www.newnettechnologies.com Open in urlscan Pro
2606:4700:3108::ac42:286a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
Submission: On December 26 via manual (December 26th 2021, 5:35:18 pm UTC) from US — Scanned from DE

Summary HTTP 136 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 34 IPs in 5 countries across 30 domains to perform 136 HTTP transactions. The main IP is 2606:4700:3108::ac42:286a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.newnettechnologies.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 12th 2021. Valid for: a year.

This is the only time www.newnettechnologies.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
49	2606:4700:310... 2606:4700:3108::ac42:286a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
8	104.111.233.140 104.111.233.140	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
3 5	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2 8	2600:9000:215... 2600:9000:2156:8000:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6811:d4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:215... 2600:9000:2156:d000:12:de4a:40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:83ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:73b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eecc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	34.253.133.188 34.253.133.188	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	20.62.48.180 20.62.48.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6810:5605	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:c9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
136	34

49 2606:4700:3108::ac42:286a (United States)

ASN13335 (CLOUDFLARENET, US)

www.newnettechnologies.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.111.233.140 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-140.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.91 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2156:8000:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:d000:12:de4a:40:93a1 (United States)

ASN16509 (AMAZON-02, US)

184731.tctm.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:83ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:73b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e9cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eecc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.133.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-133-188.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5605 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c9cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	newnettechnologies.com www.newnettechnologies.com	443 KB
9	adroll.com 2 redirects s.adroll.com d.adroll.com	77 KB
8	6sc.co j.6sc.co c.6sc.co b.6sc.co	14 KB
7	google.de www.google.de	1 KB
6	google-analytics.com www.google-analytics.com	57 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	205 KB
5	clarity.ms 1 redirects e.clarity.ms c.clarity.ms	24 KB
5	hubspot.com api.hubspot.com forms.hubspot.com track.hubspot.com	4 KB
5	googleadservices.com 3 redirects www.googleadservices.com	29 KB
5	google.com www.google.com	1 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	3 KB
4	tctm.co 184731.tctm.co	19 KB
4	bing.com 1 redirects bat.bing.com c.bing.com	12 KB
4	googletagmanager.com www.googletagmanager.com	207 KB
3	facebook.net connect.facebook.net	133 KB
3	googleapis.com fonts.googleapis.com	3 KB
2	facebook.com www.facebook.com	313 B
2	hsforms.com forms.hsforms.com	1013 B
1	licdn.com snap.licdn.com	2 KB
1	hubapi.com api.hubapi.com	993 B
1	usemessages.com js.usemessages.com	21 KB
1	hsleadflows.net js.hsleadflows.net	87 KB
1	hs-banner.com js.hs-banner.com	16 KB
1	hsadspixel.net js.hsadspixel.net	3 KB
1	hs-analytics.net js.hs-analytics.net	20 KB
1	hscollectedforms.net js.hscollectedforms.net	26 KB
1	zoominfo.com ws.zoominfo.com	477 B
1	hs-scripts.com js.hs-scripts.com	1 KB
1	adnxs.com secure.adnxs.com	704 B
136	30

	Domain	Requested by
49	www.newnettechnologies.com	www.newnettechnologies.com
8	s.adroll.com	2 redirects www.googletagmanager.com www.newnettechnologies.com s.adroll.com
7	www.google.de	www.newnettechnologies.com
6	b.6sc.co	www.newnettechnologies.com
6	www.google-analytics.com	www.newnettechnologies.com www.google-analytics.com www.googletagmanager.com
5	www.googleadservices.com	3 redirects www.googletagmanager.com
5	www.google.com	www.newnettechnologies.com
4	184731.tctm.co	www.googletagmanager.com 184731.tctm.co
4	www.googletagmanager.com	www.newnettechnologies.com www.googletagmanager.com js.hsadspixel.net
3	connect.facebook.net	js.hsadspixel.net connect.facebook.net
3	e.clarity.ms	bat.bing.com e.clarity.ms
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.newnettechnologies.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.gstatic.com	www.google.com www.googletagmanager.com www.gstatic.com
3	fonts.googleapis.com	www.newnettechnologies.com
2	www.facebook.com
2	px.ads.linkedin.com	2 redirects
2	forms.hsforms.com	www.newnettechnologies.com
2	c.clarity.ms	1 redirects www.newnettechnologies.com
2	forms.hubspot.com	js.hscollectedforms.net js.hsleadflows.net
2	api.hubspot.com	js.usemessages.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	stats.g.doubleclick.net	www.google-analytics.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	snap.licdn.com	js.hsadspixel.net
1	api.hubapi.com	js.hsadspixel.net
1	track.hubspot.com
1	c.bing.com	1 redirects
1	d.adroll.com	s.adroll.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	ws.zoominfo.com	www.newnettechnologies.com
1	js.hs-scripts.com	www.googletagmanager.com
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	j.6sc.co	www.newnettechnologies.com
136	41

This site contains links to these domains. Also see Links.

Domain
partners.nntws.com
resources.newnettechnologies.com
www.infosecurity-magazine.com
www.linkedin.com
twitter.com
www.facebook.com
blog.newnettechnologies.com
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-12` - `2022-07-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.6sc.co DigiCert SHA2 Secure Server CA	`2021-03-09` - `2022-03-16`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.tctm.co Amazon	`2021-10-09` - `2022-11-06`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
Frame ID: 222BAE3B917807286C0323476EFCA7FC
Requests: 133 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 70048B49D37F44790E91DE33FB706699
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Researchers Discover a Dozen US Web Servers Hosting 10 Malware Families

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

MooTools (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mootools.*\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

136
Requests

95 %
HTTPS

80 %
IPv6

30
Domains

41
Subdomains

34
IPs

5
Countries

1410 kB
Transfer

4251 kB
Size

41
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://partners.nntws.com/Log-yourself-in.html?__hstc=108489117.b9981f1d6daefc883ccaa02a4972cf1b.1640540115666.1640540115666.1640540115666.1&__hssc=108489117.1.1640540115666&__hsfp=1433769858
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://resources.newnettechnologies.com/risk-based_security_guide
Title: Risk-Based Security Guide

Search URL Search Domain Scan URL

URL: https://resources.newnettechnologies.com/secureops-ebook
Title: SecureOps™ eBook

Search URL Search Domain Scan URL

URL: https://resources.newnettechnologies.com/fim-buyers-guide
Title: File Integrity Monitoring

Search URL Search Domain Scan URL

URL: https://resources.newnettechnologies.com/vm-buyers-guide
Title: Vulnerability Management

Search URL Search Domain Scan URL

URL: https://resources.newnettechnologies.com/watch-demo-on-demand
Title: On-Demand Demo

Search URL Search Domain Scan URL

URL: https://www.infosecurity-magazine.com/news/us-web-servers-hosted-10-malware-1/
Title: Bromium

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/2231736

Search URL Search Domain Scan URL

URL: https://twitter.com/NNT_SecureOps

Search URL Search Domain Scan URL

URL: https://www.facebook.com/newnettechnologies

Search URL Search Domain Scan URL

URL: https://blog.newnettechnologies.com/blog/rss.xml

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/NewNetTechnologies

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://s.adroll.com/j/exp/ND3PZ7ZIHFBTVIAD4NHCK6/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 76

https://s.adroll.com/j/pre/ND3PZ7ZIHFBTVIAD4NHCK6/FL256QDDV5CGVLZEVJ2HZR/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 83

https://www.googleadservices.com/pagead/conversion/1035879423/wcm?cc=ZZ&dn=02039174995&cl=Qj2QCIWynKICEP-H-e0D&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=02039174995&cl=Qj2QCIWynKICEP-H-e0D

Request Chain 100

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=1FEB91A4AE6E496AB006D2F630437255&RedC=c.clarity.ms&MXFR=20DA977E707D6D8C127E8667747D638B HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=1FEB91A4AE6E496AB006D2F630437255&MUID=1DA62D6ADEFC60E41DA73C73DF9761F4

Request Chain 105

https://www.googleadservices.com/pagead/conversion/1035879423/wcm?cc=ZZ&dn=8448988381&cl=w5u2COfOwKICEP-H-e0D&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8448988381&cl=w5u2COfOwKICEP-H-e0D

Request Chain 107

https://www.googleadservices.com/pagead/conversion/1035879423/wcm?cc=ZZ&dn=8448988358&cl=dwW8CKajwaICEP-H-e0D&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8448988358&cl=dwW8CKajwaICEP-H-e0D

Request Chain 123

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=28054&time=1640540116148&url=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D28054%26time%3D1640540116148%26url%3Dhttps%253A%252F%252Fwww.newnettechnologies.com%252Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=28054&time=1640540116148&url=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=28054&time=1640540116148&url=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&liSync=true&e_ipv6=AQKcIgQp2GAfKAAAAX33z5XyPLzd2L8yKFuYdNQrsvgq0iydQZQdJvmtk8UlGhpnRdxzkIDC

136 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html Show response
www.newnettechnologies.com/ 63 KB
16 KB 613ms
576ms Document
text/html 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bfb3419ba6a816ce8fda9ac306789ffb32cca76a84f713af79a620041a01ff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 26 Dec 2021 17:35:12 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
permissions-policy: interest-cohort=()
vary: Accept-Encoding
expires: Wed, 17 Aug 2005 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-content-type-options: nosniff
last-modified: Sun, 26 Dec 2021 17:35:12 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c3c1075ca862484-FRA
content-encoding: gzip

GET
H2 200 template.css
www.newnettechnologies.com/templates/nntws6/css/ 79 KB
17 KB 28ms
26ms Stylesheet
text/css 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/templates/nntws6/css/template.css

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6261d267224f8c78155639c4d7b45194839e19d6533a3d5348146c4793f82ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 275443
content-length: 17654
last-modified: Wed, 16 Jun 2021 13:22:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "13b61-5c4e1fbf4feb3-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6c3c107988612484-FRA
expires: Thu, 30 Dec 2021 13:04:29 GMT

GET
H2 200 kunena.css
www.newnettechnologies.com/templates/nntws6/css/ 355 B
361 B 27ms
25ms Stylesheet
text/css 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/templates/nntws6/css/kunena.css

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46d4feae86be7a9a23ab96dfda823a3c639adf258363ec24e2c5970a546282db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273301
content-length: 224
last-modified: Thu, 14 May 2020 12:22:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "163-5a59abeff86bd-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6c3c107988652484-FRA
expires: Thu, 30 Dec 2021 13:40:11 GMT

GET
H2 200 styles.css
www.newnettechnologies.com/media/plg_engagebox_yesno/css/ 664 B
484 B 20ms
18ms Stylesheet
text/css 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/media/plg_engagebox_yesno/css/styles.css?b2917ecf0309f15626e651458437006c

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36bb5bd502c8e89465eb96f9b21d0275da6471e8d23a5eed4c5b246464efba18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 488105
content-length: 318
last-modified: Thu, 16 Dec 2021 10:19:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "298-5d340c17457ca-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6c3c107988672484-FRA
expires: Tue, 28 Dec 2021 02:00:07 GMT

GET
H2 200 engagebox.css
www.newnettechnologies.com/media/com_rstbox/css/ 8 KB
2 KB 34ms
32ms Stylesheet
text/css 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/media/com_rstbox/css/engagebox.css?b2917ecf0309f15626e651458437006c

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02ea15154c632ed53555607cf5ab40809233c436c39a6a99597fa0872d7184e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 279191
content-length: 2091
last-modified: Thu, 16 Dec 2021 10:19:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "1f57-5d340c16e8395-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6c3c107988682484-FRA
expires: Thu, 30 Dec 2021 11:13:33 GMT

GET
H2 200 rokbox.css
www.newnettechnologies.com/plugins/system/rokbox/assets/styles/ 31 KB
9 KB 35ms
33ms Stylesheet
text/css 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/plugins/system/rokbox/assets/styles/rokbox.css

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6898b8832e80f974a2e05c02d20ee37bfe0f6d5789af07188f5610021d639512

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 273301
content-length: 9439
last-modified: Thu, 22 Apr 2021 08:46:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "7a07-5c08bb68a935c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6c3c1079886a2484-FRA
expires: Mon, 27 Dec 2021 22:12:00 GMT

GET
H2 200 jquery.min.js Show response
www.newnettechnologies.com/templates/nntws6/js/jui/ 87 KB
30 KB 21ms
19ms Script
application/javascript 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/templates/nntws6/js/jui/jquery.min.js?b2917ecf0309f15626e651458437006c

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 670
content-length: 30905
last-modified: Wed, 10 Nov 2021 14:19:53 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "15d9d-5d06feb6aed95-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=216000
accept-ranges: bytes
cf-ray: 6c3c1079886b2484-FRA
expires: Wed, 29 Dec 2021 00:58:39 GMT

GET
H2 200 jquery-noconflict.js Show response
www.newnettechnologies.com/media/jui/js/ 21 B
161 B 22ms
22ms Script
application/javascript 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/media/jui/js/jquery-noconflict.js?b2917ecf0309f15626e651458437006c

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 673
content-length: 21
last-modified: Sat, 11 Dec 2021 16:06:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "15-5d2e10477fc00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=216000
accept-ranges: bytes
cf-ray: 6c3c107a9a0f2484-FRA
expires: Wed, 29 Dec 2021 00:59:31 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.newnettechnologies.com/media/jui/js/ 10 KB
4 KB 32ms
26ms Script
application/javascript 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/media/jui/js/jquery-migrate.min.js?b2917ecf0309f15626e651458437006c

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 667
content-length: 4014
last-modified: Sat, 11 Dec 2021 16:06:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "2748-5d2e10477fc00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=216000
accept-ranges: bytes
cf-ray: 6c3c107aba3b2484-FRA
expires: Wed, 29 Dec 2021 05:24:06 GMT

GET
H2 200 caption.js Show response
www.newnettechnologies.com/media/system/js/ 491 B
491 B 160ms
153ms Script
application/javascript 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/media/system/js/caption.js?b2917ecf0309f15626e651458437006c

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-length: 336
last-modified: Sat, 11 Dec 2021 16:06:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "1eb-5d2e10477fc00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=216000
accept-ranges: bytes
cf-ray: 6c3c107aca422484-FRA
expires: Wed, 29 Dec 2021 01:30:30 GMT

GET
H2 200 bootstrap.min.js Show response
www.newnettechnologies.com/media/jui/js/ 28 KB
8 KB 29ms
22ms Script
application/javascript 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/media/jui/js/bootstrap.min.js?b2917ecf0309f15626e651458437006c

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b240d68de7c3795c87771f510527c201d7d67f0e065d973b16bf86855932f9a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 671
content-length: 7747
last-modified: Sat, 11 Dec 2021 16:06:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "71c6-5d2e10477fc00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=216000
accept-ranges: bytes
cf-ray: 6c3c107aca432484-FRA
expires: Wed, 29 Dec 2021 02:25:27 GMT

GET
H2 200 core.js Show response
www.newnettechnologies.com/media/system/js/ 9 KB
3 KB 26ms
19ms Script
application/javascript 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/media/system/js/core.js?b2917ecf0309f15626e651458437006c

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98333312a99b4c67911a1c1d4bddda30653715ffa23ea460fe385fa1987b39ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 671
content-length: 3363
last-modified: Sat, 11 Dec 2021 16:06:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "221f-5d2e10477fc00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=216000
accept-ranges: bytes
cf-ray: 6c3c107aca442484-FRA
expires: Wed, 29 Dec 2021 05:24:02 GMT

GET
H2 200 velocity.js Show response
www.newnettechnologies.com/media/com_rstbox/js/vendor/ 44 KB
16 KB 23ms
21ms Script
application/javascript 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/media/com_rstbox/js/vendor/velocity.js?b2917ecf0309f15626e651458437006c

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0186771b8b87d7f34270eca4da53132d85efb3bbd0af41ce44e1bf8c3fe26d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 675
content-length: 16028
last-modified: Thu, 16 Dec 2021 10:19:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "af09-5d340c16e877d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=216000
accept-ranges: bytes
cf-ray: 6c3c1079886c2484-FRA
expires: Wed, 29 Dec 2021 05:23:57 GMT

GET
H2 200 velocity.ui.js Show response
www.newnettechnologies.com/media/com_rstbox/js/vendor/ 13 KB
3 KB 25ms
24ms Script
application/javascript 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/media/com_rstbox/js/vendor/velocity.ui.js?b2917ecf0309f15626e651458437006c

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc827b0bcda55f06aa076663b3fd1a9d37501493487d98f3eca1a4acd89a613b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 674
content-length: 3025
last-modified: Thu, 16 Dec 2021 10:19:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "34f6-5d340c16e877d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=216000
accept-ranges: bytes
cf-ray: 6c3c1079886e2484-FRA
expires: Wed, 29 Dec 2021 00:58:38 GMT

GET
H2 200 engagebox.js Show response
www.newnettechnologies.com/media/com_rstbox/js/ 16 KB
5 KB 33ms
31ms Script
application/javascript 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/media/com_rstbox/js/engagebox.js?b2917ecf0309f15626e651458437006c

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6778c5b0906b79eb301d88f7013ee762c39efb82a543a21830727425dc8f5160

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 675
content-length: 5163
last-modified: Thu, 16 Dec 2021 10:19:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "3fc7-5d340c16e877d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=216000
accept-ranges: bytes
cf-ray: 6c3c107988712484-FRA
expires: Wed, 29 Dec 2021 05:23:57 GMT

GET
H2 200 gatracker.js Show response
www.newnettechnologies.com/media/com_rstbox/js/ 1 KB
689 B 32ms
31ms Script
application/javascript 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/media/com_rstbox/js/gatracker.js?b2917ecf0309f15626e651458437006c

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea8ac72840309202e9dd7c4f6061d6020f5d95f2976e6523e5c45513678442a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 672
content-length: 576
last-modified: Thu, 16 Dec 2021 10:19:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "444-5d340c16e877d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=216000
accept-ranges: bytes
cf-ray: 6c3c107988722484-FRA
expires: Wed, 29 Dec 2021 03:04:23 GMT

GET
H2 200 animations.js Show response
www.newnettechnologies.com/media/com_rstbox/js/ 1 KB
360 B 27ms
26ms Script
application/javascript 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/media/com_rstbox/js/animations.js?b2917ecf0309f15626e651458437006c

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9967a56cf9e4320cde6e0cda8b50a7c0f742925e6bea67f137ead58bc18c0816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 52249
content-length: 246
last-modified: Thu, 16 Dec 2021 10:19:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "408-5d340c16e8b65-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=216000
accept-ranges: bytes
cf-ray: 6c3c1079987a2484-FRA
expires: Tue, 28 Dec 2021 15:04:23 GMT

GET
H2 200 pageslide_mode.js Show response
www.newnettechnologies.com/media/com_rstbox/js/ 757 B
578 B 39ms
38ms Script
application/javascript 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/media/com_rstbox/js/pageslide_mode.js?b2917ecf0309f15626e651458437006c

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e2d252ddd5acf877eb962852fd4c5a55cd9e59e739463d610aada9e181db1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 674
content-length: 426
last-modified: Thu, 16 Dec 2021 10:19:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "2f5-5d340c16e8b65-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=216000
accept-ranges: bytes
cf-ray: 6c3c1079987b2484-FRA
expires: Wed, 29 Dec 2021 00:58:44 GMT

GET
H2 200 mootools-core.js Show response
www.newnettechnologies.com/media/system/js/ 82 KB
26 KB 25ms
18ms Script
application/javascript 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/media/system/js/mootools-core.js?b2917ecf0309f15626e651458437006c

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0fc8a4f81d13b1f3bc1843a6f2d43f46e5c9128837096b8d53f2360b8daec18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 671
content-length: 26915
last-modified: Sat, 11 Dec 2021 16:06:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "147b5-5d2e10477fc00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=216000
accept-ranges: bytes
cf-ray: 6c3c107aca452484-FRA
expires: Wed, 29 Dec 2021 05:24:02 GMT

GET
H2 200 mootools-more.js Show response
www.newnettechnologies.com/media/system/js/ 231 KB
66 KB 30ms
23ms Script
application/javascript 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/media/system/js/mootools-more.js?b2917ecf0309f15626e651458437006c

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9db43e4a687084df93038c3d02cc4c149dff1210727059b82a7aac112a486eda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 11 Dec 2021 16:06:08 GMT
server: cloudflare
age: 671
etag: "39d19-5d2e10477fc00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript
cache-control: max-age=216000
cf-ray: 6c3c107aca482484-FRA
vary: Accept-Encoding
expires: Wed, 29 Dec 2021 05:24:02 GMT

GET
H2 200 rokbox.js Show response
www.newnettechnologies.com/plugins/system/rokbox/assets/js/ 104 KB
22 KB 29ms
23ms Script
application/javascript 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/plugins/system/rokbox/assets/js/rokbox.js

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

528e28a73a593821d0ffdee4be48e4133d0119790c9177cc5999af592e8d1849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 67910
content-length: 22332
last-modified: Thu, 22 Apr 2021 08:46:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "19f82-5c08bb68a935c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=216000
accept-ranges: bytes
cf-ray: 6c3c107aca4b2484-FRA
expires: Tue, 28 Dec 2021 10:43:23 GMT

GET
H2 200 font-awesome.min.css
www.newnettechnologies.com/templates/nntws6/css/ 26 KB
6 KB 39ms
38ms Stylesheet
text/css 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/templates/nntws6/css/font-awesome.min.css

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

768686e989a8f39ac9cf934d0c967d218feef8319e8cd4b73ad5dc38631a2451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 488105
content-length: 6086
last-modified: Wed, 11 Jan 2017 14:45:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "685b-545d2a8067f00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6c3c107998782484-FRA
expires: Tue, 28 Dec 2021 01:41:21 GMT

GET
H2 200 funcs.js Show response
www.newnettechnologies.com/templates/nntws6/js/ 865 B
532 B 28ms
22ms Script
application/javascript 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/templates/nntws6/js/funcs.js

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3474d186f21685bde10c922a18678e63117c845c09e51a0e7aaa6a613938f028

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 62544
content-length: 395
last-modified: Mon, 29 Mar 2021 12:08:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "361-5beabbe58b306-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=216000
accept-ranges: bytes
cf-ray: 6c3c107aca4d2484-FRA
expires: Mon, 27 Dec 2021 19:59:27 GMT

GET
H2 200 placeholders.min.js Show response
www.newnettechnologies.com/templates/nntws6/js/ 5 KB
2 KB 55ms
49ms Script
application/javascript 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/templates/nntws6/js/placeholders.min.js

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c141f368da1152af24808794c501b65be66f1550e1b0b2f6c10578fb945eaf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 67910
content-length: 2243
last-modified: Wed, 26 Oct 2016 09:48:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "13d7-53fc1864d3c80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=216000
accept-ranges: bytes
cf-ray: 6c3c107aca4e2484-FRA
expires: Tue, 28 Dec 2021 10:43:23 GMT

GET
H2 200 viewportchecker.js Show response
www.newnettechnologies.com/templates/nntws6/js/ 3 KB
1 KB 37ms
31ms Script
application/javascript 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/templates/nntws6/js/viewportchecker.js

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dd860681031ceb561ca1762ee9be76289cddaf265a640894ca6a1dd029eb6ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 67910
content-length: 1094
last-modified: Wed, 26 Oct 2016 09:48:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "a11-53fc1864d3c80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=216000
accept-ranges: bytes
cf-ray: 6c3c107aca502484-FRA
expires: Tue, 28 Dec 2021 10:43:23 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
970 B 133ms
46ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f5844d119b0d7d2d0f427bb92c5e16959b51f66509c63bf2f44a4795d7886537

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 557
x-xss-protection: 1; mode=block
expires: Sun, 26 Dec 2021 17:35:12 GMT

GET
H2 200 menu-search-icon-blue.png
www.newnettechnologies.com/images/ 1 KB
1 KB 35ms
29ms Image
image/png 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newnettechnologies.com/images/menu-search-icon-blue.png

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

464a4e5c4794d9020741304ff186b106564b9896f5141a6e6ec6723c2d4e3eba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 339827
content-length: 1177
last-modified: Fri, 08 May 2020 15:13:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "499-5a52470f63420"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c3c107aca532484-FRA
expires: Sun, 16 Jan 2022 02:01:03 GMT

GET
H2 200 searchButton.gif
www.newnettechnologies.com/templates/nntws6/images/ 118 B
292 B 30ms
24ms Image
image/gif 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newnettechnologies.com/templates/nntws6/images/searchButton.gif

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45d35cc7f485b88e01eb320e19e1a65ff743e27e5f77cc937ac3d4440ee84880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 339036
content-length: 118
last-modified: Wed, 05 Sep 2018 15:14:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "76-575213c719300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c3c107aca562484-FRA
expires: Fri, 14 Jan 2022 22:44:41 GMT

GET
H2 200 NNT-STSI.svg
www.newnettechnologies.com/images/ 25 KB
7 KB 2581ms
2575ms Image
image/svg+xml 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newnettechnologies.com/images/NNT-STSI.svg

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cacaef3d50368b717e9bd63cdc3d3a4d8f0acd1cfabfdd29b58e53c92d0dbd8

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 16 Jun 2021 11:54:17 GMT
server: cloudflare
etag: W/"64b2-5c4e0c012214f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=14400
content-security-policy: script-src 'none'
cf-ray: 6c3c107aca592484-FRA
vary: Accept-Encoding
expires: Sun, 26 Dec 2021 17:35:16 GMT

GET
H2 200 blackarrow.png
www.newnettechnologies.com/images/ 217 B
459 B 30ms
25ms Image
image/png 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newnettechnologies.com/images/blackarrow.png

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5caac14d28fb07c9eb867076a593e1ba39ae47f6bed7b062a4b707c39d494b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2454164
content-length: 217
last-modified: Wed, 23 Aug 2017 12:30:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "d9-5576ae1808740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c3c107aca5c2484-FRA
expires: Tue, 28 Dec 2021 07:52:29 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 225 KB
69 KB 173ms
76ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MK34R7

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e19b6543dafa46e93ef5db92de5ab0b21ac040765819372f83db46d2e1288e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69933
x-xss-protection: 0
last-modified: Sun, 26 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Dec 2021 17:35:13 GMT

GET
H2 200 arrow.png
www.newnettechnologies.com/media/system/images/ 107 B
349 B 36ms
31ms Image
image/png 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newnettechnologies.com/media/system/images/arrow.png

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f52c94170d531a2e706e6eba721d81bffc13847e1873592f729ff49acf58d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 294245
content-length: 107
last-modified: Thu, 21 Oct 2021 07:46:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "6b-5ced818ed0e80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c3c107aca5e2484-FRA
expires: Sun, 02 Jan 2022 00:46:34 GMT

GET
H2 200 nnt-logo-change-tracker-2019.png
www.newnettechnologies.com/images/ 20 KB
20 KB 30ms
25ms Image
image/png 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newnettechnologies.com/images/nnt-logo-change-tracker-2019.png

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c11bae857e56d916caee2557840e641cfba752c26acf9feb03855adb402e574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 583214
content-length: 20707
last-modified: Thu, 23 May 2019 11:15:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "50e3-5898c32026dc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c3c107aca612484-FRA
expires: Tue, 18 Jan 2022 02:29:11 GMT

GET
H2 200 cloudsecurity728x90.jpg
www.newnettechnologies.com/images/banners/ 23 KB
23 KB 35ms
30ms Image
image/jpeg 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newnettechnologies.com/images/banners/cloudsecurity728x90.jpg

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b10bd3692a5376e6a9aa6050ae8b8982f402a255c2e51f23a80a13648046e63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 339038
cf-bgj: h2pri
content-length: 23215
last-modified: Thu, 10 Dec 2020 16:47:53 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5aaf-5b61eefdd6cc8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c3c107aca622484-FRA
expires: Sun, 16 Jan 2022 01:51:13 GMT

GET
H2 200 hp-ctgen7.png
www.newnettechnologies.com/images/ 11 KB
11 KB 54ms
48ms Image
image/png 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newnettechnologies.com/images/hp-ctgen7.png

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1625b50b591a7f441df3c6c1843247c4ed055a145e85e6744d51150324cd7fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2454164
content-length: 11181
last-modified: Fri, 08 May 2020 10:19:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "2bad-5a52055ddc1cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c3c107aca632484-FRA
expires: Tue, 28 Dec 2021 07:52:29 GMT

GET
H2 200 hp-fast.png
www.newnettechnologies.com/images/ 5 KB
5 KB 50ms
45ms Image
image/png 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newnettechnologies.com/images/hp-fast.png

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce082aa5568d15c7448b3a909fa44cbef28c4b42a7e7a0f5a68bc88f53281bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 287059
content-length: 5187
last-modified: Fri, 08 May 2020 10:19:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1443-5a52055cd181f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c3c107aca642484-FRA
expires: Sat, 15 Jan 2022 17:51:47 GMT

GET
H2 200 hp-vulntracker.png
www.newnettechnologies.com/images/ 8 KB
8 KB 50ms
45ms Image
image/png 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newnettechnologies.com/images/hp-vulntracker.png

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10a287b0fd4c51976ab2463545de3ecdcbd6f7be6ef2fcd3ad5ef7f94cc1e6c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 894385
content-length: 8038
last-modified: Fri, 08 May 2020 10:19:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "1f66-5a52055bded42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c3c107aca662484-FRA
expires: Sat, 15 Jan 2022 09:08:48 GMT

GET
H2 200 hp-logtracker.png
www.newnettechnologies.com/images/ 7 KB
7 KB 31ms
27ms Image
image/png 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newnettechnologies.com/images/hp-logtracker.png

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df3e683d4500e30056a08d6f15450d383d6ca71800aa52753e9b2581ba08325a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1844978
content-length: 7466
last-modified: Fri, 08 May 2020 10:19:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1d2a-5a52055c6e62a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c3c107aca6a2484-FRA
expires: Tue, 04 Jan 2022 09:05:35 GMT

GET
H2 200 email-decode.min.js Show response
www.newnettechnologies.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
837 B 10ms
10ms Script
application/javascript 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 Dec 2021 18:59:20 GMT
server: cloudflare
etag: W/"61c0d288-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6c3c107a9a0a2484-FRA
vary: Accept-Encoding
expires: Tue, 28 Dec 2021 17:35:13 GMT

GET
H2 200 scmagazine-small.jpg
www.newnettechnologies.com/images/ 3 KB
3 KB 36ms
32ms Image
image/jpeg 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newnettechnologies.com/images/scmagazine-small.jpg

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdac82db6cffdc6caaa7fabb7fa1a2f6727c1c096db54fc3c24e2ff771a4a7fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 339038
cf-bgj: h2pri
content-length: 2849
last-modified: Wed, 04 Mar 2015 14:04:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "b21-51076ef264000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c3c107aca6b2484-FRA
expires: Fri, 21 Jan 2022 19:24:35 GMT

GET
H2 200 foot-cs500.png
www.newnettechnologies.com/images/ 11 KB
11 KB 31ms
26ms Image
image/png 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newnettechnologies.com/images/foot-cs500.png

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

624a410072660f5bb55d77831e2df6a68794818d0273828224ba37b9af4bd777

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 471732
content-length: 11306
last-modified: Wed, 20 Sep 2017 14:06:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "2c2a-5599f7cfa3dc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c3c107aca6d2484-FRA
expires: Mon, 27 Dec 2021 02:02:06 GMT

GET
H2 200 CSGEA-award.jpg
www.newnettechnologies.com/images/ 3 KB
3 KB 30ms
26ms Image
image/jpeg 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newnettechnologies.com/images/CSGEA-award.jpg

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

068428f097b7cc370cad554f062c1f61edb11c78e0f2ef1c087ad25211d8fd25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 339038
cf-bgj: h2pri
content-length: 3152
last-modified: Mon, 15 Mar 2021 14:48:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "c50-5bd94592371a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c3c107aca6e2484-FRA
expires: Fri, 21 Jan 2022 19:24:35 GMT

GET
H2 200 foot-cis.png
www.newnettechnologies.com/images/ 3 KB
3 KB 33ms
28ms Image
image/png 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newnettechnologies.com/images/foot-cis.png

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a88e100255bc698001ad9127bbd912f465aa200781bafef1aa9d96b3eadd416e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 339037
content-length: 3015
last-modified: Wed, 01 Aug 2018 17:01:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "bc7-57262a4cfda40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c3c107aca702484-FRA
expires: Fri, 21 Jan 2022 19:24:36 GMT

GET
H2 200 foot-sewp.png
www.newnettechnologies.com/images/ 11 KB
11 KB 49ms
45ms Image
image/png 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newnettechnologies.com/images/foot-sewp.png

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eec5bb0180f43d2e0fd1b4c7b2fc9efb614c517822720dd11a137b4914fcd56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 471734
content-length: 11176
last-modified: Wed, 20 Sep 2017 14:06:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "2ba8-5599f7cfa3dc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c3c107aca712484-FRA
expires: Thu, 20 Jan 2022 06:32:59 GMT

GET
H2 200 foot-sans.png
www.newnettechnologies.com/images/ 10 KB
10 KB 36ms
32ms Image
image/png 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newnettechnologies.com/images/foot-sans.png

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bf240721d5141eebf5aeb4c8609071c56aedc4839cc2ebee753d925572c6fa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 339037
content-length: 10553
last-modified: Wed, 20 Sep 2017 14:06:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "2939-5599f7d098000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c3c107aca732484-FRA
expires: Sun, 16 Jan 2022 02:22:37 GMT

GET
H2 200 now-certified.png
www.newnettechnologies.com/images/ 7 KB
7 KB 49ms
46ms Image
image/png 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newnettechnologies.com/images/now-certified.png

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83555df5e4a958c6809a0d8ce2fc94a7604243085c23caf5d0209cdeb0e5d151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 339037
content-length: 6945
last-modified: Wed, 25 Apr 2018 10:18:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1b21-56aa9988dcb40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c3c107aca752484-FRA
expires: Sun, 16 Jan 2022 04:09:20 GMT

GET
H2 200 ibm-security.png
www.newnettechnologies.com/images/ 3 KB
3 KB 33ms
30ms Image
image/png 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newnettechnologies.com/images/ibm-security.png

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6b42f9e869ac78b9c818418b39d63b2b82cc590cc9a84e84ba6281a29621602

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2454159
content-length: 2656
last-modified: Fri, 27 Sep 2019 08:59:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "a60-59385193e4cc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c3c107aca772484-FRA
expires: Wed, 22 Dec 2021 20:20:53 GMT

GET
H2 200 nwicon.png
www.newnettechnologies.com/images/ 1 KB
1 KB 33ms
29ms Image
image/png 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newnettechnologies.com/images/nwicon.png

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f16c2c80ee2b89839d2d5d6182bb0a0496fd1e12d71535d152db4191af3e0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 339040
content-length: 1045
last-modified: Wed, 16 Jun 2021 11:23:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "415-5c4e0525c51e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c3c107aca792484-FRA
expires: Fri, 21 Jan 2022 06:06:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 133ms
45ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/templates/nntws6/css/template.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 26 Dec 2021 16:58:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 26 Dec 2021 17:35:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Dec 2021 17:35:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
984 B 134ms
46ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:light,regular,medium,thin,italic,mediumitalic,bold

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/templates/nntws6/css/template.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

396e25a016a862b4ac3791ef8293491db212e404e187b7c18661538777226957

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 26 Dec 2021 17:35:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 26 Dec 2021 17:35:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Dec 2021 17:35:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
633 B 133ms
46ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/templates/nntws6/css/template.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f51c09f7389cdc5cfdbd249cc66f95f51480041e42da46e5adf088e7bea9a686

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 26 Dec 2021 16:41:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 26 Dec 2021 17:35:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Dec 2021 17:35:13 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ 348 KB
137 KB 133ms
38ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newnettechnologies.com/
Origin: https://www.newnettechnologies.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 16:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139097
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Mon, 26 Dec 2022 16:29:22 GMT

GET
H/1.1 200
OK 6si.min.js Show response
j.6sc.co/ 27 KB
9 KB 59ms
7ms Script
application/javascript 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

2707e48726a3f7ec48a1d1aec9738f20b36bac1535cfa9de2e4d92310c4e7e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 17:35:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 8575
Pragma: no-cache
Last-Modified: Thu, 07 Oct 2021 17:17:43 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615f2bb7-6a5f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: private, no-cache, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Sun, 26 Dec 2021 17:35:13 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 125ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:light,regular,medium,thin,italic,mediumitalic,bold

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newnettechnologies.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 17:56:19 GMT
x-content-type-options: nosniff
age: 344334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 17:56:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 136ms
50ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:light,regular,medium,thin,italic,mediumitalic,bold

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newnettechnologies.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 186925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 24 Dec 2022 13:39:48 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 168ms
82ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.newnettechnologies.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 14:17:54 GMT
x-content-type-options: nosniff
age: 443839
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15720
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Dec 2022 14:17:54 GMT

GET
H2 200 fontawesome-webfont.woff2
www.newnettechnologies.com/templates/nntws6/fonts/ 63 KB
63 KB 204ms
204ms Font
font/woff2 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/templates/nntws6/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/templates/nntws6/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.newnettechnologies.com/templates/nntws6/css/font-awesome.min.css
Origin: https://www.newnettechnologies.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 14 Dec 2016 12:18:49 GMT
server: cloudflare
etag: "fbd0-5439d56d0bc40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6c3c107aca7b2484-FRA
vary: Accept-Encoding
content-length: 64464
expires: Sun, 26 Dec 2021 17:35:14 GMT

POST
H2 200 index.php Show response
www.newnettechnologies.com/ 64 B
263 B 490ms
487ms XHR
application/json 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/index.php?option=com_joomlatools&controller=scheduler

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbb05a2e05a86d75ee37367404b732611d8f43aa6ed72b13e6b8411d25762711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/json;charset=utf-8
cache-control: no-store, max-age=1
server-timing: tot;desc="Total";dur=234
cf-ray: 6c3c107b1ad32484-FRA
x-robots-tag: none
expires: Sun, 26 Dec 2021 17:35:14 GMT

POST
H2 200 index.php Show response
www.newnettechnologies.com/ 16 B
253 B 385ms
384ms XHR
text/html 2606:4700:3108::ac42:286a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newnettechnologies.com/index.php?option=com_ajax&plugin=rstbox&format=raw&task=trackevent&box=16&event=open

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/media/com_rstbox/js/engagebox.js?b2917ecf0309f15626e651458437006c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:286a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
X-CSRF-Token: 4432f428049768f329b784b4582621b3
X-Ajax-Engine: EngageBox
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: max-age=600
cf-ray: 6c3c107b5b4a2484-FRA
expires: Sun, 26 Dec 2021 17:45:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/media/com_rstbox/js/gatracker.js?b2917ecf0309f15626e651458437006c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 19
date: Sun, 26 Dec 2021 17:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 26 Dec 2021 19:34:54 GMT

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
704 B 54ms
25ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Dec 2021 17:35:13 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1e6b66db-bc61-4cf8-8873-06e0e0a41655
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.newnettechnologies.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
382 B 32ms
7ms XHR
text/plain 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0a7643b8ef6465f93798b12d0c8b558552ac3fcbf32d0cb7dc2f6e199ad23c96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 17:35:13 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.newnettechnologies.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 201ms
177ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=d333e3a24263728792aefde7a6e3e309&svisitor=36bb1002020f0000d1a7c8618400000040f41000&session=7cd55fee-3575-46d2-844a-a7e80a9039e7&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Sun%2C%2026%20Dec%202021%2017%3A35%3A13%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Security%20researchers%20at%20Bormium%20recently%20discovered%20over%20a%20dozen%20US-based%20servers%20being%20used%20to%20host%20and%20distribute%2010%20different%20strains%20on%20malware%20through%20large%20scale%20phishing%20campaigns.%20The%20servers%20under%20scrutiny%20are%20owned%20and%20operated%20by%20FranTech%20...%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Researchers%20Discover%20a%20Dozen%20US%20Web%20Servers%20Hosting%2010%20Malware%20Families%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&pageViewId=ad80d50e-c102-4155-8f0a-0016f1d0a071&an_uid=0

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 17:35:13 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
61 KB 72ms
71ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9KTSLNHLGH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK34R7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

876c4ca5bbb4e14fe0af2d06f89cd1a4cb4bab2925d0be979917c6ed36169a56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61867
x-xss-protection: 0
expires: Sun, 26 Dec 2021 17:35:13 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 149ms
57ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK34R7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 26 Dec 2021 17:35:13 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 45 KB
15 KB 70ms
10ms Script
text/javascript 2600:9000:2156:8000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK34R7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3f2ab52b3d6c9aa91f70abee6b043536572dbd61df0a4692fae2ea3fa370ae6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Amz-Version-Id: MWqkRO6_H6LFWMG7znvACDwpQU7EEcnz
Content-Encoding: gzip
Etag: W/"c74adc5a38d928e9ea66fc212e89e1a7"
Age: 2761
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
Last-Modified: Wed, 15 Dec 2021 16:55:15 GMT
Server: AmazonS3
Date: Sun, 26 Dec 2021 16:49:12 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: N4w6BgLUPNN4b3jTPnOwvkR3eDFMfrllbTKthFZdDL5IvIrvVyMJSQ==

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 53ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK34R7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:12 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9F79BF92CC4C41839049D93FA3104D48 Ref B: FRAEDGE1517 Ref C: 2021-12-26T17:35:13Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H3 200 loader.js Show response
www.gstatic.com/wcm/ 3 KB
1 KB 83ms
39ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK34R7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:15:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 26 Dec 2021 18:15:31 GMT

GET
H2 200 3981695.js Show response
js.hs-scripts.com/ 3 KB
1 KB 152ms
130ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/3981695.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK34R7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5110901726c3b633387b483f08ff6896a4afd6c867ac8da57388988c80a2383c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: cd10c63d-62fb-4417-a2ac-f46a055e0994
last-modified: Sun, 26 Dec 2021 14:38:03 GMT
server: cloudflare
x-trace: 2B687403D5C63748AE20DF6FB1B7F64BF998B29442000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.newnettechnologies.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 6c3c107caf09073e-FRA
expires: Sun, 26 Dec 2021 17:36:13 GMT

GET
H2 200 t.js Show response
184731.tctm.co/ 54 KB
19 KB 115ms
27ms Script
application/x-javascript 2600:9000:2156:d000:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://184731.tctm.co/t.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK34R7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d000:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: dc9c70be8f146daf8adc84c311d411946462fcc6721839b28fae4155679d3a72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: gzip
last-modified: Sun, 26 Dec 2021 17:35:13 GMT
server: ctm
x-amz-cf-pop: FRA50-C1
etag: W/61c8a7d10002d19b19ae258a-184731
x-cache: Miss from cloudfront
content-type: application/x-javascript
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-id: 9FRyrwyUa0Qsw5gdzOc4yknhFHUI2me7hL8HNCQrG1mksGi_m1kAKA==

GET
H2 200 cdYLhp3iKICQBCyx79r6 Show response
ws.zoominfo.com/pixel/ 0
477 B 247ms
219ms Script
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/cdYLhp3iKICQBCyx79r6

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6c3c107cbbcb4ea9-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
450 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8732654-1&cid=611037357.1640540113&jid=1831205439&gjid=871955018&_gid=124545949.1640540113&_u=KGBAgEADSAAAAE~&z=1014637253

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newnettechnologies.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 26 Dec 2021 17:35:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.newnettechnologies.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 94 KB
37 KB 65ms
64ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-T2R475R&t=gtm4&cid=611037357.1640540113

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b52203cba9f12c8a32c22d5c877d6f3a5528962217f58c84b32fdf394ced154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37435
x-xss-protection: 0
expires: Sun, 26 Dec 2021 17:35:13 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 39ms
39ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2079211185&t=event&_s=1&dl=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&ul=en-us&de=UTF-8&dt=Researchers%20Discover%20a%20Dozen%20US%20Web%20Servers%20Hosting%2010%20Malware%20Families&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=EngageBox&ea=open&el=Box%20%2316%20-%20Netwrix&_u=KGBAgEADS~&jid=1831205439&gjid=871955018&cid=611037357.1640540113&tid=UA-8732654-1&_gid=124545949.1640540113&z=1917323474

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 02:13:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55275
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4003107.js Show response
bat.bing.com/p/action/ 684 B
756 B 200ms
200ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/4003107.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: 03dc3f98b942da136aad98f26e24f42583da1139ef28589cca558ac2e4ddd2e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:35:12 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FF35AD936A7345EC890011D2BFE50718 Ref B: FRAEDGE1517 Ref C: 2021-12-26T17:35:13Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 587

GET
H2 204 0
bat.bing.com/action/ 0
151 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4003107&tm=gtm002&Ver=2&mid=877e7e62-f3ad-4c38-9f6d-934f5091bbe4&sid=2e82c3b0667211ecaf888f1fa3cefe14&vid=2e82b810667211ecbfcf319dc40239b2&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Researchers%20Discover%20a%20Dozen%20US%20Web%20Servers%20Hosting%2010%20Malware%20Families&p=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&r=&lt=874&evt=pageLoad&msclkid=N&sv=1&rn=314731
Requested by: Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:35:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 25BBD83F5EAC44FC9CF7B26A54B42DB9 Ref B: FRAEDGE1517 Ref C: 2021-12-26T17:35:13Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/ND3PZ7ZIHFBTVIAD4NHCK6/index.js
https://s.adroll.com/j/exp/index.js

28 B
762 B

15ms
10ms

Script
application/javascript

2600:9000:2156:8000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
Protocol: HTTP/1.1
Server: 2600:9000:2156:8000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Amz-Version-Id: VxC0v7SN4NsT_sJxZYoy27yA4ALlRfhC
Via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 91530
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Mon, 18 Oct 2021 21:07:54 GMT
Server: AmazonS3
Date: Sun, 26 Dec 2021 09:36:09 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: z2PvnfsT9Q-9wTLZaT9LPeaxjSU7T7XQ8mcCzZpzHoWfyLaj27v4TA==

Redirect headers

Date: Sat, 25 Dec 2021 20:17:46 GMT
Via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
Age: 76647
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: j7aZ11jCqRx7-49dRmgbN6A8isY1qVLwpO-hlRsTVv95--zRWg0X2w==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/ND3PZ7ZIHFBTVIAD4NHCK6/FL256QDDV5CGVLZEVJ2HZR/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
734 B

10ms
10ms

Script
application/javascript

2600:9000:2156:8000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
Protocol: HTTP/1.1
Server: 2600:9000:2156:8000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 170235
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Sat, 25 Dec 2021 18:22:50 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ZhU6WisB5EJFXBXAJFpkPrp8iCKF7h8qpS6GBrEhWYFy5ruz801olA==

Redirect headers

Date: Sat, 25 Dec 2021 21:51:13 GMT
Via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
Age: 71039
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: z4NeQg3WtKT_RVLcNtxogPqd0UtEfMX3KVok-XNiAZLCDYh-X_t5Vg==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/ND3PZ7ZIHFBTVIAD4NHCK6/FL256QDDV5CGVLZEVJ2HZR/ 4 KB
3 KB 620ms
604ms Script
text/javascript 2600:9000:2156:8000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/ND3PZ7ZIHFBTVIAD4NHCK6/FL256QDDV5CGVLZEVJ2HZR/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Amz-Version-Id: hWl7UZE1hJErurjYam_4p9_5rhp7yLSD
Content-Encoding: gzip
Etag: W/"33ed216ef4569e95a97e55fb39d91d38"
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: RefreshHit from cloudfront
Access-Control-Max-Age: 600
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Sat, 18 Dec 2021 22:17:11 GMT
Server: AmazonS3
Date: Sun, 26 Dec 2021 17:35:14 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Fb0zbsb8QTIHC4XP3kOsiLbLkK3aeULgCkgsuUFee_xXVR_26M9K9g==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 111ms
61ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8732654-1&cid=611037357.1640540113&jid=1831205439&_u=KGBAgEADSAAAAE~&z=477950760

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 152ms
63ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8732654-1&cid=611037357.1640540113&jid=1831205439&_u=KGBAgEADSAAAAE~&z=477950760

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 call-tracking_7.js Show response
www.gstatic.com/call-tracking/ 54 KB
21 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_7.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 04:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21020
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 22:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
vary: Accept-Encoding
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Dec 2022 04:13:49 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 46ms
46ms Ping
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-9KTSLNHLGH&gtm=2oec10&_p=2079211185&sr=1600x1200&ul=en-us&cid=611037357.1640540113&_s=1&dl=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&dt=Researchers%20Discover%20a%20Dozen%20US%20Web%20Servers%20Hosting%2010%20Malware%20Families&sid=1640540113&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9KTSLNHLGH&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newnettechnologies.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:35:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newnettechnologies.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 47ms
47ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2079211185&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&ul=en-us&de=UTF-8&dt=Researchers%20Discover%20a%20Dozen%20US%20Web%20Servers%20Hosting%2010%20Malware%20Families&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADSAAAAG~&jid=919984400&gjid=1382215533&cid=611037357.1640540113&tid=UA-8732654-1&_gid=124545949.1640540113&_r=1&gtm=2wgc10MK34R7&z=1816555346

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newnettechnologies.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newnettechnologies.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1035879423/wcm?cc=ZZ&dn=02039174995&cl=Qj2QCIWynKICEP-H-e0D&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=02039174995&cl=Qj2QCIWynKICEP-H-e0D

80 B
111 B

96ms
48ms

XHR
application/json

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=02039174995&cl=Qj2QCIWynKICEP-H-e0D

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: application/json; charset=UTF-8
access-control-allow-origin: null
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0

Redirect headers

timing-allow-origin: *
date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
server: cafe
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=02039174995&cl=Qj2QCIWynKICEP-H-e0D
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://www.newnettechnologies.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 82 KB
26 KB 66ms
35ms Script
application/javascript 2606:4700::6811:83ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3981695.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:83ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23d1cb06ace0ff3e399d3c53bb02c3a8c386cd97dc01081b376c34785c92e4f3

Request headers

Referer: https://www.newnettechnologies.com/
Origin: https://www.newnettechnologies.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
via: 1.1 040f8a2cdffe1cf7a35d28e06c3ed574.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 16708
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.260/bundles/project.js&cfRay=6c3a78953a6268f2-IAD
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6c3c107dad0f4ec7-FRA
last-modified: Tue, 07 Dec 2021 01:47:22 UTC
server: cloudflare
etag: W/"6a87c3fbb201ae0e1e27682863544b27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: MgiHycm2IQFcF7nscbJ1l6RorgU5R2aj
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: yhZ44t0FAhBztVrlyTjxXBPH8hu4w9h_lbyWkJ7zz1bliASh3q73CQ==
x-hs-target-asset: collected-forms-embed-js/static-1.260/bundles/project.js

GET
H2 200 3981695.js Show response
js.hs-analytics.net/analytics/1640540100000/ 62 KB
20 KB 171ms
142ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1640540100000/3981695.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3981695.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 246bc6f60c112423cc02cf05fe73cce7fd30c49cf3b3fbf1f93173236a0fc8c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 84254YBF4TM01H32
x-amz-server-side-encryption: AES256
cf-ray: 6c3c107dab2f691b-FRA
x-amz-id-2: 5E33R9cEjB06ysQdO1uKB4ZG6Rhd2TZy1p/5gu2ZYQ2C77+V9JrE8MzAu5CpZcVeXEcml5MOZq0=
last-modified: Wed, 10 Nov 2021 14:57:49 GMT
server: cloudflare
etag: W/"0ca93876994b4a8770ee18e34d737187"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Sun, 26 Dec 2021 17:40:13 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 47ms
20ms Script
application/javascript 2606:4700::6811:73b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3981695.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1462ee824fc3172a7c7fb70f6f2276fa6be8bcffaa9eea71ef529c94eb56124

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
via: 1.1 9349b115ae66d16aae68deb9bb5eebc2.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 525
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.260/bundles/pixels-release.js&cfRay=6c3c03a8f8d87028-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Tue, 21 Dec 2021 12:57:36 UTC
server: cloudflare
etag: W/"4810ba79843c6ef24b5495e240dece67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Boqywn5qgiRrIgfbl8XekFtn0W1ZcHLq
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 6c3c107dad485b98-FRA
x-amz-cf-id: 71y1mj2MuB2eUIf5QH-M8gLH0QgMVneAv0fwPJtOBbZCA6MduLNQbQ==
x-hs-target-asset: adsscriptloaderstatic/static-1.260/bundles/pixels-release.js

GET
H2 200 3981695.js Show response
js.hs-banner.com/ 61 KB
16 KB 470ms
443ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3981695.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3981695.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4476af355507a7903c63b59bf44fe05a3ed23c7114b4dfe9b3ecc02e90948ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: KNY00TH4NTVBKPS3
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: 5WhB9DGinK9z0pemzyqIX6IPi0r4x1juSqAzWL18/7My1Vbb5uB1OOV3/WmNKzfPjJGBLKrWDyU=
timing-allow-origin: *
last-modified: Wed, 10 Nov 2021 14:57:46 GMT
server: cloudflare
etag: W/"d25a9a22a4f1a4b76365a20a5159119c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: 676_SF8Rf05h1CxqDitzZum3_N8crvys
access-control-allow-origin: https://www.newnettechnologies.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6c3c107daaa1433f-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Sun, 26 Dec 2021 17:40:13 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 537 KB
87 KB 75ms
47ms Script
application/javascript 2606:4700::6811:e9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3981695.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb54934c45f4c74ce2c3d2cc7b8b08b49b5c75d1dc0a64dd5071bf2b452c69ea

Request headers

Referer: https://www.newnettechnologies.com/
Origin: https://www.newnettechnologies.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
via: 1.1 d591fee4e3f29cf0e3380368d25b4a40.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 16708
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1066/bundle/main/lead-flows-release.js&cfRay=6c3a789579c542c9-IAD
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 6c3c107dbefb5b6e-FRA
last-modified: Fri, 10 Dec 2021 01:08:50 UTC
server: cloudflare
etag: W/"a20da5f3327ff62c3dfbc71571e4fc6d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: L5EK4Wtvn0GVRD3yODp9CC_dzIEEuKk.
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 4EBg8kAIAiWe7ESNZT7y16CIrOAT8sNnCDuxF5Pg474wCQAY8OnKeQ==
x-hs-target-asset: lead-flows-js/static-1.1066/bundle/main/lead-flows-release.js

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 80 KB
21 KB 44ms
21ms Script
application/javascript 2606:4700::6811:eecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3981695.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 802919f100d6c4d9b60f706598988c11c18a6455327d5c316f3d450fc835f0fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
via: 1.1 979084a90b32fe3f5fdc377fb6e67b76.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 359
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.9481/bundles/project.js&cfRay=6c3c07b76b974e3d-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Thu, 09 Dec 2021 05:55:10 UTC
server: cloudflare
etag: W/"ab6bab38501f59ac0e74d2ab0ce8ec04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Opr6vabKuULKPwzQPVAVy.DEAc.ESqOr
cache-control: max-age=600
x-hs-cache-status: EXPIRED
x-amz-cf-pop: IAD89-P1
cf-ray: 6c3c107dad212c2e-FRA
x-amz-cf-id: 9AGejVZj3l2nzIyyI_Y__pj_MCogcxYplB7UfO2rE2EUv_hqDb9iHg==
x-hs-target-asset: conversations-embed/static-1.9481/bundles/project.js

GET
H2 200 p.js Show response
184731.tctm.co/ 73 B
443 B 20ms
20ms Script
application/x-javascript 2600:9000:2156:d000:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://184731.tctm.co/p.js?sid=61c8a7d10002d19b19ae258a&p=868281.1.844.898.8358&
Requested by: Host: 184731.tctm.co
URL: https://184731.tctm.co/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d000:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: b672b555102b504efa6cc3193e80d3cc63352db4708bfd490cd5889265584fad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
server: ctm
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
x-amz-cf-id: jO-OTGH4FEVMtZ8CHJhNk2Lxf3havEkfY3YSYSmziRmJ4_jKFT_SOA==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1035879423/ 2 KB
2 KB 140ms
52ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1035879423/?random=1640540113541&cv=9&fst=1640540113541&num=1&label=dLGaCJeIxQIQ_4f57QM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&tiba=Researchers%20Discover%20a%20Dozen%20US%20Web%20Servers%20Hosting%2010%20Malware%20Families&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa575799cb48eda4bf23113f494abcccbde7a78530b14045e5f9f4dc8b60c2b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1135
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ND3PZ7ZIHFBTVIAD4NHCK6 Show response
d.adroll.com/consent/check/ 386 B
479 B 109ms
28ms Script
application/javascript 34.253.133.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/ND3PZ7ZIHFBTVIAD4NHCK6?arrfrr=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&_s=cd3db092f794c9dc169194a4ed90eeae&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.133.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-133-188.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 85f6913cab80b67fad879f8c2a4178eee988eabaef983ed656daf13d82d609bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
server: nginx/1.20.0
content-length: 386
content-type: application/javascript

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 41ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8732654-1&cid=611037357.1640540113&jid=919984400&gjid=1382215533&_gid=124545949.1640540113&_u=aGDAAEADSAAAAG~&z=1375587610

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newnettechnologies.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 26 Dec 2021 17:35:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.newnettechnologies.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 345 B
1 KB 180ms
166ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=3981695&conversations-embed=static-1.9481&mobile=false&messagesUtk=0360eb328ab24adf9b2f198d18459d9c&traceId=0360eb328ab24adf9b2f198d18459d9c

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c31727d91fbd84476f886208bb97292c87f779369b8be0f3a0ba7ad8709d4cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Referer: https://www.newnettechnologies.com/
Accept-Language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9bc7649f-7e29-4f53-8c34-44723813318e
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 264
server: cloudflare
x-trace: 2B1560C7BAEF1520BDF93C8A155C661733AB1C6F70000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCEBE8JSA%2BXC4%2F3%2FuUckLJqZM2he%2FzNkKIJ19pgUfWzPPHGSHNGfaGj%2FeuJQLjfQg4ZAUJYe6wqeqJjcps4EB4Tn%2Biwgz6roIrJwnMDedjFeyYVS%2FSZLuA3Y7lzeliE4LXxR3V95dJ9eCPQJ0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.newnettechnologies.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 6c3c107f0e016921-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 159ms
141ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-hubspot-messages-uri
Origin: https://www.newnettechnologies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-type: text/plain; charset=utf-8
content-length: 18
cf-ray: 6c3c107e0d964aa9-FRA
access-control-allow-origin: https://www.newnettechnologies.com
allow: HEAD,GET,OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id: aae996a6-869c-4916-8583-f92c77bca4af
x-trace: 2B1D1F519010356655F681CF4421E1260ED31728C2000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fc%2F0g%2FEZL1o8QzpTu2QmO3CgBv0EmHLBjp0iDZLvYxU5BmAG6Lxc9ElGfTFt5hGgS738ojSkxaJGf%2Fa6WPKA5aS2WwMGGnEaQ8WJKrYSsz70x6WegDOqn6LJPZUp7KaGSnqzkEeHu67GFGNS4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 61ms
61ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8732654-1&cid=611037357.1640540113&jid=919984400&_u=aGDAAEADSAAAAG~&z=1406164384

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 59ms
59ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8732654-1&cid=611037357.1640540113&jid=919984400&_u=aGDAAEADSAAAAG~&z=1406164384

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
674 B 136ms
127ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=3981695&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea7ca09ad21019d7e0da4fc4832578da6cec88195be4e7bd7d19ac3c69f10533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.newnettechnologies.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 1e33c11e-4882-4476-9b90-721345b52f79
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBIdMHS66e6ZU4UOehDYWUl3huZsgxA70v5tEqzudLZ8svjB%2B2kdzQFuQ4sUkMYodFPk9MId03uDyGq100D1%2BkoHqfiBBiMKZDNI97ZWOgKzJ8Zbfm4x8zTA9HoKI%2F5dGyPXzRaG8s5E9q0x%2BHDk"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.newnettechnologies.com
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 6c3c107e3de24aa9-FRA
access-control-allow-headers: *

GET
H2 200 clarity.js Show response
e.clarity.ms/s/0.6.31/ 52 KB
23 KB 293ms
95ms Script
application/javascript 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/s/0.6.31/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/4003107.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: br
etag: "1d7f3ace6a16300"
last-modified: Sat, 18 Dec 2021 01:16:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=1FEB91A4AE6E496AB006D2F630437255&RedC=c.clarity.ms&MXFR=20DA977E707D6D8C127E8667747D638B
https://c.clarity.ms/c.gif?CtsSyncId=1FEB91A4AE6E496AB006D2F630437255&MUID=1DA62D6ADEFC60E41DA73C73DF9761F4

42 B
392 B

25ms
25ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=1FEB91A4AE6E496AB006D2F630437255&MUID=1DA62D6ADEFC60E41DA73C73DF9761F4
Requested by: Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:35:13 GMT
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "f95a3e4769d2d71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:35:13 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 65205AE7552A4E449784F3CEC47B0528 Ref B: FRAEDGE1517 Ref C: 2021-12-26T17:35:13Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=1FEB91A4AE6E496AB006D2F630437255&MUID=1DA62D6ADEFC60E41DA73C73DF9761F4
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 391 KB
54 KB 11ms
11ms Script
application/javascript 2600:9000:2156:8000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ca95c128ac8182e275c27d7d2c79e496468b000c84f1760427bda48e6c76ea5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Amz-Version-Id: NUNn6FITSuYhdE6o4FnWYSf0oL.peI4s
Content-Encoding: gzip
Etag: W/"1af244f5a65f1d15e18b6804e4d65960"
Age: 239
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Dec 2021 18:54:25 GMT
Server: AmazonS3
Date: Sun, 26 Dec 2021 17:34:29 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Enlu5rjmW93O52obgj2LkdU2py3gHOiV8YgQR16QJRzg5yv91M8JSg==

GET
H3 200 /
www.google.com/pagead/1p-user-list/1035879423/ 42 B
64 B 53ms
53ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1035879423/?random=1640540113541&cv=9&fst=1640538000000&num=1&label=dLGaCJeIxQIQ_4f57QM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&tiba=Researchers%20Discover%20a%20Dozen%20US%20Web%20Servers%20Hosting%2010%20Malware%20Families&async=1&fmt=3&is_vtc=1&random=973945405&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1035879423/ 42 B
64 B 52ms
51ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1035879423/?random=1640540113541&cv=9&fst=1640538000000&num=1&label=dLGaCJeIxQIQ_4f57QM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&tiba=Researchers%20Discover%20a%20Dozen%20US%20Web%20Servers%20Hosting%2010%20Malware%20Families&async=1&fmt=3&is_vtc=1&random=973945405&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 9ms
8ms Image
image/png 2600:9000:2156:8000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Age: 35144
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Date: Sun, 26 Dec 2021 14:31:08 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ymBs__o2wWUPRcSWVxwBaVTmPeUyhu-mjIBzHKZaYoOjJaCo5raC4g==

GET
H3

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1035879423/wcm?cc=ZZ&dn=8448988381&cl=w5u2COfOwKICEP-H-e0D&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8448988381&cl=w5u2COfOwKICEP-H-e0D

80 B
111 B

47ms
46ms

XHR
application/json

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8448988381&cl=w5u2COfOwKICEP-H-e0D

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: application/json; charset=UTF-8
access-control-allow-origin: null
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0

Redirect headers

timing-allow-origin: *
date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
server: cafe
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8448988381&cl=w5u2COfOwKICEP-H-e0D
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://www.newnettechnologies.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
519 B 170ms
143ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: 4711d6c6-1ded-4cf8-8cf1-eb8c322a0086
x-trace: 2BB169B6D96A18D065ED13BA182F560CB36A7291E7000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6c3c107f29726949-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35
x-robots-tag: none

GET
H3

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1035879423/wcm?cc=ZZ&dn=8448988358&cl=dwW8CKajwaICEP-H-e0D&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8448988358&cl=dwW8CKajwaICEP-H-e0D

80 B
111 B

47ms
47ms

XHR
application/json

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8448988358&cl=dwW8CKajwaICEP-H-e0D

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: application/json; charset=UTF-8
access-control-allow-origin: null
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0

Redirect headers

timing-allow-origin: *
date: Sun, 26 Dec 2021 17:35:13 GMT
x-content-type-options: nosniff
server: cafe
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=8448988358&cl=dwW8CKajwaICEP-H-e0D
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://www.newnettechnologies.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 204 collect Show response
e.clarity.ms/ 0
78 B 196ms
196ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.newnettechnologies.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://www.newnettechnologies.com
date: Sun, 26 Dec 2021 17:35:13 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 178ms
177ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=d333e3a24263728792aefde7a6e3e309&svisitor=36bb1002020f0000d1a7c8618400000040f41000&session=7cd55fee-3575-46d2-844a-a7e80a9039e7&event=active_time_track&q=%7B%22currentTime%22%3A%22Sun%2C%2026%20Dec%202021%2017%3A35%3A14%20GMT%22%2C%22lastTrackTime%22%3A%22Sun%2C%2026%20Dec%202021%2017%3A35%3A13%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22Security%20researchers%20at%20Bormium%20recently%20discovered%20over%20a%20dozen%20US-based%20servers%20being%20used%20to%20host%20and%20distribute%2010%20different%20strains%20on%20malware%20through%20large%20scale%20phishing%20campaigns.%20The%20servers%20under%20scrutiny%20are%20owned%20and%20operated%20by%20FranTech%20...%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Researchers%20Discover%20a%20Dozen%20US%20Web%20Servers%20Hosting%2010%20Malware%20Families%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&pageViewId=ad80d50e-c102-4155-8f0a-0016f1d0a071&an_uid=0

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 17:35:14 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 201 x.json Show response
184731.tctm.co/ 0
372 B 21ms
21ms XHR
text/plain 2600:9000:2156:d000:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://184731.tctm.co/x.json
Requested by: Host: 184731.tctm.co
URL: https://184731.tctm.co/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d000:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newnettechnologies.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/json

Response headers

date: Sun, 26 Dec 2021 17:35:14 GMT
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
server: ctm
x-amz-cf-pop: FRA50-C1
access-control-max-age: 2592000
access-control-allow-methods: POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: Content-Type
x-amz-cf-id: vI1czRhre1jzJIBkBNxXeg6CSbsVveNH9ft0R70dTiXDQD7mupPIPg==

OPTIONS
H2 201 x.json
184731.tctm.co/ Frame 0
0 47ms
23ms Preflight
text/plain 2600:9000:2156:d000:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://184731.tctm.co/x.json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d000:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.newnettechnologies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/plain
date: Sun, 26 Dec 2021 17:35:14 GMT
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-max-age: 2592000
server: ctm
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: j1rZxv2KSovaTtr9HMh_jioCjRBLsdzmwIGAGb20zl38-Kqc9IYvrw==

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 179ms
179ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=d333e3a24263728792aefde7a6e3e309&svisitor=36bb1002020f0000d1a7c8618400000040f41000&session=7cd55fee-3575-46d2-844a-a7e80a9039e7&event=active_time_track&q=%7B%22currentTime%22%3A%22Sun%2C%2026%20Dec%202021%2017%3A35%3A15%20GMT%22%2C%22lastTrackTime%22%3A%22Sun%2C%2026%20Dec%202021%2017%3A35%3A14%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Security%20researchers%20at%20Bormium%20recently%20discovered%20over%20a%20dozen%20US-based%20servers%20being%20used%20to%20host%20and%20distribute%2010%20different%20strains%20on%20malware%20through%20large%20scale%20phishing%20campaigns.%20The%20servers%20under%20scrutiny%20are%20owned%20and%20operated%20by%20FranTech%20...%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Researchers%20Discover%20a%20Dozen%20US%20Web%20Servers%20Hosting%2010%20Malware%20Families%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&pageViewId=ad80d50e-c102-4155-8f0a-0016f1d0a071&an_uid=0

Requested by

Host: www.newnettechnologies.com
URL: https://www.newnettechnologies.com/researchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 17:35:15 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1001 B 146ms
129ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1433769858&v=1.1&a=3981695&rcu=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&pu=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&t=Researchers+Discover+a+Dozen+US+Web+Servers+Hosting+10+Malware+Families&cts=1640540115669&vi=b9981f1d6daefc883ccaa02a4972cf1b&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:15 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 2065479a-e3ff-4d18-ac45-0c0b5e4268b3
cf-ray: 6c3c108b0d0d05fd-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zf1qGHTfl46kRrIqNS28GXW4%2FX2%2BVhjPKqJXBvq58oUVEfN0P%2FCALKUe3ePSoTRyuuRa%2FWBa9aH3sDJQDfcuvRQ1gSoEzcANeekh93L8kHWKbBaZe7SXf9L27qXwDUxCfAIPFmhIkWn55u1fC6sL"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 204 B
993 B 431ms
412ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=3981695

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44265a3a970c7bebbbbe4789653ceb06feb91578beea5e0f420764c0bd153148

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:16 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 85b46674-5b4d-4fb5-bb26-e56b5f085e81
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
x-trace: 2BBD80A102108D5FC39E45076E764855D6F42C8764000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6ZGVOnXF34fi2J2NoIwBZCcHjUP5JNUwlsdjvYPt3%2BX23A04cwuAm3Wyll18GBdWQ6O68hhZjE0cJBfpcUTwtYBQe3GpajrEu7n4pslkGEmJSDiNOkpEfAHnaXaNaa6IAi45A%2Blt%2BYt1lDM"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.newnettechnologies.com
access-control-allow-credentials: false
cf-ray: 6c3c108b1d544ea9-FRA
access-control-allow-headers: *

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
38ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2079211185&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&ul=en-us&de=UTF-8&dt=Researchers%20Discover%20a%20Dozen%20US%20Web%20Servers%20Hosting%2010%20Malware%20Families&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=25%25&_u=aGDAAEADSAAAAG~&jid=&gjid=&cid=611037357.1640540113&tid=UA-8732654-1&_gid=124545949.1640540113&gtm=2wgc10MK34R7&z=1342077555

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 10:12:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26586
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
1 KB 151ms
151ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=3981695&utk=b9981f1d6daefc883ccaa02a4972cf1b&__hstc=108489117.b9981f1d6daefc883ccaa02a4972cf1b.1640540115666.1640540115666.1640540115666.1&__hssc=108489117.1.1640540115666&currentUrl=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af274653fb6a2f3835ec5e93c731daf37cc37f1f5a1dfd2057a9bf8a1325b1f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 3f061cda-8813-4bb9-9ecf-494be550d9f1
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CMthwocRK46%2BUXissi9vOvXy3Fpnlwj7%2BRChNdaiRi5qyj6hbk8PPyLQW7jTzvRqoP3TEjJS0vxKtBNIsdIwWF%2FUG7kaQzkoGQynl37kibGTM2vG%2FdZn%2BhoVI8pouWpjUTs6a65Alq9thk%2B66UjG"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.newnettechnologies.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 6c3c108b68666921-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 77ms
77ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1035879423

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d25ee305f0a25fe776dc812f628578c6a1720b3a370c15c0495351dc6b905b78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39593
x-xss-protection: 0
last-modified: Sun, 26 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Dec 2021 17:35:16 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 60ms
60ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1035879423&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK34R7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c41c0bd6ce0f4c195ad2fb25029e2bfc2f1db1dd420c031dca16869beb646967

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39599
x-xss-protection: 0
last-modified: Sun, 26 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Dec 2021 17:35:16 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: /7XK/pYkRG7BnXnYXV722xscDfpSsKf9/0XvEDECbHgwAukJOsJ4iHV+MyHeA0M+edUrozMCWm4KKRxKJzUubw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Sun, 26 Dec 2021 17:35:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 36ms
9ms Script
application/x-javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 17:35:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=29962
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.48

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: IItpvMs0tmFaQ6sVPBL9z9gvWdEplv4HtWZdSHmS/NxGvwu97CXRI1kLGGkaZ5ovRbL7zoPk9bLs3wz7HIVQ8Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 26 Dec 2021 17:35:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 284461549993007 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 70ms
62ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/284461549993007?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c2237533e9cb7a4d4e2b37218b5bdc3143fb5d551edc65be08094386c919a128

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: NXIUoH0wgZIUb4iQ6tjBIPOld5jtM/IoXaJzM6GuiWCM47yZcmGad45hIHrZ1W1j27Ao3mE3ItjFrgea641jOA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 26 Dec 2021 17:35:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=28054&time=1640540116148&url=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D28054%26time%3D1640540116148%26url%3Dhttps%253A%252F%252Fwww.newnettechnologies.c...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=28054&time=1640540116148&url=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.ht...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=28054&time=1640540116148&url=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.h...

0
156 B

324ms
130ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=28054&time=1640540116148&url=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&liSync=true&e_ipv6=AQKcIgQp2GAfKAAAAX33z5XyPLzd2L8yKFuYdNQrsvgq0iydQZQdJvmtk8UlGhpnRdxzkIDC
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:16 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: LCQ6U4texBbwH9XX6yoAAA==

Redirect headers

date: Sun, 26 Dec 2021 17:35:15 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: AD9EF7D4947942EF8D7BA628076166AE Ref B: FRAEDGE1311 Ref C: 2021-12-26T17:35:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=28054&time=1640540116148&url=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&liSync=true&e_ipv6=AQKcIgQp2GAfKAAAAX33z5XyPLzd2L8yKFuYdNQrsvgq0iydQZQdJvmtk8UlGhpnRdxzkIDC
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXUEALhiccUxe+uNb2ktg==

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 71ms
70ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1035879423&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 26 Dec 2021 17:35:16 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 177ms
177ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=d333e3a24263728792aefde7a6e3e309&svisitor=36bb1002020f0000d1a7c8618400000040f41000&session=7cd55fee-3575-46d2-844a-a7e80a9039e7&event=active_time_track&q=%7B%22currentTime%22%3A%22Sun%2C%2026%20Dec%202021%2017%3A35%3A16%20GMT%22%2C%22lastTrackTime%22%3A%22Sun%2C%2026%20Dec%202021%2017%3A35%3A15%20GMT%22%2C%22timeSpent%22%3A%221011%22%2C%22totalTimeSpent%22%3A%223014%22%7D&isIframe=false&m=%7B%22description%22%3A%22Security%20researchers%20at%20Bormium%20recently%20discovered%20over%20a%20dozen%20US-based%20servers%20being%20used%20to%20host%20and%20distribute%2010%20different%20strains%20on%20malware%20through%20large%20scale%20phishing%20campaigns.%20The%20servers%20under%20scrutiny%20are%20owned%20and%20operated%20by%20FranTech%20...%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Researchers%20Discover%20a%20Dozen%20US%20Web%20Servers%20Hosting%2010%20Malware%20Families%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&pageViewId=ad80d50e-c102-4155-8f0a-0016f1d0a071&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 17:35:16 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 23ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=284461549993007&ev=PageView&dl=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&rl=&if=false&ts=1640540116244&sw=1600&sh=1200&ud[external_id]=b9981f1d6daefc883ccaa02a4972cf1b&v=2.9.48&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1640540116242.2065180462&it=1640540116143&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sun, 26 Dec 2021 17:35:16 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1035879423/ 2 KB
1 KB 271ms
225ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1035879423/?random=1640540116295&cv=9&fst=1640540116295&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&tiba=Researchers%20Discover%20a%20Dozen%20US%20Web%20Servers%20Hosting%2010%20Malware%20Families&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d572e1dde159a391babafd726d42af886da8534a02c826e2e7c4c0354bad8227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:35:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1111
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1035879423/ 42 B
64 B 50ms
49ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1035879423/?random=1640540116295&cv=9&fst=1640538000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&tiba=Researchers%20Discover%20a%20Dozen%20US%20Web%20Servers%20Hosting%2010%20Malware%20Families&async=1&fmt=3&is_vtc=1&random=1833427063&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:35:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1035879423/ 42 B
64 B 51ms
50ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1035879423/?random=1640540116295&cv=9&fst=1640538000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&tiba=Researchers%20Discover%20a%20Dozen%20US%20Web%20Servers%20Hosting%2010%20Malware%20Families&async=1&fmt=3&is_vtc=1&random=1833427063&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Dec 2021 17:35:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
e.clarity.ms/ 0
48 B 95ms
95ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.newnettechnologies.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://www.newnettechnologies.com
date: Sun, 26 Dec 2021 17:35:15 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
494 B 154ms
144ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 17:35:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: a4a3bde0-789e-4914-ad26-d0682f4da419
x-trace: 2B79500B2F2C2AA202911DD95543092433FEC23D55000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6c3c1091ed82c29f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35
x-robots-tag: none

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 7004 0
18 B 16ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.newnettechnologies.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.newnettechnologies.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Sun, 26 Dec 2021 17:35:16 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 178ms
178ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=d333e3a24263728792aefde7a6e3e309&svisitor=36bb1002020f0000d1a7c8618400000040f41000&session=7cd55fee-3575-46d2-844a-a7e80a9039e7&event=active_time_track&q=%7B%22currentTime%22%3A%22Sun%2C%2026%20Dec%202021%2017%3A35%3A17%20GMT%22%2C%22lastTrackTime%22%3A%22Sun%2C%2026%20Dec%202021%2017%3A35%3A16%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224015%22%7D&isIframe=false&m=%7B%22description%22%3A%22Security%20researchers%20at%20Bormium%20recently%20discovered%20over%20a%20dozen%20US-based%20servers%20being%20used%20to%20host%20and%20distribute%2010%20different%20strains%20on%20malware%20through%20large%20scale%20phishing%20campaigns.%20The%20servers%20under%20scrutiny%20are%20owned%20and%20operated%20by%20FranTech%20...%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Researchers%20Discover%20a%20Dozen%20US%20Web%20Servers%20Hosting%2010%20Malware%20Families%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&pageViewId=ad80d50e-c102-4155-8f0a-0016f1d0a071&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 17:35:17 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 178ms
177ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=d333e3a24263728792aefde7a6e3e309&svisitor=36bb1002020f0000d1a7c8618400000040f41000&session=7cd55fee-3575-46d2-844a-a7e80a9039e7&event=active_time_track&q=%7B%22currentTime%22%3A%22Sun%2C%2026%20Dec%202021%2017%3A35%3A18%20GMT%22%2C%22lastTrackTime%22%3A%22Sun%2C%2026%20Dec%202021%2017%3A35%3A17%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225016%22%7D&isIframe=false&m=%7B%22description%22%3A%22Security%20researchers%20at%20Bormium%20recently%20discovered%20over%20a%20dozen%20US-based%20servers%20being%20used%20to%20host%20and%20distribute%2010%20different%20strains%20on%20malware%20through%20large%20scale%20phishing%20campaigns.%20The%20servers%20under%20scrutiny%20are%20owned%20and%20operated%20by%20FranTech%20...%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Researchers%20Discover%20a%20Dozen%20US%20Web%20Servers%20Hosting%2010%20Malware%20Families%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.newnettechnologies.com%2Fresearchers-discover-a-dozen-us-web-servers-hosting-10-malware-families.html&pageViewId=ad80d50e-c102-4155-8f0a-0016f1d0a071&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newnettechnologies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 26 Dec 2021 17:35:18 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.newnettechnologies.com/	1969-12-31 23:59:59	Name: 9e2daf936d3f85eceab99a09f92b2482 Value: c4d89e2d89d893f0b8b057dab2cc80d0
.6sc.co/	1970-01-20 17:13:32	Name: 6suuid Value: 36bb1002020f0000d1a7c8618400000040f41000
www.newnettechnologies.com/	1970-01-20 17:13:32	Name: _gd_svisitor Value: 36bb1002020f0000d1a7c8618400000040f41000
www.newnettechnologies.com/	1970-01-19 23:52:24	Name: _an_uid Value: 0
www.newnettechnologies.com/	1970-01-20 17:13:32	Name: _gd_visitor Value: dd92ec7a-b398-4c95-8c54-fa4761698b3b
www.newnettechnologies.com/	1970-01-19 23:42:34	Name: _gd_session Value: 7cd55fee-3575-46d2-844a-a7e80a9039e7
.newnettechnologies.com/	1970-01-20 01:51:56	Name: _gcl_au Value: 1.1.858347330.1640540113
.newnettechnologies.com/	1970-01-19 23:43:46	Name: _gid Value: GA1.2.124545949.1640540113
.newnettechnologies.com/	1970-01-19 23:42:20	Name: _gat Value: 1
.bing.com/	1970-01-20 09:03:56	Name: MUID Value: 1DA62D6ADEFC60E41DA73C73DF9761F4
.newnettechnologies.com/	1970-01-19 23:43:46	Name: _uetsid Value: 2e82c3b0667211ecaf888f1fa3cefe14
.newnettechnologies.com/	1970-01-20 09:03:56	Name: _uetvid Value: 2e82b810667211ecbfcf319dc40239b2
.newnettechnologies.com/	1970-01-20 17:13:32	Name: _ga_9KTSLNHLGH Value: GS1.1.1640540113.1.0.1640540113.0
184731.tctm.co/	1969-12-31 23:59:59	Name: ct184731 Value: 61c8a7d10002d19b19ae258a
.newnettechnologies.com/	1970-01-20 17:13:32	Name: _ga Value: GA1.2.611037357.1640540113
.newnettechnologies.com/	1970-01-19 23:42:20	Name: _gat_UA-8732654-1 Value: 1
.newnettechnologies.com/	1970-01-20 00:25:32	Name: __ctmid Value: 61c8a7d10002d19b19ae258a
www.newnettechnologies.com/	1970-01-20 00:25:32	Name: __ctmid Value: 61c8a7d10002d19b19ae258a
www.newnettechnologies.com/	1970-01-21 00:42:20	Name: nrid Value: fb00007d1867d6c5
.ws.zoominfo.com/	1970-01-20 08:27:56	Name: visitorId Value: 06880279c00c7e921fcfa4796bfa4396f44641d2ceb1ad481c92a7b6346e200f
.c.bing.com/	1970-01-20 09:03:56	Name: SRM_B Value: 1DA62D6ADEFC60E41DA73C73DF9761F4
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 09:03:56	Name: MUID Value: 1DA62D6ADEFC60E41DA73C73DF9761F4
.c.clarity.ms/	1970-01-19 23:42:20	Name: ANONCHK Value: 0
.newnettechnologies.com/	1970-01-20 08:27:56	Name: _clck Value: dlbnp8\|1\|exl\|0
.newnettechnologies.com/	1970-01-19 23:43:46	Name: _clsk Value: 1f9o83r\|1640540114329\|1\|1\|e.clarity.ms/collect
.newnettechnologies.com/	1970-01-20 09:03:56	Name: __hstc Value: 108489117.b9981f1d6daefc883ccaa02a4972cf1b.1640540115666.1640540115666.1640540115666.1
.newnettechnologies.com/	1970-01-20 09:03:56	Name: hubspotutk Value: b9981f1d6daefc883ccaa02a4972cf1b
.newnettechnologies.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.newnettechnologies.com/	1970-01-19 23:42:21	Name: __hssc Value: 108489117.1.1640540115666
.hubspot.com/	1970-01-19 23:42:21	Name: __cf_bm Value: x6.0702r4sdOAWdQC2EsFNbcQ0yKHmK4qljxKcCOEZ0-1640540115-0-AeeGOjR8qTkLq8r3JTlxyCgQqLtt7zvpOCJMxQsrrMGRrEISaKAT7MhNEHXREuuSqYznfkb5cv8p4WgZDFxkJi8=
.newnettechnologies.com/	1970-01-20 01:51:56	Name: _fbp Value: fb.1.1640540116242.2065180462
.linkedin.com/	1970-01-20 00:25:32	Name: UserMatchHistory Value: AQKPmWPqVUq2bwAAAX33z5UQ72lvrV3CGUjNytajf9bmWgDBLTnopVCKRWbT1rb0jWvul4pyMSHoJw
.linkedin.com/	1970-01-20 00:25:32	Name: AnalyticsSyncHistory Value: AQLbbLhvdX2wQwAAAX33z5UQMN9DtlPMn16BDgVYGeNAlECoFW0Xnyxe1QhA-fNv7Nw4pNMz9o1BlpZ20qfEoQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:14:13	Name: bcookie Value: "v=2&49f87059-c563-4010-8d37-f479c14097d2"
.linkedin.com/	1970-01-19 23:43:46	Name: lidc Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2243:u=1:x=1:i=1640540116:t=1640626516:v=2:sig=AQEcTIJEz2aO84MMigJhMS6AslWUAJTL"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 17:14:13	Name: bscookie Value: "v=1&2021122617351673f584b5-536b-4447-8ab0-8813ff6c311aAQFTkWVokMBOY5sd_VYq8bP7tEy46L2h"
.linkedin.com/	1970-01-20 17:01:18	Name: li_gc Value: MTswOzE2NDA1NDAxMTY7MjswMjEKGps7DRIGDxAhy/Lu0tRHfQLFA/zKlYKajB/tk5dlnQ==
.doubleclick.net/	1970-01-20 09:03:56	Name: IDE Value: AHWqTUlyeAY0Ys13SwR_74SuR6aFOOM7lLLKWTaSkn0-MQklkcLGxL-cUjAYomkV

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

184731.tctm.co
api.hubapi.com
api.hubspot.com
b.6sc.co
bat.bing.com
c.6sc.co
c.bing.com
c.clarity.ms
connect.facebook.net
d.adroll.com
e.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
googleads.g.doubleclick.net
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
js.usemessages.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.adroll.com
secure.adnxs.com
snap.licdn.com
stats.g.doubleclick.net
track.hubspot.com
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.newnettechnologies.com
104.111.233.140
108.174.10.14
142.250.186.130
185.33.221.91
20.62.48.180
2600:9000:2156:8000:6:9280:1080:93a1
2600:9000:2156:d000:12:de4a:40:93a1
2606:4700:3108::ac42:286a
2606:4700::6810:5605
2606:4700::6810:650c
2606:4700::6811:43b0
2606:4700::6811:73b0
2606:4700::6811:83ab
2606:4700::6811:c9cc
2606:4700::6811:d4cc
2606:4700::6811:e9cc
2606:4700::6811:eecc
2606:4700::6812:15bf
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:803::200a
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2008
2a00:1450:4001:812::200e
2a00:1450:4001:827::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c0c::9d
2a02:26f0:6c00::210:ba0a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.253.133.188
52.142.114.2
0186771b8b87d7f34270eca4da53132d85efb3bbd0af41ce44e1bf8c3fe26d35
02ea15154c632ed53555607cf5ab40809233c436c39a6a99597fa0872d7184e1
03dc3f98b942da136aad98f26e24f42583da1139ef28589cca558ac2e4ddd2e9
068428f097b7cc370cad554f062c1f61edb11c78e0f2ef1c087ad25211d8fd25
0a7643b8ef6465f93798b12d0c8b558552ac3fcbf32d0cb7dc2f6e199ad23c96
0c11bae857e56d916caee2557840e641cfba752c26acf9feb03855adb402e574
0dd860681031ceb561ca1762ee9be76289cddaf265a640894ca6a1dd029eb6ba
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10a287b0fd4c51976ab2463545de3ecdcbd6f7be6ef2fcd3ad5ef7f94cc1e6c0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1b10bd3692a5376e6a9aa6050ae8b8982f402a255c2e51f23a80a13648046e63
1b52203cba9f12c8a32c22d5c877d6f3a5528962217f58c84b32fdf394ced154
1ca95c128ac8182e275c27d7d2c79e496468b000c84f1760427bda48e6c76ea5
1cacaef3d50368b717e9bd63cdc3d3a4d8f0acd1cfabfdd29b58e53c92d0dbd8
1f52c94170d531a2e706e6eba721d81bffc13847e1873592f729ff49acf58d4b
20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc
23d1cb06ace0ff3e399d3c53bb02c3a8c386cd97dc01081b376c34785c92e4f3
246bc6f60c112423cc02cf05fe73cce7fd30c49cf3b3fbf1f93173236a0fc8c1
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2707e48726a3f7ec48a1d1aec9738f20b36bac1535cfa9de2e4d92310c4e7e7a
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
2eec5bb0180f43d2e0fd1b4c7b2fc9efb614c517822720dd11a137b4914fcd56
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3474d186f21685bde10c922a18678e63117c845c09e51a0e7aaa6a613938f028
36bb5bd502c8e89465eb96f9b21d0275da6471e8d23a5eed4c5b246464efba18
396e25a016a862b4ac3791ef8293491db212e404e187b7c18661538777226957
3bfb3419ba6a816ce8fda9ac306789ffb32cca76a84f713af79a620041a01ff7
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea
44265a3a970c7bebbbbe4789653ceb06feb91578beea5e0f420764c0bd153148
45d35cc7f485b88e01eb320e19e1a65ff743e27e5f77cc937ac3d4440ee84880
464a4e5c4794d9020741304ff186b106564b9896f5141a6e6ec6723c2d4e3eba
46d4feae86be7a9a23ab96dfda823a3c639adf258363ec24e2c5970a546282db
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4c141f368da1152af24808794c501b65be66f1550e1b0b2f6c10578fb945eaf2
5110901726c3b633387b483f08ff6896a4afd6c867ac8da57388988c80a2383c
528e28a73a593821d0ffdee4be48e4133d0119790c9177cc5999af592e8d1849
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
624a410072660f5bb55d77831e2df6a68794818d0273828224ba37b9af4bd777
6261d267224f8c78155639c4d7b45194839e19d6533a3d5348146c4793f82ab0
6778c5b0906b79eb301d88f7013ee762c39efb82a543a21830727425dc8f5160
6898b8832e80f974a2e05c02d20ee37bfe0f6d5789af07188f5610021d639512
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
768686e989a8f39ac9cf934d0c967d218feef8319e8cd4b73ad5dc38631a2451
7e2d252ddd5acf877eb962852fd4c5a55cd9e59e739463d610aada9e181db1cd
802919f100d6c4d9b60f706598988c11c18a6455327d5c316f3d450fc835f0fc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83555df5e4a958c6809a0d8ce2fc94a7604243085c23caf5d0209cdeb0e5d151
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85f6913cab80b67fad879f8c2a4178eee988eabaef983ed656daf13d82d609bf
876c4ca5bbb4e14fe0af2d06f89cd1a4cb4bab2925d0be979917c6ed36169a56
8c31727d91fbd84476f886208bb97292c87f779369b8be0f3a0ba7ad8709d4cc
98333312a99b4c67911a1c1d4bddda30653715ffa23ea460fe385fa1987b39ba
9967a56cf9e4320cde6e0cda8b50a7c0f742925e6bea67f137ead58bc18c0816
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bf240721d5141eebf5aeb4c8609071c56aedc4839cc2ebee753d925572c6fa5
9db43e4a687084df93038c3d02cc4c149dff1210727059b82a7aac112a486eda
9f16c2c80ee2b89839d2d5d6182bb0a0496fd1e12d71535d152db4191af3e0ab
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a88e100255bc698001ad9127bbd912f465aa200781bafef1aa9d96b3eadd416e
aa575799cb48eda4bf23113f494abcccbde7a78530b14045e5f9f4dc8b60c2b8
af274653fb6a2f3835ec5e93c731daf37cc37f1f5a1dfd2057a9bf8a1325b1f0
b0fc8a4f81d13b1f3bc1843a6f2d43f46e5c9128837096b8d53f2360b8daec18
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b240d68de7c3795c87771f510527c201d7d67f0e065d973b16bf86855932f9a2
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b4476af355507a7903c63b59bf44fe05a3ed23c7114b4dfe9b3ecc02e90948ae
b672b555102b504efa6cc3193e80d3cc63352db4708bfd490cd5889265584fad
bb54934c45f4c74ce2c3d2cc7b8b08b49b5c75d1dc0a64dd5071bf2b452c69ea
bc827b0bcda55f06aa076663b3fd1a9d37501493487d98f3eca1a4acd89a613b
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
c2237533e9cb7a4d4e2b37218b5bdc3143fb5d551edc65be08094386c919a128
c3f2ab52b3d6c9aa91f70abee6b043536572dbd61df0a4692fae2ea3fa370ae6
c41c0bd6ce0f4c195ad2fb25029e2bfc2f1db1dd420c031dca16869beb646967
c5caac14d28fb07c9eb867076a593e1ba39ae47f6bed7b062a4b707c39d494b4
c6b42f9e869ac78b9c818418b39d63b2b82cc590cc9a84e84ba6281a29621602
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce082aa5568d15c7448b3a909fa44cbef28c4b42a7e7a0f5a68bc88f53281bda
d1462ee824fc3172a7c7fb70f6f2276fa6be8bcffaa9eea71ef529c94eb56124
d1625b50b591a7f441df3c6c1843247c4ed055a145e85e6744d51150324cd7fe
d25ee305f0a25fe776dc812f628578c6a1720b3a370c15c0495351dc6b905b78
d572e1dde159a391babafd726d42af886da8534a02c826e2e7c4c0354bad8227
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc9c70be8f146daf8adc84c311d411946462fcc6721839b28fae4155679d3a72
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e683d4500e30056a08d6f15450d383d6ca71800aa52753e9b2581ba08325a
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e19b6543dafa46e93ef5db92de5ab0b21ac040765819372f83db46d2e1288e0f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea7ca09ad21019d7e0da4fc4832578da6cec88195be4e7bd7d19ac3c69f10533
ea8ac72840309202e9dd7c4f6061d6020f5d95f2976e6523e5c45513678442a9
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f51c09f7389cdc5cfdbd249cc66f95f51480041e42da46e5adf088e7bea9a686
f5844d119b0d7d2d0f427bb92c5e16959b51f66509c63bf2f44a4795d7886537
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fbb05a2e05a86d75ee37367404b732611d8f43aa6ed72b13e6b8411d25762711
fdac82db6cffdc6caaa7fabb7fa1a2f6727c1c096db54fc3c24e2ff771a4a7fd
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

www.newnettechnologies.com Open in urlscan Pro 2606:4700:3108::ac42:286a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

136 Requests

95 %HTTPS

80 %IPv6

30 Domains

41 Subdomains

34 IPs

5 Countries

1410 kBTransfer

4251 kBSize

41 Cookies

12 Outgoing links

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.newnettechnologies.com Open in urlscan Pro
2606:4700:3108::ac42:286a Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

95 %
HTTPS

80 %
IPv6

30
Domains

41
Subdomains

34
IPs

5
Countries

1410 kB
Transfer

4251 kB
Size

41
Cookies

136 HTTP transactions
0 data transactions