JjkYZNJp4NZiiKc7w%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9Nu-RHeER7iUWA9luTMuByIPoSX84zELBi12sKkpbkUVTFRX15xtXpeZazDSDF8WoAKZ33rWD-6TSLMZw%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1803363419.1616696684&ga_sid=1616696684&ga_hid=2086280394&ga_fc=false&fws=4&ohw=1600&btvi=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

3ad66c6587d4dce47c3a074ccaf109ac68b0ee1df514014664d8a010a02a224a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11749
x-xss-protection: 0
google-lineitem-id: 5248479770
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138321331474
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.scmagazine.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B0B1 0
0 81ms
81ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcOt843pCAmeREj8BF4upoGKJ5LiB3Be204D2nTTXTRl4pxYoRfKnQT7-9OhNmtqBG2vbVXyT7ykNYOIzkHibo6GT6bV5ao6wXrHn-teHP8uo9gn783YZm1tWUy9_qUoop4M8Fuq5bFePpj0bFG5AY9ZRDqt0gKH34W2BKYgxFJKKJC_DkV6OvSqNH3ZMZcuOaCXdm96KhJBYUjfhulvBZVdEb05ncXXM_miDzaKX7wWaF1BUk-f9e5w-qy0J96FeMcqjGPg9xJyiqyGjId9nwOOimnTdRux7mKJVz0yU&sig=Cg0ArKJSzLtyTGS0XNySEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Mar 2021 18:24:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/ Frame B0B1 17 KB
7 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab2acc5edb2198c0c0c25a5a4a470df2a048c69e982d11b4b96f22b21332fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 14491782869175424788
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Apr 2021 18:23:02 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame B0B1 2 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Apr 2021 18:21:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B0B1 118 KB
36 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e705dfac9d3d11ae87071979b2bbb52db73d03fff6252c1b73ce5b3c7ebb6e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616585768493349"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36563
x-xss-protection: 0
expires: Thu, 25 Mar 2021 18:24:48 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B0B1 0
0 15ms
14ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR2lfFe867mJKLyvRCLAWx8kpTJn_XETdoq_U1wvsavHgAiZYh48nPBjHJw-DTU4NtrrW7T
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 12223003550181143819
tpc.googlesyndication.com/simgad/ Frame B0B1 53 KB
54 KB 11ms
10ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12223003550181143819

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50a636a228743fa78971231862e7bfebccbd636268de6a34c61f3ca3777364d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 10:12:40 GMT
x-content-type-options: nosniff
age: 288728
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54734
x-xss-protection: 0
last-modified: Tue, 09 Mar 2021 22:50:46 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 10:12:40 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame D01B 0
0 81ms
81ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHHoqYNmsIlc0YA70cje_ODOPMgmeVq5E6J6VM0UDEzwJJuPFg-cIVzGiIlEzoxXPlsfUN36zsGkYgOs_KKbZf0tKrstVEo-DVbQPWQ5j8h2cMz1r8i338E857rIITfbBfIujg9WOHfd-VWcg2d2ryuQeiKNxW7jc4rwKfcTf2VD-ZKewq9mB6-wI4DkUuDJx91NA4oQCbdXsOCQrg-sC499_KtS3wqshuXZ6LkR1KYjTMixa9ULN7tVSPjFdpGoKVXSGgJc53cIIZ8movbVQnP6wqHZHYL6YNXhNWHXM&sig=Cg0ArKJSzAaEKQKH0tM4EAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Mar 2021 18:24:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/ Frame D01B 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab2acc5edb2198c0c0c25a5a4a470df2a048c69e982d11b4b96f22b21332fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 14491782869175424788
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Apr 2021 18:23:02 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame D01B 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Apr 2021 18:21:07 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D01B 118 KB
36 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e705dfac9d3d11ae87071979b2bbb52db73d03fff6252c1b73ce5b3c7ebb6e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:24:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616585768493349"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36563
x-xss-protection: 0
expires: Thu, 25 Mar 2021 18:24:48 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame D01B 0
0 14ms
14ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfQ-Q0NfiUNzzyn546eE4Aq8LyKckejn10RO95GUGYXeNJ6aMI3V5WJ_-Q8e7pq6WrMCO8
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 6437931825489883698
tpc.googlesyndication.com/simgad/ Frame D01B 104 KB
104 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6437931825489883698

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde6c8f2d12960ffe22f3f0179ccefd3e565641c5bdcd54ad9d8f512c79c6d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 03:30:32 GMT
x-content-type-options: nosniff
age: 53656
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106534
x-xss-protection: 0
last-modified: Sat, 14 Dec 2019 15:48:47 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Mar 2022 03:30:32 GMT

GET
DATA 200
OK truncated
/ Frame B0B1 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4f81c6b87bcaa445f7af0251f1a1a780324b2f25ba864852e0c016f7239982b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B0B1 0
0 76ms
76ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOHejgwdlT9Utcadf_gbmUBlkaeKYJcDX1l30zfwEQgqtA6fcpoAimMW8-EkxhZ3zrFIyqhhUFjwM6aCEVAu7VEfLQYDtHQGO0FIKBa4_FS2EwFdxQNcAzcQQzrwgahEBmK8Lk7_SbUbp-sc8kcIqlxFjroPzgjf_hgtth_kZ9FL6xrfmYjvaEdnAya9pxsRSGDnaT5Z0tqnzNyCwN8g8alhTN5QtBn5sqX1uk15RqLu4UYHYy8TpzTAKtjgWhunPuAgWtW-JaFpPGAvvBS5EVni39_YQVjhB6QnvnxCIuZQ&sig=Cg0ArKJSzCqgOdBrvJV3EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Mar 2021 18:24:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 25 Mar 2021 18:24:48 GMT

GET
DATA 200
OK truncated
/ Frame D01B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b357102afe720e8710d6bf2d0d06c5207b76f3dd39881bc34b5a7bc9db2d1936

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame D01B 0
0 77ms
76ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvtaTYWg34jIqAq-llf3t876R7E7q_4IbbSajiKCBS25voTsSsJ3YVPu9I27kOhK-9M8_HPGHCL2Zn1NQdfs6v_XindWPpjdwQsXkswdtkFmevEcW0iOow4O4rJneIdKUiArlAveQM6ffE4ORJEIf3BCE-Dckr5kx0efs5bsc98HH7g4L7nvVMC_cyLwrs-d2zxYAr0NeHsqN4AN-g4abMNF4iPciGkDSfCYjuNCrnS2yuY-5o9CZbz2RQU387m5xqMIyOYpr6d_79fYCVgietpOQsh8lXIPlciq4lzfnSJg&sig=Cg0ArKJSzOJyFgOCmOixEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Mar 2021 18:24:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 25 Mar 2021 18:24:48 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B0B1 42 B
89 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstyiUQXThO9u4paw8qxkrkKrObJk7aVf6Om1BLQBtwg1ODEd2W3INRkOQ2sjnaI1jDMAg7m1AOJkKB7K1_CKtxa8WB91wXYwjke1EKC9fA&sig=Cg0ArKJSzAQtBYkYX1BbEAE&id=osdim&mcvt=1000&p=403,1084,653,1384&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210324&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=607498164&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616696688081&dlt=0&rpt=58&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 18:24:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 7ms
6ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=2086280394&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.scmagazine.com%2Fbriefs%2Fbogus-android-clubhouse-app-drops-credential-swiping-malware%2F%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3DSCUS_Newswire_%7B%7B%2527now%2527%7Cdate%3A%2527%25Y%25m%25d%2527%7D%7D%26hmSubId%3D%7B%7Bcontact.cms_id_encrypted%7D%7D%26email_hash%3D%7B%7Bcontact.email%7Cmd5%7D%7D%26oly_enc_id%3D9352I9980323E7D&ul=en-us&de=UTF-8&dt=Bogus%20Android%20Clubhouse%20app%20drops%20credential-swiping%20malware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User%20Engagement&ea=Beacon&_u=aCjAAAADQAAAAC~&jid=&gjid=&cid=225058012.1616696662&tid=UA-1290429-10&_gid=1234980742.1616696694&gtm=2wg3h0MHZ6C39&cd13=No&z=1398913186

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.scmagazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 12:28:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21390
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.scmagazine.com/	1970-01-20 01:50:32	Name: oly_anon_id Value: %22118313cf-3c52-41d7-a51c-fa586178772c%22
.scmagazine.com/	1970-01-20 01:50:32	Name: oly_enc_id Value: %229352I9980323E7D%22
.scmagazine.com/	1970-01-20 02:26:32	Name: __gads Value: ID=88da03d186f9ff7d-2268871fe3ba0083:T=1616696683:S=ALNI_MbnW-6lbC75kYN8_yVpe4xhNd7XyQ
www.scmagazine.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 34.024
www.scmagazine.com/	1970-01-23 08:40:56	Name: _ccmsi Value: 1616696683694_elemudyg4\|1616696683694
.scmagazine.com/	1970-01-19 17:06:23	Name: _gid Value: GA1.2.719015590.1616696684
.scmagazine.com/	1970-01-19 17:04:56	Name: _gat_UA-1290429-10 Value: 1
.scmagazine.com/	1970-01-20 10:36:08	Name: _ga Value: GA1.2.1803363419.1616696684
.scmagazine.com/	1970-01-19 17:48:08	Name: __cfduid Value: de77ee0f3ee78d2f2a6025a69bef067131616696683
www.scmagazine.com/	1969-12-31 23:59:59	Name: dpm_url_count Value: 1
www.scmagazine.com/briefs/bogus-android-clubhouse-app-drops-credential-swiping-malware	1969-12-31 23:59:59	Name: hasLiveRampMatch Value: true

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.scmagazine.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://c.lytics.io/api/tag//lio.js(Line 1) Message: Missing required params.
console-api	log	URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js(Line 46) Message: olytics fire called
console-api	log	URL: https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1614249820(Line 1) Message: [ABD] start beginTest
console-api	log	URL: https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1614249820(Line 1) Message: [ABD] adding bait node to DOM
console-api	log	URL: https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1614249820(Line 1) Message: [ABD] start beginTest
console-api	log	URL: https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1614249820(Line 1) Message: [ABD] adding bait node to DOM
console-api	log	URL: https://www.scmagazine.com/wp-content/themes/haymarket/dist/js/iab.min.js?ver=1614249820(Line 1) Message: [ABD] exiting test loop - value: false

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15bc07d6ae308859f18b13a34fe71c4a.safeframe.googlesyndication.com
a.dpmsrv.com
adservice.google.com
adservice.google.de
api-52-10-46-90.b2c.com
api.b2c.com
c.lytics.io
cm.g.doubleclick.net
cra.omeclk.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
idsync.rlcdn.com
in.ml314.com
insight.adsrvr.org
js.adsrvr.org
ml314.com
olytics.omeda.com
oqs.omeda.com
pagead2.googlesyndication.com
px.ads.linkedin.com
s.dpmsrv.com
s3.amazonaws.com
script.crazyegg.com
securepubads.g.doubleclick.net
snap.licdn.com
stats.g.doubleclick.net
tpc.googlesyndication.com
v4-api-52-10-46-90.b2c.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.scmagazine.com
13.226.146.155
13.226.159.66
142.250.185.130
142.250.185.226
185.33.221.52
204.180.130.159
204.180.130.165
205.162.42.171
2606:4700:20::681a:216
2606:4700:20::ac43:44ea
2606:4700::6813:9408
2606:4700:e4::ac40:a417
2620:119:50e1:101::6cae:b25
2a00:1450:4001:802::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:400c:c00::9d
2a02:26f0:7100:18c::25ea
3.214.0.136
3.229.100.58
35.244.174.68
52.10.46.90
52.18.215.87
52.208.188.183
52.217.50.30
01b14536c00a6ed83d9131542f43205d26a2991623b670bb74d76cf27e418592
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
044b9eb888146c31d6e1be89fabd833c352d1f10f98bf15bfcd7d76699317aaf
0afd4d6b0313d25f689ed18a3ead599ce543f82035f33dda56ca529a0d7981f6
0ccbfc1b382f564f55d62e74b96d2ba307e20a9e24ec81a4b312facf0115ebf3
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1a9bcb1cc2cb1d0cf031ef290b4df3594eb3e4486db13dfcf1f74c3e2a3e7460
20568af44ab9b900de7d9f4d286cb26181af272d5ca6d1bb0789ae5483003643
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
29778a6252b89c79ad8a313692c3f4b8ff5e300c463858732f28da488dd2cc05
2cd94986af2d2e1350f0278b2b0e74616a507f50b57ae2671d82528e1d0d7f07
3ab2acc5edb2198c0c0c25a5a4a470df2a048c69e982d11b4b96f22b21332fe2
3ad66c6587d4dce47c3a074ccaf109ac68b0ee1df514014664d8a010a02a224a
3cc4d52780a21eb51474c98c4693fd91cd8d2fc583e33a16dad087809f61cdc9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c33af80285d91a8e4208a1c273b2f0dc387726f992a06b02d597a73f7a7a18a
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
50a636a228743fa78971231862e7bfebccbd636268de6a34c61f3ca3777364d6
520b381a5ca7da96fac317cfeb9ed82e4f1bc835e8560b37b271462c31048ec8
59173f786dd1f3802f7ab26fd339aac4099dc10c6cb54a6a92213e6af277592a
592c3cccb05fe6dee17eb77f5acab4235ce8f1da28520b3e8ce012ce6854c399
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5e8095cad5b71456e02e88835892814dba44009f6403b5a84416db008e5d357f
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6557812bb342a14c23635e24733f11e5752f9807a85053be80b6fbd955a34ed9
68330f6767efe4ea90f23cb4bb722810d19758395bc24f59c7c893c0d4ae69ce
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7919d819ceb189db6991027833b6c50eb1c1c3ad61c3b6fe2b6ae1263fcb27d8
7da0e9b124405f1d1a7b97e8be52b87c446b1cc990b5610e7998ced38978621f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
865de4cfa5e42ddb0e0c3ddba2ced28a31786a76ed314a8d32d18d40aeff50d3
866e74600600f8647c979414828f3538d646101dc8504de84c2ed00e30460811
880e77d9ac0f0e73a45c0a9a60d15cd40366ce887c8a3e37d8cbb51747a398c4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8e1c678764d16a66f783dfd8bee93916cf2b055635cef0362bc0640b610df5b5
8f78cfd70561bfbb767311940126a4ccdfe36f1b955a5fd385df8617bca6417a
90a260084cfdf97ada7a8e0650eb310a4206d79f1b3a53225d2b9053cc9e4c13
9ece0dedc172c2dc1ecd1f1324c6f3e3cdd76a06e83688d0d85c5853374c4213
a4319d3c755ba162f9b1d5b7557ff75a4b92d4d90496e51e577753e7a3a5fbfd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f81c6b87bcaa445f7af0251f1a1a780324b2f25ba864852e0c016f7239982b
a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264
abb1dd7905b3797711e15609800d43cabead4c0358dc0030a1932a20e82a37d7
b34b5f8c62763df4b14ac8364ae7022cfc2389be4a115bfd5a2cb5506ce41b79
b357102afe720e8710d6bf2d0d06c5207b76f3dd39881bc34b5a7bc9db2d1936
b510adc7de1c652f886fa28731ea40e2b2b94606f80ae37d6c210ade3915c9b4
b5b3465fe21c461eddade8f637c5c3090fd99b31f216c215534a9a4d4135ec4a
b718959e57f4ad310cc47d5e2cbc65b72bee6dafb609409c2621740dcd6954e7
bc367e9f5c93b6eed0f23d6fb7b9df08cc13e4924c6774d6188c760622aca609
bde6c8f2d12960ffe22f3f0179ccefd3e565641c5bdcd54ad9d8f512c79c6d89
c0e1496a92d5756e5d4da2993d5bf9af1d22fdf9afef1a830b044f9bee4bbc0e
c0f894bf78f9ce19b782cf37bda57237f6b86384179aa718dc196c29cdfb2b78
c14a8290acb46be64049515cd5e3f390cfc0b024ed8315ec7e103bb31d0080b6
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c93e46aee76bd74ee44788a8191746b06cd28ac0d6c8217d7e457af33c629283
ca37bf1c015f6ec3fe5202b335909d309c3f599e98f29810c1fff90451fb1fda
cac02e231c61068da6a4e6c177f2ccd14a5360aa3509af3be992bfbbad0c127b
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cffef365e4b53f1a6e9d33a7d42c0d1542b573360f774069589240f75f0e84f1
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d17c5960d10953cc9057006480986d62c352bfd9fa78db9cf222307b414bc747
d85e6fa93a5310f5ab42fb0e4276d186a20c5dd39bf9a0b8ea49613f37776fe7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e705dfac9d3d11ae87071979b2bbb52db73d03fff6252c1b73ce5b3c7ebb6e9c
e828282e92509efc0f7bc57888382c5816bd403e0abbb685eda5c4372cc7daa5
eb5715d55cc019b082a09f7c21af37a0dbc58fbb1504642904dfd2a0efb308fc
ece5f25bbc643556099a200aa2df5c428d74048e55db71c1880afd1adcb425a9
ecf0ffde6e56a2c058421a0ca1a3446a00d047de48239cd168f7eb93a07a9269
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c4e5ffb84f98caaa33a1ccdfe81fe0a6d76c025cebf712fbcd3199e28f0031
f1d0b1a9de0c9552e3fa4072ae4007a3a98a1855fc2736dd46dacaf121441eed
f2554304acc687068f6dd84b750d742d1233e7ab21bf29837c68dfafc15dcc86
f8c3bc6b4612e018296f32dec014b0e8d4c8ef0c7ff449f26a28b641d3497da1
fa37452d89b7a0c41976af5d096a3717a37592fe27036938193e567bd738525a
fa7628aebcdb63eb0dc126fa57ffcb0ee507df4c2a851b0c176e347b3174fc6f
fb2822d278051ae981b2652bb06e8b3fe430ba1d5f803ae07c9a0580e6a7588c
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b
fd1d4467ce25ac23eb090a623e648c0b760890aa9b29e12cf6a7bb6fb2143385

www.scmagazine.com Open in urlscan Pro 2606:4700:20::ac43:44ea Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

125 Requests

100 %HTTPS

56 %IPv6

23 Domains

35 Subdomains

33 IPs

5 Countries

3092 kBTransfer

4970 kBSize

11 Cookies

17 Outgoing links

Page URL History

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.scmagazine.com Open in urlscan Pro
2606:4700:20::ac43:44ea Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

100 %
HTTPS

56 %
IPv6

23
Domains

35
Subdomains

33
IPs

5
Countries

3092 kB
Transfer

4970 kB
Size

11
Cookies

125 HTTP transactions
4 data transactions