urlscan.io logo urlscan.io
SecurityTrails logo

www.bleepingcomputer.com Open in urlscan Pro
104.20.60.209  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Submission: On November 26 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 91 IPs in 9 countries across 56 domains to perform 480 HTTP transactions. The main IP is 104.20.60.209, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.bleepingcomputer.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on May 12th 2018. Valid for: 2 years.
This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.20.60.209 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
32 104.26.12.6 13335 (CLOUDFLAR...)
2 151.101.14.217 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
3 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 178.79.175.86 63949 (LINODE-AP...)
8 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
4 2.21.36.164 20940 (AKAMAI-ASN1)
1 2600:9000:215... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
8 151.101.114.217 54113 (FASTLY)
2 2600:9000:21f... 16509 (AMAZON-02)
15 2a00:1450:400... 15169 (GOOGLE)
3 35.188.71.214 15169 (GOOGLE)
1 13.225.78.44 16509 (AMAZON-02)
1 54.236.131.34 14618 (AMAZON-AES)
1 72.247.226.64 16625 (AKAMAI-AS)
14 172.217.16.162 15169 (GOOGLE)
2 13.224.196.65 16509 (AMAZON-02)
1 2600:9000:204... 16509 (AMAZON-02)
6 13.225.86.250 16509 (AMAZON-02)
2 54.164.73.180 14618 (AMAZON-AES)
1 13.224.196.91 16509 (AMAZON-02)
4 3.211.1.10 14618 (AMAZON-AES)
8 22 34.95.120.147 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 151.101.13.140 54113 (FASTLY)
9 34.245.241.249 16509 (AMAZON-02)
1 34.206.108.72 14618 (AMAZON-AES)
9 69.16.175.42 20446 (HIGHWINDS3)
1 13.224.196.112 16509 (AMAZON-02)
9 2a00:1288:f03... 10310 (YAHOO-1)
9 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
2 35.226.36.58 15169 (GOOGLE)
14 52.214.34.242 16509 (AMAZON-02)
8 69.173.144.140 26667 (RUBICONPR...)
2 18.196.104.43 16509 (AMAZON-02)
8 104.16.190.66 13335 (CLOUDFLAR...)
8 37.252.173.22 29990 (ASN-APPNEXUS)
4 2a02:fa8:8806... 41041 (VCLK-EU-)
8 52.72.165.42 14618 (AMAZON-AES)
26 69 152.199.22.24 15133 (EDGECAST)
4 72.247.225.98 16625 (AKAMAI-AS)
22 3.122.1.70 16509 (AMAZON-02)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
4 185.64.189.112 62713 (AS-PUBMATIC)
4 35.156.206.192 16509 (AMAZON-02)
15 2a00:1450:400... 15169 (GOOGLE)
7 34.252.175.165 16509 (AMAZON-02)
9 18.200.219.23 16509 (AMAZON-02)
11 2a00:1450:400... 15169 (GOOGLE)
1 2 172.217.23.134 15169 (GOOGLE)
3 37.157.6.245 198622 (ADFORM)
1 69.173.144.152 26667 (RUBICONPR...)
2 37.157.2.247 198622 (ADFORM)
1 185.80.38.195 27381 (CASALE-MEDIA)
3 185.29.133.224 30419 (MEDIAMATH...)
1 4 35.190.94.1 15169 (GOOGLE)
2 23.37.55.184 16625 (AKAMAI-AS)
1 136.243.54.211 24940 (HETZNER-AS)
3 72.247.226.173 16625 (AKAMAI-AS)
1 2.18.233.201 16625 (AKAMAI-AS)
1 3 138.201.84.253 24940 (HETZNER-AS)
1 146.148.127.183 15169 (GOOGLE)
5 72.247.225.32 16625 (AKAMAI-AS)
1 2.18.233.180 16625 (AKAMAI-AS)
1 2 23.62.137.117 16625 (AKAMAI-AS)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 4 195.216.249.67 47268 (ZANOX)
1 1 85.10.231.199 24940 (HETZNER-AS)
1 185.29.133.33 30419 (MEDIAMATH...)
3 172.217.22.98 15169 (GOOGLE)
1 213.254.244.16 36062 (DOUBLE-VE...)
2 2a00:1450:400... 15169 (GOOGLE)
2 213.254.244.18 36062 (DOUBLE-VE...)
7 2a00:1450:400... 15169 (GOOGLE)
1 37.157.4.23 198622 (ADFORM)
8 72.247.225.17 16625 (AKAMAI-AS)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
4 4 13.225.78.84 16509 (AMAZON-02)
1 5 18.194.62.191 16509 (AMAZON-02)
2 104.17.120.107 13335 (CLOUDFLAR...)
4 104.16.68.69 13335 (CLOUDFLAR...)
2 35.156.98.228 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-)
1 52.48.102.50 16509 (AMAZON-02)
1 1 91.228.74.245 27281 (QUANTCAST)
480 91
1    104.20.60.209 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.bleepingcomputer.com
4    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
32    104.26.12.6 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.bleepstatic.com
2    151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
cdn.connatix.com
cdns.connatix.com
1    2a00:1450:4001:81b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
4    2a00:1450:4001:818::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
cse.google.com
2    2606:4700:20::681a:18b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
a.pub.network
1    178.79.175.86 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-178-79-175-86.london.nodebalancer.linode.com
ecdn.analysis.fi
8    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
7    2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
adservice.google.com
4    2.21.36.164 (France)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-21-36-164.deploy.static.akamaitechnologies.com
s9.addthis.com
v1.addthisedge.com
s7.addthis.com
1    2600:9000:2156:4800:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
quantcast.mgr.consensu.org
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
8    151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
ck.connatix.com
i.connatix.com
2    2600:9000:21f3:800:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
static.quantcast.mgr.consensu.org
15    2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
googleads.g.doubleclick.net
www.googletagservices.com
3    35.188.71.214 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 214.71.188.35.bc.googleusercontent.com
d.pub.network
1    13.225.78.44 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-44.fra2.r.cloudfront.net
freestar-io.videoplayerhub.com
1    54.236.131.34 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-236-131-34.compute-1.amazonaws.com
core.connatix.com
1    72.247.226.64 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-226-64.deploy.static.akamaitechnologies.com
z.moatads.com
14    172.217.16.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net
securepubads.g.doubleclick.net
2    13.224.196.65 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-65.fra2.r.cloudfront.net
ad-delivery.net
1    2600:9000:2043:d800:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
vendorlist.consensu.org
6    13.225.86.250 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-86-250.fra2.r.cloudfront.net
c.amazon-adsystem.com
2    54.164.73.180 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-164-73-180.compute-1.amazonaws.com
rtb.connatix.com
1    13.224.196.91 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-91.fra2.r.cloudfront.net
api.quantcast.mgr.consensu.org
4    3.211.1.10 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-211-1-10.compute-1.amazonaws.com
trk.connatix.com
22    34.95.120.147 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com
connatix-d.openx.net
freestar-d.openx.net
eu-u.openx.net
2    2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
graph.facebook.com
2    151.101.13.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
www.reddit.com
9    34.245.241.249 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-245-241-249.eu-west-1.compute.amazonaws.com
vid.springserve.com
1    34.206.108.72 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-206-108-72.compute-1.amazonaws.com
cluster-na.cdnjquery.com
9    69.16.175.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: hwcdn.net
vpaid.springserve.com
1    13.224.196.112 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-112.fra2.r.cloudfront.net
audit.quantcast.mgr.consensu.org
9    2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1 - Oath Holdings Inc., US)
cdn-ssl.vidible.tv
9    2a00:1450:4001:80b::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ima3vpaid.appspot.com
27    2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
imasdk.googleapis.com
11    2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
s0.2mdn.net
2    35.226.36.58 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 58.36.226.35.bc.googleusercontent.com
c.pub.network
14    52.214.34.242 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-214-34-242.eu-west-1.compute.amazonaws.com
g2.gumgum.com
8    69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
fastlane.rubiconproject.com
2    18.196.104.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
8    104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
dmx.districtm.io
8    37.252.173.22 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    2a02:fa8:8806:16::1460 (Sweden)

ASN41041 (VCLK-EU-, SE)
web.hb.ad.cpe.dotomi.com
8    52.72.165.42 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-72-165-42.compute-1.amazonaws.com
mantodea.mantisadnetwork.com
69    152.199.22.24 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
adserver-us.adtech.advertising.com
4    72.247.225.98 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-225-98.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
22    3.122.1.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-122-1-70.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
4    2606:4700:10::6814:9174 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
i.connectad.io
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
hbopenbid.pubmatic.com
4    35.156.206.192 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-206-192.eu-central-1.compute.amazonaws.com
tlx.3lift.com
15    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
7    34.252.175.165 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-252-175-165.eu-west-1.compute.amazonaws.com
bc-rtb-dub.springserve.com
9    18.200.219.23 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-200-219-23.eu-west-1.compute.amazonaws.com
vid-io.springserve.com
11    2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
cdn.ampproject.org
2    172.217.23.134 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f134.1e100.net
ad.doubleclick.net
3    37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
1    69.173.144.152 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
beacon-eu2.rubiconproject.com
2    37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    185.80.38.195 (Netherlands)

ASN27381 (CASALE-MEDIA - Index Exchange Inc., CA)
a3226.casalemedia.com
3    185.29.133.224 (United Kingdom)

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)
tags.mathtag.com
4    35.190.94.1 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 1.94.190.35.bc.googleusercontent.com
ad4m.at
2    23.37.55.184 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-37-55-184.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    136.243.54.211 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.211.54.243.136.clients.your-server.de
hal9000.redintelligence.net
3    72.247.226.173 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-226-173.deploy.static.akamaitechnologies.com
cdn.doubleverify.com
cdn3.doubleverify.com
1    2.18.233.201 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
3    138.201.84.253 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.253.84.201.138.clients.your-server.de
hal900021.redintelligence.net
1    146.148.127.183 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 183.127.148.146.bc.googleusercontent.com
ad4mat.net
5    72.247.225.32 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-225-32.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
aktrack.pubmatic.com
2    23.62.137.117 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-62-137-117.deploy.static.akamaitechnologies.com
www.awin1.com
1    2606:4700:30::681b:b368 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.vehiculum.de
4    195.216.249.67 (France)

ASN47268 (ZANOX, FR)
ad.zanox.com
1    85.10.231.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 85-10-231-199.clients.your-server.de
pb.media01.eu
1    185.29.133.33 (United Kingdom)

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)
mathid.mathtag.com
3    172.217.22.98 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f98.1e100.net
googleads4.g.doubleclick.net
ade.googlesyndication.com
1    213.254.244.16 (Ireland)

ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US)
tps.doubleverify.com
2    2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
2    213.254.244.18 (Ireland)

ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US)
tps20221.doubleverify.com
7    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
1    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
8    72.247.225.17 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-225-17.deploy.static.akamaitechnologies.com
acdn.adnxs.com
4    2606:4700:10::6814:9274 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.connectad.io
4    13.225.78.84 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-84.fra2.r.cloudfront.net
ib.3lift.com
5    18.194.62.191 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-194-62-191.eu-central-1.compute.amazonaws.com
eb2.3lift.com
2    104.17.120.107 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
biddr.brealtime.com
4    104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.districtm.io
2    35.156.98.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-98-228.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    2a02:fa8:8806:13::1430 (Sweden)

ASN41041 (VCLK-EU-, SE)
aol-match.dotomi.com
1    52.48.102.50 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-48-102-50.eu-west-1.compute.amazonaws.com
match.adsrvr.org
1    91.228.74.245 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
pixel.quantserve.com
Apex Domain
Subdomains		 Transfer
71 advertising.com
adserver-us.adtech.advertising.com
pixel.advertising.com
24 KB
34 springserve.com
vid.springserve.com
vpaid.springserve.com
bc-rtb-dub.springserve.com
vid-io.springserve.com
863 KB
32 bleepstatic.com
www.bleepstatic.com
224 KB
31 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
964 KB
25 doubleclick.net
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
ad.doubleclick.net
googleads4.g.doubleclick.net
cm.g.doubleclick.net Failed
129 KB
22 sharethrough.com
btlr.sharethrough.com
4 KB
22 openx.net
connatix-d.openx.net
us-u.openx.net Failed
freestar-d.openx.net
eu-u.openx.net Failed
4 KB
22 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
280 KB
17 connatix.com
cdn.connatix.com
cdns.connatix.com
ck.connatix.com
core.connatix.com
rtb.connatix.com
i.connatix.com
trk.connatix.com
720 KB
16 adnxs.com
ib.adnxs.com
acdn.adnxs.com
9 KB
15 google.com
www.google.com
cse.google.com
adservice.google.com
4 KB
14 gumgum.com
g2.gumgum.com
8 KB
13 3lift.com
tlx.3lift.com
ib.3lift.com
eb2.3lift.com
4 KB
12 districtm.io
dmx.districtm.io
cdn.districtm.io
719 B
11 ampproject.org
cdn.ampproject.org
240 KB
11 rubiconproject.com
fastlane.rubiconproject.com
beacon-eu2.rubiconproject.com
eus.rubiconproject.com
18 KB
11 2mdn.net
s0.2mdn.net
157 KB
10 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
aktrack.pubmatic.com
59 KB
9 appspot.com
ima3vpaid.appspot.com
6 KB
9 vidible.tv
cdn-ssl.vidible.tv
70 KB
8 connectad.io
i.connectad.io
cdn.connectad.io
1 KB
8 mantisadnetwork.com
mantodea.mantisadnetwork.com
1 KB
8 gstatic.com
fonts.gstatic.com
87 KB
7 googletagservices.com
www.googletagservices.com
187 KB
7 pub.network
a.pub.network
d.pub.network
c.pub.network
235 KB
6 doubleverify.com
cdn.doubleverify.com
cdn3.doubleverify.com
tps.doubleverify.com
tps20221.doubleverify.com
73 KB
6 adform.net
track.adform.net
s1.adform.net
44 KB
6 amazon-adsystem.com
c.amazon-adsystem.com
30 KB
6 consensu.org
quantcast.mgr.consensu.org
static.quantcast.mgr.consensu.org
vendorlist.consensu.org
api.quantcast.mgr.consensu.org
audit.quantcast.mgr.consensu.org
136 KB
5 mathtag.com
tags.mathtag.com
pixel.mathtag.com
mathid.mathtag.com
23 KB
5 casalemedia.com
as-sec.casalemedia.com
a3226.casalemedia.com
5 KB
5 dotomi.com
web.hb.ad.cpe.dotomi.com
aol-match.dotomi.com
2 KB
4 zanox.com
ad.zanox.com
2 KB
4 redintelligence.net
hal9000.redintelligence.net
hal900021.redintelligence.net
5 KB
4 ad4m.at
ad4m.at
14 KB
3 addthis.com
s9.addthis.com
s7.addthis.com
189 KB
2 brealtime.com
biddr.brealtime.com
2 awin1.com
www.awin1.com
1 KB
2 emxdgt.com
hb.emxdgt.com
632 B
2 reddit.com
www.reddit.com
957 B
2 facebook.com
graph.facebook.com
1012 B
2 ad-delivery.net
ad-delivery.net
1 KB
2 google-analytics.com
www.google-analytics.com
18 KB
1 quantserve.com
pixel.quantserve.com
685 B
1 adsrvr.org
match.adsrvr.org
264 B
1 media01.eu
pb.media01.eu
1 KB
1 vehiculum.de
www.vehiculum.de
1 ad4mat.net
ad4mat.net
1 cdnjquery.com
cluster-na.cdnjquery.com
357 B
1 addthisedge.com
v1.addthisedge.com
924 B
1 moatads.com
z.moatads.com
1 KB
1 videoplayerhub.com
freestar-io.videoplayerhub.com
30 KB
1 google.de
adservice.google.de
171 B
1 analysis.fi
ecdn.analysis.fi
1 KB
1 googletagmanager.com
www.googletagmanager.com
27 KB
1 bleepingcomputer.com
www.bleepingcomputer.com
13 KB
480 56
Domain Requested by
69 adserver-us.adtech.advertising.com 26 redirects a.pub.network
32 www.bleepstatic.com www.bleepingcomputer.com
cdn.connatix.com
www.bleepstatic.com
pagead2.googlesyndication.com
27 imasdk.googleapis.com www.bleepingcomputer.com
imasdk.googleapis.com
22 btlr.sharethrough.com a.pub.network
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.bleepingcomputer.com
cdn.ampproject.org
tpc.googlesyndication.com
14 g2.gumgum.com a.pub.network
14 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.bleepingcomputer.com
13 connatix-d.openx.net 6 redirects www.bleepingcomputer.com
cdns.connatix.com
11 cdn.ampproject.org securepubads.g.doubleclick.net
11 s0.2mdn.net imasdk.googleapis.com
www.bleepingcomputer.com
s0.2mdn.net
10 adservice.google.com pagead2.googlesyndication.com
imasdk.googleapis.com
9 vid-io.springserve.com vpaid.springserve.com
9 ima3vpaid.appspot.com vpaid.springserve.com
9 cdn-ssl.vidible.tv vpaid.springserve.com
9 vpaid.springserve.com cdns.connatix.com
9 vid.springserve.com cdns.connatix.com
8 acdn.adnxs.com a.pub.network
8 mantodea.mantisadnetwork.com a.pub.network
8 ib.adnxs.com a.pub.network
8 dmx.districtm.io a.pub.network
8 fastlane.rubiconproject.com a.pub.network
8 fonts.gstatic.com cdn.connatix.com
www.bleepstatic.com
www.bleepingcomputer.com
7 bc-rtb-dub.springserve.com vpaid.springserve.com
7 i.connatix.com www.bleepingcomputer.com
7 www.googletagservices.com a.pub.network
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
s0.2mdn.net
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.bleepingcomputer.com
a.pub.network
6 c.amazon-adsystem.com a.pub.network
c.amazon-adsystem.com
6 pagead2.googlesyndication.com www.bleepingcomputer.com
pagead2.googlesyndication.com
a.pub.network
googleads.g.doubleclick.net
5 eu-u.openx.net a.pub.network
5 eb2.3lift.com 1 redirects a.pub.network
5 ads.pubmatic.com www.bleepingcomputer.com
a.pub.network
4 cdn.districtm.io a.pub.network
4 ib.3lift.com 4 redirects
4 cdn.connectad.io a.pub.network
4 ad.zanox.com 2 redirects hal900021.redintelligence.net
www.bleepingcomputer.com
4 ad4m.at 1 redirects s1.adform.net
ad4m.at
4 track.adform.net www.bleepingcomputer.com
s1.adform.net
4 tlx.3lift.com a.pub.network
4 hbopenbid.pubmatic.com a.pub.network
4 i.connectad.io a.pub.network
4 as-sec.casalemedia.com a.pub.network
4 freestar-d.openx.net a.pub.network
4 web.hb.ad.cpe.dotomi.com a.pub.network
4 trk.connatix.com www.bleepingcomputer.com
4 www.google.com 3 redirects www.bleepingcomputer.com
4 fonts.googleapis.com www.bleepingcomputer.com
securepubads.g.doubleclick.net
3 hal900021.redintelligence.net 1 redirects www.bleepingcomputer.com
hal900021.redintelligence.net
3 tags.mathtag.com a.pub.network
tags.mathtag.com
3 d.pub.network a.pub.network
2 pixel.advertising.com
2 biddr.brealtime.com a.pub.network
2 tps20221.doubleverify.com cdn.doubleverify.com
2 googleads4.g.doubleclick.net www.bleepingcomputer.com
2 www.awin1.com 1 redirects www.bleepingcomputer.com
2 cdn.doubleverify.com tags.mathtag.com
www.bleepingcomputer.com
2 eus.rubiconproject.com www.bleepingcomputer.com
a.pub.network
2 s1.adform.net track.adform.net
s1.adform.net
2 ad.doubleclick.net 1 redirects www.bleepingcomputer.com
2 hb.emxdgt.com a.pub.network
2 c.pub.network a.pub.network
2 www.reddit.com s9.addthis.com
2 graph.facebook.com s9.addthis.com
2 rtb.connatix.com cdns.connatix.com
2 s7.addthis.com s9.addthis.com
2 ad-delivery.net freestar-io.videoplayerhub.com
www.bleepingcomputer.com
2 static.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
2 www.google-analytics.com www.googletagmanager.com
www.bleepingcomputer.com
2 a.pub.network www.bleepingcomputer.com
a.pub.network
1 ade.googlesyndication.com www.bleepingcomputer.com
1 pixel.quantserve.com 1 redirects
1 match.adsrvr.org
1 aol-match.dotomi.com
1 tps.doubleverify.com cdn.doubleverify.com
1 cdn3.doubleverify.com cdn.doubleverify.com
1 mathid.mathtag.com www.bleepingcomputer.com
1 pb.media01.eu 1 redirects
1 www.vehiculum.de hal900021.redintelligence.net
1 aktrack.pubmatic.com www.bleepingcomputer.com
1 ad4mat.net ad4m.at
1 pixel.mathtag.com tags.mathtag.com
1 hal9000.redintelligence.net www.bleepingcomputer.com
1 a3226.casalemedia.com a.pub.network
1 beacon-eu2.rubiconproject.com www.bleepingcomputer.com
1 audit.quantcast.mgr.consensu.org static.quantcast.mgr.consensu.org
1 cluster-na.cdnjquery.com freestar-io.videoplayerhub.com
1 api.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 vendorlist.consensu.org quantcast.mgr.consensu.org
1 v1.addthisedge.com s9.addthis.com
1 z.moatads.com s9.addthis.com
1 core.connatix.com cdns.connatix.com
1 freestar-io.videoplayerhub.com a.pub.network
1 adservice.google.de pagead2.googlesyndication.com
1 ck.connatix.com cdns.connatix.com
1 quantcast.mgr.consensu.org www.bleepstatic.com
1 s9.addthis.com www.bleepingcomputer.com
1 cdns.connatix.com cdn.connatix.com
1 ecdn.analysis.fi www.bleepingcomputer.com
1 cse.google.com www.bleepingcomputer.com
1 www.googletagmanager.com www.bleepingcomputer.com
1 cdn.connatix.com www.bleepingcomputer.com
1 www.bleepingcomputer.com
0 cm.g.doubleclick.net Failed
0 us-u.openx.net Failed www.bleepingcomputer.com
480 103

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
deals.bleepingcomputer.com
connatix.com
Subject Issuer Validity Valid
bleepingcomputer.com
COMODO RSA Domain Validation Secure Server CA		 2018-05-12 -
2020-05-17		 2 years crt.sh
*.googleapis.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-11-11 -
2020-10-09		 a year crt.sh
j3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-11-15 -
2020-09-16		 10 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.analysis.fi
Sectigo RSA Domain Validation Secure Server CA		 2019-06-13 -
2020-06-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2019-10-10 -
2020-09-04		 a year crt.sh
quantcast.mgr.consensu.org
Amazon		 2019-05-06 -
2020-06-06		 a year crt.sh
*.pub.network
Go Daddy Secure Certificate Authority - G2		 2019-02-09 -
2020-05-16		 a year crt.sh
*.videoplayerhub.com
Amazon		 2019-07-18 -
2020-08-18		 a year crt.sh
*.connatix.com
Amazon		 2019-10-19 -
2020-11-19		 a year crt.sh
moatads.com
DigiCert ECC Secure Server CA		 2018-11-10 -
2020-02-09		 a year crt.sh
ad-delivery.net
Amazon		 2019-03-07 -
2020-04-07		 a year crt.sh
vendorlist.consensu.org
Amazon		 2019-03-06 -
2020-04-06		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2019-10-07 -
2020-09-29		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2018-01-04 -
2020-07-09		 3 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-11-06 -
2020-02-04		 3 months crt.sh
*.reddit.com
DigiCert SHA2 Secure Server CA		 2018-08-17 -
2020-09-02		 2 years crt.sh
*.springserve.net
Amazon		 2019-03-28 -
2020-04-28		 a year crt.sh
*.assetbucket.net
Amazon		 2019-09-11 -
2020-10-11		 a year crt.sh
*.springserve.com
COMODO RSA Domain Validation Secure Server CA		 2017-07-27 -
2020-07-26		 3 years crt.sh
cdn-ycs.vidible.tv
DigiCert SHA2 High Assurance Server CA		 2019-09-02 -
2020-02-29		 6 months crt.sh
*.appspot.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.gumgum.com
Amazon		 2019-07-31 -
2020-08-31		 a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2019-07-17 -
2020-07-17		 a year crt.sh
districtm.io
CloudFlare Inc ECC CA-2		 2019-03-26 -
2020-03-26		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
ad.cpe.dotomi.com
GlobalSign Organization Validation CA - SHA256 - G2		 2018-05-25 -
2020-05-25		 2 years crt.sh
*.mantisadnetwork.com
Amazon		 2019-04-21 -
2020-05-21		 a year crt.sh
*.adtech.advertising.com
DigiCert SHA2 High Assurance Server CA		 2018-05-22 -
2020-05-26		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2019-07-17 -
2020-03-09		 8 months crt.sh
*.sharethrough.com
Amazon		 2019-10-07 -
2020-11-07		 a year crt.sh
connectad.io
CloudFlare Inc ECC CA-2		 2019-07-18 -
2020-07-17		 a year crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
*.3lift.com
Amazon		 2019-07-17 -
2020-08-17		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
www.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2018-10-12 -
2020-12-13		 2 years crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2018-01-26 -
2020-04-16		 2 years crt.sh
*.ad4m.at
AlphaSSL CA - SHA256 - G2		 2017-09-13 -
2020-09-13		 3 years crt.sh
*.redintelligence.net
Go Daddy Secure Certificate Authority - G2		 2019-03-22 -
2020-03-22		 a year crt.sh
*.doubleverify.com
DigiCert ECC Secure Server CA		 2019-01-22 -
2020-01-22		 a year crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2019-01-25 -
2020-04-25		 a year crt.sh
*.ad4mat.net
AlphaSSL CA - SHA256 - G2		 2019-08-06 -
2021-09-08		 2 years crt.sh
sni240393.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-09-21 -
2020-03-29		 6 months crt.sh
ad.zanox.com
Thawte RSA CA 2018		 2019-06-17 -
2021-07-16		 2 years crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2019-03-22 -
2020-06-20		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2019-04-23 -
2020-02-19		 10 months crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2017-03-22 -
2020-03-22		 3 years crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2017-06-14 -
2020-06-18		 3 years crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh

This page contains 89 frames:

Primary Page: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Frame ID: E734410376E5AD5BD710505B8E179B33
Requests: 240 HTTP requests in this frame

Frame: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Frame ID: C779C813425CAF5EF11DF4026DD6AF20
Requests: 26 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v27/cmp-3pc-check.html
Frame ID: 21CCF0406BDDAB714F6C4CE13880EB3F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191114/r20190131/zrt_lookup.html
Frame ID: E2A36C2CD79E477EB8FBEBF6DAF374B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1574616885&rafmt=9&psa=0&guci=1.2.0.0.2.2.0.0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1574781590647&bpp=36&bdt=382&fdt=423&idt=424&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&correlator=4892836072971&frm=20&pv=2&ga_vid=2081853526.1574781591&ga_sid=1574781591&ga_hid=1714546185&ga_fc=0&iag=0&icsg=10995118907392&dssz=45&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=4340&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=1448605548268930&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=RWWBNd8GHc&p=https%3A//www.bleepingcomputer.com&dtd=468
Frame ID: 607CFBDEDE8434FCA7F05A30919C27C5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1574616885&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A34635776&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1574781590941&bpp=10&bdt=676&fdt=302&idt=302&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=4892836072971&frm=20&pv=1&ga_vid=2081853526.1574781591&ga_sid=1574781591&ga_hid=1714546185&ga_fc=0&iag=0&icsg=43980476129280&dssz=48&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=1448605548268930&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=316
Frame ID: 43E98ED51D57C060CDF73A5F906AF899
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_855affef.js
Frame ID: 0BA30EF23D14DB22794212F046A6B9B8
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781592334%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781592334&type=js
Frame ID: 3B967F4874F32FA07E8EEC0AC2D00569
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Frame ID: F9D5AB2E79F5C7088A59EEC8D2019D53
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Frame ID: 35609CA7AE7A42C97E290F105B8939BF
Requests: 22 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Frame ID: DE52B79CADC7BEA9EEFF901F645A195B
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuR7r33mMVi62EjbzQkHeC8SCjUuVa2NkK8vN3PV2ZP_mWwKw92rJVRKvLlUuazCWBR18N-xcRP-knj1hbVi4itrI5CCh_Q-B3ARjm4WKmdxTNb7cOgkTG4isiES35jbWN8hz2uQn0yhMjy7pkQohMu-f-brscBeHdG6cilQSk_9DArbmyHJ1QPXsb3HKZNketkQXQQ7oEzMbOXk-9Lc6pt7LPyN62hOBwWKSzH9IJ_tzhdZf-wYVIVhdF-Fkf_Khbl2xMI-BvsWIQ9w04mXc8tQKgRg4eW0zwj&sig=Cg0ArKJSzMGA63Aqt2AgEAE&urlfix=1&adurl=
Frame ID: F613FE462B988F2AF12EF4E1B9CE6C03
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_855affef.js
Frame ID: 87B235E812FE71469CD237E91F1EEB7B
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781593560%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781593560&type=js
Frame ID: 50ADA6E9B3AECA7913016EE7A062A048
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGng0NEP65r2hmNXWpomwidk3Dztjh3jfW0OZJFqzbmjFD2uEGIBDtdPUwxQuyErXyjl_uEm_tDahtL6-lxPXOMgcQl0BJ53xZHPt6RLemuBNSyA6k_9qKLCqkufAVdJBdK7gkJ0J7FRKKzESEm7BLFBaV8Ge3tJjyba_0MKsEgHmcJJjBZcidZnKu1U-CHYG5hK4gdXCpxGThQBvg3kB_kqKTHKcBKeKhL6oM7TgQr3xveYBW7sbAdZ_PfkPH_ZjFLLhNm1xh7K4fw2SZzc11K2HWsgLDJdspY_3jV2ebYADe7DpZTF232MK3bC3A&sai=AMfl-YTe4HrR8ywsFtIXeIftRW40YUocfqCDY5sIF1f_ke5irOtJ8cp2uPr7InuEfqBbtW7t0MJebZTQ554rmFqCLkaoZRX7Js-briIHhmcYig&sig=Cg0ArKJSzOojqmB0zOdhEAE&urlfix=1&adurl=
Frame ID: EAF6C316D0392FC49AC4C59477DB2DE5
Requests: 11 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Frame ID: 115A02C4F96B1787E27832345BEE6552
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIyOeoJllLKynciBQFBsySXFn0UgXdCO7lVpjvL984CqJwZBn8D6705LJR8MVCcvUBb9rq3sEAsA5FQvZIHpqbSB0ov_WCMQq9nOU2ntEQW4fNl8LJE4o5faIfdFODuV4be35aAkf3D23qIV-ShaFMHYZ5iI_SlSGmiWOVZtZLadkGdYly97LhkeyxOmQoBu2hcoRKMhpI3EmrzcbHhAY1pVElMt68OPCFWVljT09G-Jr-_2vkKf16I8FkJOpbwaFU1Ym0o5PoEylpwfmq3Q5QUqPNyqWbN04Fwar0mK9D4LacjCHIWxlNOGZVwz8FbHQaczkxAw&sai=AMfl-YQ3hMxA3mJj9aFGC-d24W2SKyeQZSbchTHhHeExnia7SuXYjCxlDEyYTTIJePI_8iWOwWOYjRc5srzM_CooLJWKCU48j2t55kBnFp30&sig=Cg0ArKJSzP0T8lsKtuczEAE&urlfix=1&adurl=
Frame ID: 9F21FA3D60F84CAF5EE23D80D675E51E
Requests: 13 HTTP requests in this frame

Frame: https://a3226.casalemedia.com/ifnotify?gdprconsent=1&c=1323445&r=DE09D07F&t=5DDD4299&u=WGQxQ21ibFFKc01BQUctTElka0FBQUVX&m=fccb7995cb8e608ee4db3df4c7563ba4&wp=11&aid=85E9D6464D6F786F&tid=15063&s=6015A&cp=0.17&n=www.bleepingcomputer.com&pr=xx&epr=190bd774ae338ab6
Frame ID: 1A04FE8342FD31471580E9D42D70FAE5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: DD033A2110B070DB84B7DA650312EC90
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 6B4E7949928A984D7F1C6DF053E38F2C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvf6vx2b-vRkeB0-csJHamoaq2V0T9d8ic1JZye_pCo9bRWmW5_RcQewlcuqbcM2oUP9_Fs0_br1KCtqxTvyBRyvVyEAM3FOjnZ_pcDzupORs6q1G5KC73WMBqL7fo9QZhKnWqW_IjRxRene7pmG8S7LjoHBLAf6CUoudfaG8_fMETD4WJpzbjUYOXKZhV2J3hyTJu0Xp0MFU2u9GJwcS3sTw-t7xv6JJeHofC96Kk34hEdY3TS6tL8HxVi-Q8tH2du-csB4WMrnUbXRNuCG-BXMJ8W8HUF1C2ddHwW-Kr_xkSjNskx8L--VV1H7Qz3H1UUMA2t&sai=AMfl-YQShr6i23XdbdqL8Ud5D3G3mxHmlEkbSC_EZcirsVM5YlSO2qeE0agzaRe58PxYWZ3GdA-Uwqatd4DpdTlp0Ai70Ufx7ZJ0PoF9y77mTQ&sig=Cg0ArKJSzI3kd_JB0Ra1EAE&urlfix=1&adurl=
Frame ID: F682F8CD90254DCF5A0291DBF6CB0FBA
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYvoaTYjAB&v=APEucNUpfb2L-Zy30pcLRdDbCIgv2QiDAVNVSomnUcl73SpSzFBEN-kZItF9T7URCmIxji7Pqj6zhSAsPonLr50fwmi9gtjbng
Frame ID: 7BA978E51C3FA6C4FD84D0EE2FA55D80
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: C91947C41C2D7DBC5955546409AE3B90
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B6C7E1AEA9178316BBD4490CD7846826
Requests: 1 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=1325175&adType=10&adServerId=243&kefact=0.025365&kaxefact=0.025365&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1574781593&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.026522&dcId=3&tldId=59673386&passback=0&svr=BID22385U&ekefact=mULdXRU8AgDInXmjZiiCzQT7fFql0KZ6mnYP7rXP2cGCoh0Q&ekaxefact=mULdXSo8AgCUuqVL5UpE9eDuu_hDM52ivBp9wRB8mJ5xxJF4&ekpbmtpfact=mULdXTs8AgDtss272QcaAN5Hi_EX2PBnX7WhmrUs0sv8-_5V&crID=205833022&lpu=tui.com&ucrid=14720995887849602671&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=837458&wDspId=80&wbId=3&wrId=0&wAdvID=15272&isRTB=1&rtbId=330182AF-7305-4D7A-B99D-76FD427CCDA4&imprId=81B86CED-CF2C-4A1D-9305-F4E1E320B82F&oid=81B86CED-CF2C-4A1D-9305-F4E1E320B82F&cntryId=58&domain=bleepingcomputer.com&pageURL=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&sec=1
Frame ID: A526FFE4C7EB92F3A11D538BB9C6F02E
Requests: 1 HTTP requests in this frame

Frame: https://www.vehiculum.de/leasing/htlp/awin.html
Frame ID: B4BC3B12D7D7E6E11B0798078920F601
Requests: 1 HTTP requests in this frame

Frame: https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq17808558126014947841463036549257yb5yb7T2634429021555158016&dyn_id=
Frame ID: CAD83786E090E1B783A9DEA5336B9A46
Requests: 1 HTTP requests in this frame

Frame: https://hal900021.redintelligence.net/request_content.php?s=71005200101434701049096011059021&a=ab2ff42f
Frame ID: B55C8627BC232A1CD9FDD0B3AB100398
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements296.js
Frame ID: 0B78ED4FF9B8CCFBC5517CDC617A46E4
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7B7009CB51D8C65FBABC0934EA35B253
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4008758915087990784/index.html?e=69&leftOffset=0&topOffset=0&c=oGqNLNrRYd&t=1&renderingType=2
Frame ID: E21D0F613C7AB5C8FB2FD059B3AB3ED7
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/t2tv7.html
Frame ID: 97784A16B4FAA6AB0901F64267452FD2
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/rar?a=14044%2C12866%2C825&b=oneid925fMfmfYk4UKHBH2t7tVK4tgoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc%2ConeidX3ZFzfrfd17t6H4HetqtD29UAoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc%2ConeidggJT8frfjmhPHbH8t5tV4WF6oneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc&f=oneid1pACbfKfYwQU9HdH9tpC89zUMoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc%2ConeidejVa3fVfDGVCjHZHet2CWxksMoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc%2ConeidBJEUgfPfDkSxH6H3tgC4xAHzoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc&c=728&d=90&e=3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlk&g=84d30309953ff652d5c54c84a44f52f5%2F528350148830607122&i=25007%2C18122%2C11787&j=16%2C16%2C16&k=0&l=0&m=0&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D32050304%3Bcrtbwp%3DCF3C904FD9876181%3Bcrtbdata%3DXByNXCr87TASCfYZDSd2aXD5LT7d0wqYoSo8dDYZwNKwxj6VO89j9y1bsJMJNdgOp6nyIZ7AtHjBL2TLNDMgXsrsk0kkM8v497eWfFsDo_J4VLtl1qLXrZpAnvhgEYycikSyMY6XAlx0ELgKAZ-7-Tnj9pbYx5k-5l_VyMI_ww38vamEe6zchVRZHGYYsQT96_2LLUaPoiyQ48MNLdwN30T1KcrmH9IaMYiAYMx2S_bJpCnPsKnUhZLGUUHwoP9PdMgmc-9YsbE2brh1j-uzd7ut6wIJPUaw07p9AVkl_NWhLWf8uBWALODtcivAb94qYctqD52uXjpAV22M5CLR6AY_XY_D3lCi0%3Badfibeg%3D0%3Bcdata%3DJ6d1_gXBzQJNkoim8y32RgwRZGuFuL6pEx14g_hcwfpYBRXMc3-0AkKr1ztCzqheMrfXzzOMYt7gkvlIUh1_kx_pykNs07OXWzM2hOoE-0pS_GAZHSfv6kIBxy2nlfNLVL8X2O1t7uRqfceJ1CAz6VvC1O7lHHkIYC115S7qaP6W9GQvIDz6H21bgpSzATcgwhQlFUANFuN4Hk6_OJrp-oBKux_0fvDDHDiC3SsNMbT94cYkuPdDRa4WrCE8ovGn1lqp0K3JBHU1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.bleepingcomputer.com%252fnews%252fsecurity%252fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
Frame ID: B9F7DBC48F5A8396740C5B1D3FEC0C07
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_855affef.js
Frame ID: 2CFC7064A614DAE4EEF4220FD70AF770
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781596451%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781596451&type=js
Frame ID: E17F85ECCF222BEC1B13CCC0C61085DD
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Frame ID: A3936855598A5620D77202FE9647225F
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_855affef.js
Frame ID: 128F3EA00162D7E1BB660BFF2E348DD1
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781597878%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781597878&type=js
Frame ID: 3E274DAEB7D34211574F9BD07219EC6F
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Frame ID: AC2E24E059AA87779A460EE5FBCFFBE0
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_855affef.js
Frame ID: 5A7546A10B4F34FFE77EA14B157CE0DA
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781598512%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781598512&type=js
Frame ID: A91B6F4F58EADB2B6295433401EE3BF7
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Frame ID: 39A200CD51B55AB0042B6126C7069C13
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_855affef.js
Frame ID: F7239870090CEA341A8478736805A354
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781599404%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781599404&type=js
Frame ID: E0F8F84D9349180A3D3D8B84748B0816
Requests: 4 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: FCACB40B1441C80AAB08EA52DD33476A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 917F3C46950B1C1F3146059C1C4AA06B
Requests: 1 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-60&buster=1574781593750&secure=true&version=9&mobile=false&uuid=393ecb8b-ee41-42d4-a9ba-33fdc65f8e5a&title=Silly%20Phishing%20Spotlight%3A%20Login%20to%20Unblock%20Microsoft%20Excel&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F
Frame ID: 4748B74B37483B65673943E20DBF75F0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 8FBCC907C2EA420DCEDEFC5CD9F81CD9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 60F75D4F49413890D6900EBD2151202C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 6C9FE8154D0A887BF5C8C4BCF0845E06
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 6C3634567EDB87C80BA224F2EC8841B2
Requests: 1 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-60&buster=1574781593286&secure=true&version=9&mobile=false&uuid=393ecb8b-ee41-42d4-a9ba-33fdc65f8e5a&title=Silly%20Phishing%20Spotlight%3A%20Login%20to%20Unblock%20Microsoft%20Excel&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F
Frame ID: A84660F20A1668E7D0DB2E29CD5CD9D9
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 92B5F3AD2508D45997EB70312BCD9787
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: F7BB878A95FF9610AC19AE9862F733C7
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: E2ED52841AABD02CFA221AC5A25C5630
Requests: 1 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-60&buster=1574781593858&secure=true&version=9&mobile=false&uuid=393ecb8b-ee41-42d4-a9ba-33fdc65f8e5a&title=Silly%20Phishing%20Spotlight%3A%20Login%20to%20Unblock%20Microsoft%20Excel&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F
Frame ID: DA90F6F34CC3FAD5A8C64FFBE0DE29C6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 540439998C163AC21BB8CB0A281B9702
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 7FC9A949963040D456FE823E4DA2AFFB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 41AEB3E69C6B05A9264072DC2FA2952C
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: A4DD0D42674D0AE469AA23073D191593
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: CFB9E9BDA3FE552680BCF0FC18BB5502
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 6F4185BABECAF5126CC5C9E2E1EDD80B
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: B898B3ABD50C8E985EE6FB62BD4DB2FB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 8619252941D44B4866D19DD9030D41AF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 806E9B9714CC1A0DFEB27F4B9D03BAB3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 492E5073D7B9C07FA250F560702E0734
Requests: 1 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-60&buster=1574781593993&secure=true&version=9&mobile=false&uuid=393ecb8b-ee41-42d4-a9ba-33fdc65f8e5a&title=Silly%20Phishing%20Spotlight%3A%20Login%20to%20Unblock%20Microsoft%20Excel&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F
Frame ID: 2C02082A8D6A9B8B7AA33FA8B42E5279
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 6C2B67B7C450EBABD64F17C7A7E0055A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: DCEC5748AE28EE2982E9C4C4EA535728
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Frame ID: B2CE34F623BC677F1DA9163D98077589
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: B4F39DB43FDDE556B7A82B2C96623D56
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 543A2138034B61AE240223E6AA74B5C5
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: D3DD9DB8E920E3423BEA8C379E18A321
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Frame ID: 05593FC4D1BE350046AAFF241FD19F17
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Frame ID: 54941E81BB5976616409CB36C935304B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 85C863A0D25E66BD0E2FC0A79C4AD826
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 8ACDAE7AD42862C757615AFDE4B9194F
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Frame ID: 3BCBD55F97112FFD0FB85EACE2E28D83
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 2B34F6843D4C6CFE7A9C1C62BB987CAE
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Frame ID: 817316E5DB590D26FAD0F98E46B2187F
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_855affef.js
Frame ID: B0E370D9EBEA5FF5FF1B0D61138304A6
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781601304%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781601304&type=js
Frame ID: 5A3CFBBDABBFAAF27C12D1A0C879FF68
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Frame ID: C5D86A6EDA3551EE0F68B79542D86D44
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_855affef.js
Frame ID: 543C6708E0BC61F3B5BC7B9D59130BD9
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781603025%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781603025&type=js
Frame ID: 58AEA3EB59180051D2682B96D106BCC0
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Frame ID: FA0CB8AD2A73BCB6FE886A08D52A6DE9
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_855affef.js
Frame ID: 87745E8C45D82C7658DAF68B7A009865
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781603587%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781603587&type=js
Frame ID: D6316B752105FC95098BF66EDF3A774D
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Frame ID: 263E70FCF5655A92E17F91042934DA8C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

480
Requests

99 %
HTTPS

28 %
IPv6

56
Domains

103
Subdomains

91
IPs

9
Countries

4903 kB
Transfer

14453 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 302
  • https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
Request Chain 86
  • https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=95a2c5ca41fbb1a3640a1574781591944&vwd=834&vht=469&gdpr=1&gdpr_consent=0 HTTP 302
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=95a2c5ca41fbb1a3640a1574781591944&vwd=834&vht=469&gdpr=1&gdpr_consent=0
Request Chain 90
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=95a2c5ca41fbb1a3640a1574781591944&vwd=834&vht=469&gdpr=1&gdpr_consent=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Request Chain 91
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBw3skBUP3AH-L9cXrB-UI4&google_cver=1
Request Chain 131
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13417a9dface4a1e;misc=1574781592957; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13417a9dface4a1e;misc=1574781592957
Request Chain 132
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1355d426a2a74ac1;misc=1574781592958; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1355d426a2a74ac1;misc=1574781592958
Request Chain 133
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1366674a2593e657;misc=1574781592958; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1366674a2593e657;misc=1574781592958
Request Chain 134
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1378a3199620e992;misc=1574781592958; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1378a3199620e992;misc=1574781592958
Request Chain 135
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13893eaceff5f078;misc=1574781592958; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13893eaceff5f078;misc=1574781592958
Request Chain 136
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=139770658ddba071;misc=1574781592958; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=139770658ddba071;misc=1574781592958
Request Chain 137
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=14041b6bd4ab4b2;misc=1574781592958; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=14041b6bd4ab4b2;misc=1574781592958
Request Chain 138
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1412b34443b0975c;misc=1574781592958; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1412b34443b0975c;misc=1574781592958
Request Chain 139
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=142851be9df324bc;misc=1574781592958; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=142851be9df324bc;misc=1574781592958
Request Chain 140
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1438a11ec487c2d3;misc=1574781592958; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1438a11ec487c2d3;misc=1574781592958
Request Chain 141
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1447564c0f4dd858;misc=1574781592958; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1447564c0f4dd858;misc=1574781592958
Request Chain 166
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1355d426a2a74ac1;misc=1574781592958 HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1A3223e978-1060-11ea-beba-12244f280cb6;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=1355d426a2a74ac1;misc=1574781592958
Request Chain 167
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1366674a2593e657;misc=1574781592958 HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A32241c7c-1060-11ea-9a52-12d2f833f2cc;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1366674a2593e657;misc=1574781592958
Request Chain 168
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1412b34443b0975c;misc=1574781592958 HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;apid=1A3224008e-1060-11ea-b12e-1248c7260bf4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1412b34443b0975c;misc=1574781592958
Request Chain 169
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13893eaceff5f078;misc=1574781592958 HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1A322407f0-1060-11ea-847b-1279d50753f0;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=13893eaceff5f078;misc=1574781592958
Request Chain 170
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13417a9dface4a1e;misc=1574781592957 HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1A32240a0c-1060-11ea-9ded-12dbe8ba47fa;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13417a9dface4a1e;misc=1574781592957
Request Chain 171
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=14041b6bd4ab4b2;misc=1574781592958 HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;apid=1A322442ec-1060-11ea-bcd5-127f7115e3c4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=14041b6bd4ab4b2;misc=1574781592958
Request Chain 172
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1378a3199620e992;misc=1574781592958 HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1A322405de-1060-11ea-bfcc-12e650fea264;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=1378a3199620e992;misc=1574781592958
Request Chain 173
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1438a11ec487c2d3;misc=1574781592958 HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;apid=1A32241128-1060-11ea-b647-121c10c2940c;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1438a11ec487c2d3;misc=1574781592958
Request Chain 174
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=139770658ddba071;misc=1574781592958 HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A32244d8c-1060-11ea-8442-127f7115e3c4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=139770658ddba071;misc=1574781592958
Request Chain 175
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1447564c0f4dd858;misc=1574781592958 HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;apid=1A3224546c-1060-11ea-b73b-12d220623a1c;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1447564c0f4dd858;misc=1574781592958
Request Chain 176
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=142851be9df324bc;misc=1574781592958 HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A32248f40-1060-11ea-97f5-120b32d93760;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=142851be9df324bc;misc=1574781592958
Request Chain 239
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.254854372;dc_trk_aid=454091777;dc_trk_cid=123175425;ord=2989050072;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.254854372;dc_pre=CLTW9MuWiOYCFc2rewods7kDDw;dc_trk_aid=454091777;dc_trk_cid=123175425;ord=2989050072;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 277
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=27564ab203cb0c5;misc=1574781593777; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=27564ab203cb0c5;misc=1574781593777
Request Chain 278
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=2764459048259848;misc=1574781593777; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=2764459048259848;misc=1574781593777
Request Chain 283
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 284
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 285
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=27564ab203cb0c5;misc=1574781593777 HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;apid=1A3290780e-1060-11ea-8daf-1200a56dfbc2;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=27564ab203cb0c5;misc=1574781593777
Request Chain 286
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=2764459048259848;misc=1574781593777 HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;apid=1A329053b0-1060-11ea-a62f-12f0dd10f918;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=2764459048259848;misc=1574781593777
Request Chain 332
  • https://hal900021.redintelligence.net/request.php?zone=kz7wypcm3ihf&nw=20&renderingType=javascript&namespace=5254cd544b&subid=&uid=92b7db68fb3ee649&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3792631268225583001%26mt_id%3D6864062%26mt_adid%3D216536%26mt_sid%3D4802372%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3D9c195ddd-429a-4101-8a30-a9035036d060%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ancestorOrigins=https%3A%2F%2Fwww.bleepingcomputer.com&random=1036848775172&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900021.redintelligence.net/request.php?zone=kz7wypcm3ihf&nw=20&renderingType=javascript&namespace=5254cd544b&subid=&uid=92b7db68fb3ee649&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3792631268225583001%26mt_id%3D6864062%26mt_adid%3D216536%26mt_sid%3D4802372%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3D9c195ddd-429a-4101-8a30-a9035036d060%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ancestorOrigins=https%3A%2F%2Fwww.bleepingcomputer.com&random=1036848775172&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 341
  • https://www.awin1.com/cshow.php?s=2335133&v=16039&q=356706&r=296283&pref1=71005200101434701049096011059021&pv=1 HTTP 302
  • https://www.vehiculum.de/leasing/htlp/awin.html
Request Chain 342
  • https://ad.zanox.com/tpv/?45475836C666538628T&zpar0=71005200101434701049096011059021 HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=91C09AA007C123F60FDC6F5FD61F1F1B&dt_subid1=45475836C666538628SV1yq17808558126014947841463036549257yb5yb7T2634429021555158016&dt_subid2=&actionid=879111&produktid=postbankratenkredit&dt_url=https%3A%2F%2Fad.zanox.com%2Fppv%2Fimages%2Fonepixel.gif%3Ffoo%3D45475836C666538628SV1yq17808558126014947841463036549257yb5yb7T2634429021555158016 HTTP 301
  • https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq17808558126014947841463036549257yb5yb7T2634429021555158016&dyn_id=
Request Chain 345
  • https://ad.zanox.com/ppv/?45475836C666538628&zpar0=71005200101434701049096011059021 HTTP 302
  • https://ad.zanox.com/ppv/images/onepixel.gif
Request Chain 357
  • https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=732d81ca31a412892b961574781594912&vwd=834&vht=470&gdpr=1&gdpr_consent=0 HTTP 302
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=732d81ca31a412892b961574781594912&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Request Chain 362
  • https://ad4m.at/rs?a=&b=49&c=700&d=3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlk&e=728&f=90&g=1&h=adf01awindc&i=&j=1039&k=1&l=&m=&n=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D32050304%3Bcrtbwp%3DCF3C904FD9876181%3Bcrtbdata%3DXByNXCr87TASCfYZDSd2aXD5LT7d0wqYoSo8dDYZwNKwxj6VO89j9y1bsJMJNdgOp6nyIZ7AtHjBL2TLNDMgXsrsk0kkM8v497eWfFsDo_J4VLtl1qLXrZpAnvhgEYycikSyMY6XAlx0ELgKAZ-7-Tnj9pbYx5k-5l_VyMI_ww38vamEe6zchVRZHGYYsQT96_2LLUaPoiyQ48MNLdwN30T1KcrmH9IaMYiAYMx2S_bJpCnPsKnUhZLGUUHwoP9PdMgmc-9YsbE2brh1j-uzd7ut6wIJPUaw07p9AVkl_NWhLWf8uBWALODtcivAb94qYctqD52uXjpAV22M5CLR6AY_XY_D3lCi0%3Badfibeg%3D0%3Bcdata%3DJ6d1_gXBzQJNkoim8y32RgwRZGuFuL6pEx14g_hcwfpYBRXMc3-0AkKr1ztCzqheMrfXzzOMYt7gkvlIUh1_kx_pykNs07OXWzM2hOoE-0pS_GAZHSfv6kIBxy2nlfNLVL8X2O1t7uRqfceJ1CAz6VvC1O7lHHkIYC115S7qaP6W9GQvIDz6H21bgpSzATcgwhQlFUANFuN4Hk6_OJrp-oBKux_0fvDDHDiC3SsNMbT94cYkuPdDRa4WrCE8ovGn1lqp0K3JBHU1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.bleepingcomputer.com%252fnews%252fsecurity%252fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%252f%3BC%3D1%3Bcpdir%3D&o=0&p=0 HTTP 307
  • https://ad4m.at/ad/rar?a=14044%2C12866%2C825&b=oneid925fMfmfYk4UKHBH2t7tVK4tgoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc%2ConeidX3ZFzfrfd17t6H4HetqtD29UAoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc%2ConeidggJT8frfjmhPHbH8t5tV4WF6oneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc&f=oneid1pACbfKfYwQU9HdH9tpC89zUMoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc%2ConeidejVa3fVfDGVCjHZHet2CWxksMoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc%2ConeidBJEUgfPfDkSxH6H3tgC4xAHzoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc&c=728&d=90&e=3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlk&g=84d30309953ff652d5c54c84a44f52f5%2F528350148830607122&i=25007%2C18122%2C11787&j=16%2C16%2C16&k=0&l=0&m=0&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D32050304%3Bcrtbwp%3DCF3C904FD9876181%3Bcrtbdata%3DXByNXCr87TASCfYZDSd2aXD5LT7d0wqYoSo8dDYZwNKwxj6VO89j9y1bsJMJNdgOp6nyIZ7AtHjBL2TLNDMgXsrsk0kkM8v497eWfFsDo_J4VLtl1qLXrZpAnvhgEYycikSyMY6XAlx0ELgKAZ-7-Tnj9pbYx5k-5l_VyMI_ww38vamEe6zchVRZHGYYsQT96_2LLUaPoiyQ48MNLdwN30T1KcrmH9IaMYiAYMx2S_bJpCnPsKnUhZLGUUHwoP9PdMgmc-9YsbE2brh1j-uzd7ut6wIJPUaw07p9AVkl_NWhLWf8uBWALODtcivAb94qYctqD52uXjpAV22M5CLR6AY_XY_D3lCi0%3Badfibeg%3D0%3Bcdata%3DJ6d1_gXBzQJNkoim8y32RgwRZGuFuL6pEx14g_hcwfpYBRXMc3-0AkKr1ztCzqheMrfXzzOMYt7gkvlIUh1_kx_pykNs07OXWzM2hOoE-0pS_GAZHSfv6kIBxy2nlfNLVL8X2O1t7uRqfceJ1CAz6VvC1O7lHHkIYC115S7qaP6W9GQvIDz6H21bgpSzATcgwhQlFUANFuN4Hk6_OJrp-oBKux_0fvDDHDiC3SsNMbT94cYkuPdDRa4WrCE8ovGn1lqp0K3JBHU1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.bleepingcomputer.com%252fnews%252fsecurity%252fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
Request Chain 363
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=732d81ca31a412892b961574781594912&vwd=834&vht=470&gdpr=1&gdpr_consent=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Request Chain 364
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPPjdcOQuaCkaslC3-JeBaQ&google_cver=1
Request Chain 378
  • https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=db827bebccf3a83986621574781597804&vwd=834&vht=470&gdpr=1&gdpr_consent=0 HTTP 302
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=db827bebccf3a83986621574781597804&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Request Chain 379
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=db827bebccf3a83986621574781597804&vwd=834&vht=470&gdpr=1&gdpr_consent=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Request Chain 380
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
Request Chain 420
  • https://ib.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 427
  • https://ib.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync
Request Chain 430
  • https://ib.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync
Request Chain 437
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Request Chain 441
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Request Chain 442
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Request Chain 446
  • https://ib.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync
Request Chain 450
  • https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&gdpr_consent=&uid=alS0h2sCsdNyAejRawP9hTwJ49ByBeDaalP5bxrk

480 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/ 		62 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.60.209 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e551f32a07496f7eaf97cb41190c0fb4c99a8e162f49677361e1aa9fd66fb39d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.bleepingcomputer.com
:scheme
https
:path
/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Tue, 26 Nov 2019 15:19:50 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=db3a9e9b7951ee49baf96ea876a6013db1574781589; expires=Thu, 26-Dec-19 15:19:49 GMT; path=/; domain=.bleepingcomputer.com; HttpOnly; Secure session_id=16172df005a229697053c824e190502e; path=/; domain=.bleepingcomputer.com; httponly;Secure lav=7271; expires=Thu, 26-Dec-2019 15:19:50 GMT; Max-Age=2592000; path=/;Secure
content-security-policy
upgrade-insecure-requests;
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
last-modified
Sun, 24 Nov 2019 17:34:45 GMT
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
53bcd7c73b49d6c9-FRA
content-encoding
br
css
fonts.googleapis.com/ 		14 KB
897 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d229886fc63edf6b95865ad6a9e90b589ca7585d2203bc61b69f73f61f746830
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 26 Nov 2019 15:19:50 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 26 Nov 2019 15:19:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:50 GMT
bootstrap.css
www.bleepstatic.com/css/redesign/ 		111 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/bootstrap.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
content-encoding
br
cf-cache-status
HIT
age
2154557
cf-polished
origSize=137522
status
200
cf-bgj
minify
last-modified
Fri, 23 Sep 2016 14:33:06 GMT
server
cloudflare
etag
W/"2184297232"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
53bcd7cb79d5cbc4-VIE
expires
Fri, 01 Nov 2019 16:48:04 GMT
main.css
www.bleepstatic.com/css/redesign/ 		51 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9e727b37a735a7983ea8bdad06a38b246261c239bb80b86cc0ff3663c910adb

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
content-encoding
br
cf-cache-status
HIT
age
2085035
cf-polished
origSize=60842
status
200
cf-bgj
minify
last-modified
Thu, 16 Aug 2018 15:28:40 GMT
server
cloudflare
etag
W/"4249134023"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
53bcd7cb79d7cbc4-VIE
expires
Sat, 02 Nov 2019 12:08:26 GMT
home.css
www.bleepstatic.com/css/redesign/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/home.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
content-encoding
br
cf-cache-status
HIT
age
2999006
cf-polished
origSize=14998
status
200
cf-bgj
minify
last-modified
Sat, 24 Mar 2018 16:18:00 GMT
server
cloudflare
etag
W/"2402535603"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
53bcd7cb79d8cbc4-VIE
expires
Tue, 26 Nov 2019 22:16:24 GMT
news.css
www.bleepstatic.com/css/redesign/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/news.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d44b93a0af159f0d547d7ec89e9227a5667ce1171bc630e6fbf79dae0e596e2d

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
content-encoding
br
cf-cache-status
HIT
age
37354
cf-polished
origSize=32905
status
200
cf-bgj
minify
last-modified
Tue, 26 Nov 2019 02:56:16 GMT
server
cloudflare
etag
W/"400467278"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
53bcd7cb79dbcbc4-VIE
expires
Tue, 31 Dec 2019 04:57:16 GMT
jquery-1.11.1.min.js
www.bleepstatic.com/js/redesign/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/jquery-1.11.1.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Apr 2015 12:36:44 GMT
server
cloudflare
age
654
etag
W/"3647451394"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=3024000
cf-ray
53bcd7cb79ddcbc4-VIE
access-control-allow-origin
*
expires
Fri, 22 Nov 2019 22:26:19 GMT
news.js
www.bleepstatic.com/js/redesign/ 		183 B
250 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/news.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
content-encoding
br
cf-cache-status
HIT
age
609
cf-polished
origSize=247
status
200
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 15:41:46 GMT
server
cloudflare
etag
W/"4218930423"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
53bcd7cb79decbc4-VIE
expires
Fri, 22 Nov 2019 22:32:25 GMT
connatix.renderer.infeed.min.js
cdn.connatix.com/min/ 		957 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Varnish /
Resource Hash
aebd03bb3b7ce36e1a2d313b192072e8ef4fcbcc397a1365c613a02e4b4dc93f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
via
1.1 varnish
server
Varnish
age
0
x-cache
HIT
content-type
application/javascript
status
200
x-referer-host
bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
x-cache-hits
0
accept-ranges
bytes
x-timer
S1574781590.295240,VS0,VE0
content-length
957
retry-after
0
x-served-by
cache-fra19168-FRA
qc-consent.js
www.bleepstatic.com/js/qc-consent/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b6a84a416edfb98ed7608dad8cd26ffd7123e54bce2bb13a4a3394e0b948382

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
content-encoding
br
cf-cache-status
HIT
age
2188755
cf-polished
origSize=3848
status
200
cf-bgj
minify
last-modified
Thu, 07 Feb 2019 13:49:44 GMT
server
cloudflare
etag
W/"3981350888"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
53bcd7cb9a58cbc4-VIE
expires
Thu, 31 Oct 2019 14:44:47 GMT
js
www.googletagmanager.com/gtag/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4cae697d304b6cae1bb457589d549ec39239ca1d1e32bd7201200cb7562eeb32
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
content-encoding
br
last-modified
Tue, 26 Nov 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
27662
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:50 GMT
logo.png
www.bleepstatic.com/images/site/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/logo.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
cf-cache-status
HIT
age
56638
cf-polished
origFmt=png, origSize=1882
status
200
content-disposition
inline; filename="logo.webp"
cf-bgj
imgq:85
content-length
1152
last-modified
Sat, 04 Mar 2017 04:12:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
53bcd7cbeb45cbc4-VIE
expires
Wed, 25 Dec 2019 23:35:52 GMT
brand
cse.google.com/coop/cse/
Redirect Chain
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
  • https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
pfe /
Resource Hash
4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:12:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
pfe
age
427
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1181
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:42:43 GMT

Redirect headers

date
Tue, 26 Nov 2019 15:19:50 GMT
x-content-type-options
nosniff
server
sffe
location
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
266
x-xss-protection
0
pubfig.min.js
a.pub.network/bleepingcomputer-com/ 		438 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ba6d68a3b877b1f5607cf9600430eb206a22a09f1d32acbe0e51fd64ceb18fa

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
content-encoding
br
cf-cache-status
HIT
age
60
status
200
x-guploader-uploadid
AEnB2UqkpY-SdYr1Z5XXVDcIb8LF3uzBJ1YNgbU8sSfUskIOvQEt5iYVdWJNnGUjUc1jhcB4swAC3uZd7zhalYOhTC8Fs4VkrQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Mon, 25 Nov 2019 22:03:44 GMT
server
cloudflare
etag
W/"2e867f0aa51aed653faad16e9a32ca95"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=ErDy+w==, md5=LoZ/CqUa7WU/qtFumjLKlQ==
content-type
application/javascript
x-goog-generation
1574719424644840
cache-control
public, max-age=1800
x-goog-stored-content-length
448459
cf-ray
53bcd7cc2d16cbac-VIE
expires
Tue, 26 Nov 2019 15:19:50 GMT
fab.js
ecdn.analysis.fi/static/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.79.175.86 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
nb-178-79-175-86.london.nodebalancer.linode.com
Software
nginx/1.12.2 /
Resource Hash
a00d8ffa45611c04d84361ae0d37d38da8be0e11dfde738f4142a97f32b752eb

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 Nov 2019 15:21:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Jul 2015 00:00:00 GMT
Server
nginx/1.12.2
ETag
"55a5a280-390"
Content-Type
application/javascript
Cache-Control
max-age=3600
Connection
close
Content-Length
912
Expires
Tue, 26 Nov 2019 16:21:06 GMT
login_bg.png
www.bleepstatic.com/images/site/ 		126 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login_bg.png
Requested by
Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
cf-cache-status
HIT
age
480100
cf-polished
origFmt=png, origSize=187
status
200
content-disposition
inline; filename="login_bg.webp"
cf-bgj
imgq:85
content-length
126
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
53bcd7cbeb49cbc4-VIE
expires
Sat, 21 Dec 2019 01:58:10 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com

Response headers

date
Wed, 20 Nov 2019 05:05:44 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
555246
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Thu, 19 Nov 2020 05:05:44 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com

Response headers

date
Fri, 22 Nov 2019 04:03:04 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
386206
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11020
x-xss-protection
0
expires
Sat, 21 Nov 2020 04:03:04 GMT
connatix.renderer.infeed.min_dc.js
cdns.connatix.com/p/1822/min/ Frame C779 		719 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Requested by
Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
3c26cb7b4e0f2c4ced2f63250e4f05f15578b63e4c6476c2b01b62aef8d26bb7

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
content-encoding
gzip
age
8598
x-cache
HIT, HIT
status
200
content-length
191520
via
1.1 varnish, 1.1 varnish
x-served-by
cache-dca17738-DCA, cache-fra19168-FRA
last-modified
Tue, 26 Nov 2019 12:55:18 GMT
x-timer
S1574781590.400298,VS0,VE0
etag
"a413329a21b1fe2bc20e4740e9564d37"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
1, 537
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
nav_bg.png
www.bleepstatic.com/images/site/ 		72 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/nav_bg.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
cf-cache-status
HIT
age
1102122
cf-polished
origFmt=png, origSize=83
status
200
content-disposition
inline; filename="nav_bg.webp"
cf-bgj
imgq:85
content-length
72
last-modified
Sat, 04 Mar 2017 07:57:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
53bcd7cc2c00cbc4-VIE
expires
Fri, 13 Dec 2019 21:11:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		103 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
aa3a249cabad1f76bb1aa4325dee2bd1d9bdd736b6e07349344958162b1a0458
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37541
x-xss-protection
0
server
cafe
etag
5881864330447484035
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 26 Nov 2019 15:19:50 GMT
twitter.png
www.bleepstatic.com/images/site/login/ 		282 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login/twitter.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
cf-cache-status
HIT
age
1338247
cf-polished
origFmt=png, origSize=475
status
200
content-disposition
inline; filename="twitter.webp"
cf-bgj
imgq:85
content-length
282
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
53bcd7cc4c3bcbc4-VIE
expires
Wed, 11 Dec 2019 03:35:43 GMT
bootstrap.js
www.bleepstatic.com/js/redesign/ 		44 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bootstrap.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
content-encoding
br
cf-cache-status
HIT
age
653
cf-polished
origSize=65813
status
200
cf-bgj
minify
last-modified
Thu, 23 Apr 2015 12:36:43 GMT
server
cloudflare
etag
W/"3930092018"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
53bcd7cc4c3ccbc4-VIE
expires
Fri, 22 Nov 2019 22:32:26 GMT
blazy.min.js
www.bleepstatic.com/js/blazy/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/blazy/blazy.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Aug 2018 21:06:19 GMT
server
cloudflare
age
653
etag
W/"753357888"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=3024000
cf-ray
53bcd7cc4c38cbc4-VIE
access-control-allow-origin
*
expires
Fri, 22 Nov 2019 22:32:26 GMT
bleep.js
www.bleepstatic.com/js/redesign/ 		3 KB
895 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bleep.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
content-encoding
br
cf-cache-status
HIT
age
2330980
cf-polished
origSize=3600
status
200
cf-bgj
minify
last-modified
Mon, 01 Oct 2018 12:47:57 GMT
server
cloudflare
etag
W/"2696894447"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
53bcd7cc4c3dcbc4-VIE
expires
Wed, 30 Oct 2019 15:49:59 GMT
jquery.fancybox.js
www.bleepstatic.com/js/redesign/fancybox/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
content-encoding
br
cf-cache-status
HIT
age
2622407
cf-polished
origSize=48706
status
200
cf-bgj
minify
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"327140449"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
53bcd7cc4c3ecbc4-VIE
expires
Sun, 27 Oct 2019 06:52:21 GMT
fixto.min.js
www.bleepstatic.com/js/fixto/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/fixto/fixto.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 13 Jun 2015 21:34:42 GMT
server
cloudflare
age
2515251
etag
W/"1740214911"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=3024000
cf-ray
53bcd7cc4c3acbc4-VIE
access-control-allow-origin
*
expires
Mon, 28 Oct 2019 12:38:16 GMT
addthis_widget.js
s9.addthis.com/js/300/ 		349 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s9.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-21-36-164.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7c20e3e201e3d7c6821e907def1257deb544eb08578c7129b96d53bbf62d34e4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 30 Oct 2019 19:35:04 GMT
server
nginx/1.15.8
etag
"5db9e5e8-57446"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
status
200
cache-control
public, max-age=600
date
Tue, 26 Nov 2019 15:19:50 GMT
x-host
s9.addthis.com
content-length
114924
cmp.js
quantcast.mgr.consensu.org/ 		213 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/cmp.js
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ff1e65d5292ac70fa0ceaf87d04313c975d6299e212e0274d3d0362b218ccab8

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:05:56 GMT
content-encoding
gzip
last-modified
Mon, 25 Nov 2019 17:24:00 GMT
server
AmazonS3
age
963
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-meta-qc-ineu
True
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
R_X6TQa6GZU47N5UbTsMC8xc222EVA-IibX4P3qOFOS3PQ_52ta5Zg==
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
20x20-printer.png
www.bleepstatic.com/images/site/ 		422 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/20x20-printer.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
cf-cache-status
HIT
age
1100443
cf-polished
origFmt=png, origSize=824
status
200
content-disposition
inline; filename="20x20-printer.webp"
cf-bgj
imgq:85
content-length
422
last-modified
Sat, 03 Oct 2015 03:18:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
53bcd7cc4c56cbc4-VIE
expires
Fri, 13 Dec 2019 21:39:07 GMT
calendar.png
www.bleepstatic.com/images/site/ 		86 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/calendar.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b

Request headers

Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
cf-cache-status
HIT
age
502452
cf-polished
origFmt=png, origSize=129
status
200
content-disposition
inline; filename="calendar.webp"
cf-bgj
imgq:85
content-length
86
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
53bcd7cc4c58cbc4-VIE
expires
Fri, 20 Dec 2019 19:45:37 GMT
clock.png
www.bleepstatic.com/images/site/ 		252 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/clock.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21

Request headers

Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
cf-cache-status
HIT
age
496401
cf-polished
origFmt=png, origSize=1316
status
200
content-disposition
inline; filename="clock.webp"
cf-bgj
imgq:85
content-length
252
last-modified
Fri, 29 May 2015 07:08:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
53bcd7cc4c5acbc4-VIE
expires
Fri, 20 Dec 2019 21:26:29 GMT
comment-light.png
www.bleepstatic.com/images/site/ 		96 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/comment-light.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e

Request headers

Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
cf-cache-status
HIT
age
401
cf-polished
origFmt=png, origSize=1034
status
200
content-disposition
inline; filename="comment-light.webp"
cf-bgj
imgq:85
content-length
96
last-modified
Fri, 29 May 2015 07:08:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
53bcd7cc4c5ccbc4-VIE
expires
Sun, 17 Nov 2019 22:27:17 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com

Response headers

date
Thu, 21 Nov 2019 23:39:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
402036
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11180
x-xss-protection
0
expires
Fri, 20 Nov 2020 23:39:14 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
2773
date
Tue, 26 Nov 2019 14:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Tue, 26 Nov 2019 16:33:37 GMT
g
ck.connatix.com/ 		46 B
235 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ck.connatix.com/g?callback=cnxJSONP_ff21f83237bd842cdb9f1574781590565
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Varnish /
Resource Hash
5f3a171bdd417038e275b697b801b5c6d3e2a71f792fe02ba379f2558739a239

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
via
1.1 varnish
server
Varnish
age
0
x-cache
HIT
status
200
cache-control
no-cache, no-store, must-revalidate, max-age=0
x-cache-hits
0
accept-ranges
bytes
x-timer
S1574781591.590282,VS0,VE0
content-length
46
retry-after
0
x-served-by
cache-hhn4055-HHN
32x32-printer.png
www.bleepstatic.com/images/site/ 		256 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/32x32-printer.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
cf-cache-status
HIT
age
173831
cf-polished
origFmt=png, origSize=618
status
200
content-disposition
inline; filename="32x32-printer.webp"
cf-bgj
imgq:85
content-length
256
last-modified
Fri, 02 Oct 2015 21:57:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
53bcd7cd3e77cbc4-VIE
expires
Tue, 24 Dec 2019 15:02:38 GMT
21beb902b545b086a90ec39f1df36b94.jpg
www.bleepstatic.com/author/photos/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/author/photos/21beb902b545b086a90ec39f1df36b94.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
19e1dbba639ba68ceb71cdada9621e11d0aec6edba410971f1937d6cc4935b32

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
cf-cache-status
HIT
age
2569278
cf-polished
origSize=7617, status=webp_bigger
status
200
cf-bgj
imgq:85
content-length
7581
last-modified
Mon, 26 Oct 2015 17:15:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
53bcd7cd3e78cbc4-VIE
expires
Sun, 27 Oct 2019 21:33:09 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin
https://www.bleepingcomputer.com

Response headers

date
Thu, 21 Nov 2019 23:44:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
401711
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11056
x-xss-protection
0
expires
Fri, 20 Nov 2020 23:44:39 GMT
cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v27/ Frame 21CC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.quantcast.mgr.consensu.org/v27/cmp-3pc-check.html
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
static.quantcast.mgr.consensu.org
:scheme
https
:path
/v27/cmp-3pc-check.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
content-type
text/html
content-length
583
last-modified
Mon, 18 Nov 2019 19:20:05 GMT
x-amz-server-side-encryption
AES256
accept-ranges
bytes
server
AmazonS3
date
Tue, 26 Nov 2019 15:08:49 GMT
etag
"2382c3f01978a379e8fa8bc1a3bec605"
x-cache
Hit from cloudfront
via
1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
1scU-VWo0AZbpRMwM6o_8qADwfWtnGTIeIdTRZXk6JFg6SSSJ5wl9Q==
age
661
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/ 		240 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
9abb9e299ab0f7c2c00c20f0d5858358ffa1e7a9f835bab1798c769ff3b22777
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
90016
x-xss-protection
0
server
cafe
etag
16514268273887163252
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Nov 2019 15:19:50 GMT
h4-bg.png
www.bleepstatic.com/images/site/ 		38 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/h4-bg.png
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
cf-cache-status
HIT
age
653
cf-polished
origFmt=png, origSize=72
status
200
content-disposition
inline; filename="h4-bg.webp"
cf-bgj
imgq:85
content-length
38
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
53bcd7cd9fa1cbc4-VIE
expires
Thu, 21 Nov 2019 20:30:20 GMT
news_email_icon.png
www.bleepstatic.com/images/site/ 		126 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/news_email_icon.png
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a

Request headers

Referer
https://www.bleepstatic.com/css/redesign/home.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
cf-cache-status
HIT
age
1609924
cf-polished
origFmt=png, origSize=1105
status
200
content-disposition
inline; filename="news_email_icon.webp"
cf-bgj
imgq:85
content-length
126
last-modified
Fri, 29 May 2015 07:10:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
53bcd7cd9fa4cbc4-VIE
expires
Sun, 08 Dec 2019 00:07:46 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191114/r20190131/ Frame E2A3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20191114/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20191114/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 20 Nov 2019 11:45:53 GMT
expires
Wed, 04 Dec 2019 11:45:53 GMT
content-type
text/html; charset=UTF-8
etag
9688732929695215001
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6504
x-xss-protection
0
cache-control
public, max-age=1209600
age
531237
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
news_footer_icon.png
www.bleepstatic.com/images/site/ 		110 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/news_footer_icon.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d

Request headers

Referer
https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
cf-cache-status
HIT
age
1103269
cf-polished
origFmt=png, origSize=186
status
200
content-disposition
inline; filename="news_footer_icon.webp"
cf-bgj
imgq:85
content-length
110
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
53bcd7cdd84acbc4-VIE
expires
Fri, 13 Dec 2019 20:52:01 GMT
cookie
d.pub.network/ 		36 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/cookie
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
8b2e59bc809fc679c05e1b31583ce011b41ff1362edadd8e61464a034cffe410

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Tue, 26 Nov 2019 15:19:51 GMT
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
gpt.js
www.googletagservices.com/tag/js/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a1ff5fe4ae718314b3589c7afd949e0d021d20f681c8417439c6e96559996595
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"348 / 433 of 1000 / last-modified: 1574707045"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15675
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:50 GMT
gallery.js
freestar-io.videoplayerhub.com/ 		130 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freestar-io.videoplayerhub.com/gallery.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.44 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-44.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
166d1031506210d3723ed28f498fcc4739516be7f5ce2d98ce219f3aa43f2166

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
Z_kaPCvP.j4UJwOeqRSb5QIeUUu8hN3N
Content-Encoding
gzip
Last-Modified
Mon, 25 Nov 2019 20:02:16 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Date
Tue, 26 Nov 2019 15:19:50 GMT
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
vgizxncb-7TPJAXTJWrVqe0uZQlJRAA-n1IgSSu_Hjj2zLJWkEXlCw==
prebid-analytics-2.36.5.js
a.pub.network/core/ 		388 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-2.36.5.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb3986a9d06585054dc84ba96f83b685c5a67527f4cdd2cdb4dfc75d49f5759f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:51 GMT
content-encoding
br
cf-cache-status
BYPASS
status
200
x-guploader-uploadid
AEnB2UryAedPJr-WhddJL-EnHgKr9WsxE0AFlsyfhb0CdhqpMfP5tFv-TWlFL4CvJayJo8rQDlCkbNZatxCM9zzXmqiWRMnQCA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Tue, 05 Nov 2019 17:37:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=EJ1yIw==, md5=e2KPF9QKTQj2iapaLVhLdw==
content-type
text/html
x-goog-generation
1572975461697049
cache-control
private
x-goog-stored-content-length
397332
cf-ray
53bcd7cead2acbac-VIE
expires
Wed, 25 Nov 2020 15:19:50 GMT
location
d.pub.network/ 		25 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/location
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
98f88d642acd9024773bf77b93f9546e3cd6fd8fa3d539d16f7b018e0cb513f2

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Tue, 26 Nov 2019 15:19:51 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1714546185&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ul=en-us&de=UTF-8&dt=Silly%20Phishing%20Spotlight%3A%20Login%20to%20Unblock%20Microsoft%20Excel&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1554442157&gjid=108991730&cid=2081853526.1574781591&tid=UA-91740-1&_gid=523594699.1574781591&_r=1&gtm=2ouav9&z=1459883767
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
pls
core.connatix.com/ Frame C779 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://core.connatix.com/pls?callback=jQuery321013057788255111813_1574781590558&token=83c6e833-8c07-474c-b10f-079d46320a80&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&c_v=1822_0_0_0_0&page_guid=2e4e621a613012ca8cd91574781590905&spp=1&_=1574781590559
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.131.34 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-236-131-34.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
73c14e39ad93de8449f78d536c745222bf8b9a25b47e6d9b7b086e037c811f8c

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 26 Nov 2019 15:19:51 GMT
content-encoding
gzip
server
nginx/1.15.9 (Ubuntu)
access-control-allow-origin
*
cmpui-popup.js
static.quantcast.mgr.consensu.org/v27/ 		222 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quantcast.mgr.consensu.org/v27/cmpui-popup.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2363cbdace3d4db7b0ee2f0fcf42a722658814affea6c100f3679f7c21ff9e11

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:18:49 GMT
content-encoding
gzip
last-modified
Mon, 18 Nov 2019 19:20:04 GMT
server
AmazonS3
age
261
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
GO2PoFhiJ8waFZ9WCkWT6hMeFfzyRfIpgcP9UK65QWkVh7yDW9h7LQ==
via
1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
72.247.226.64 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 Nov 2019 15:19:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Nov 2019 20:13:52 GMT
Server
AmazonS3
x-amz-request-id
C0B7E130097BC605
ETag
"f14b4e1f799b14f798a195f43cf58376"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=30317
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
948
x-amz-id-2
WMRpIO186SrpMgXAdDxxqtwuB/nVpPpDrif5aSQ8+ORAAGwczaqMUoDLYLjYQOU+EHP09vSgz8E=
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/ 		2 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/_ate.track.config_resp
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-21-36-164.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.8.v20180619) /
Resource Hash
5fe405e64b42b49a5813c2c7b8e48ccf290310c5eb351d2b15966856d1a2f06e

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:51 GMT
content-encoding
gzip
surrogate-key
ra-561517d2c7f964d6
server
Jetty(9.4.8.v20180619)
etag
-1808207170--gzip
vary
Accept-Encoding
cache-tag
ra-561517d2c7f964d6
status
200
cache-control
public, max-age=28, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-type
application/javascript;charset=utf-8
content-length
678
excel-phishing-header.jpg
www.bleepstatic.com/content/hl-images/2019/11/24/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2019/11/24/excel-phishing-header.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f227d60ead1b174874c6f16071e0cedb6001bdb73679c1627457851ff877319e

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:51 GMT
cf-cache-status
HIT
age
164613
cf-polished
qual=85, origFmt=jpeg, origSize=25488
status
200
content-disposition
inline; filename="excel-phishing-header.webp"
cf-bgj
imgq:85
content-length
12226
last-modified
Sun, 24 Nov 2019 17:22:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
53bcd7d03e3fcbc4-VIE
expires
Tue, 24 Dec 2019 17:36:18 GMT
292x176_SplunkStill.jpg
www.bleepstatic.com/content/posts/2019/11/25/thumb/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/posts/2019/11/25/thumb/292x176_SplunkStill.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe41724c33b76fe8d8c5a8841d4286991a555d81f0a1bc6bb0dbed3b4f6192c4

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:51 GMT
cf-cache-status
HIT
age
12390
cf-polished
origSize=13372, status=webp_bigger
status
200
cf-bgj
imgq:85
content-length
12509
last-modified
Tue, 26 Nov 2019 02:36:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
53bcd7d03e41cbc4-VIE
expires
Thu, 26 Dec 2019 11:53:21 GMT
292x176_FortiGuardServices.jpg
www.bleepstatic.com/content/posts/2019/11/25/thumb/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/posts/2019/11/25/thumb/292x176_FortiGuardServices.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f14661cb98a5e994c67e46c794be967115e8450cb91e02e6a416950c92dd0c3b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:51 GMT
cf-cache-status
HIT
age
35151
cf-polished
origSize=18383, status=webp_bigger
status
200
cf-bgj
imgq:85
content-length
17347
last-modified
Mon, 25 Nov 2019 17:36:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
53bcd7d03e44cbc4-VIE
expires
Thu, 26 Dec 2019 05:33:59 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 607C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1574616885&rafmt=9&psa=0&guci=1.2.0.0.2.2.0.0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1574781590647&bpp=36&bdt=382&fdt=423&idt=424&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&correlator=4892836072971&frm=20&pv=2&ga_vid=2081853526.1574781591&ga_sid=1574781591&ga_hid=1714546185&ga_fc=0&iag=0&icsg=10995118907392&dssz=45&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=4340&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=1448605548268930&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=RWWBNd8GHc&p=https%3A//www.bleepingcomputer.com&dtd=468
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1574616885&rafmt=9&psa=0&guci=1.2.0.0.2.2.0.0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1574781590647&bpp=36&bdt=382&fdt=423&idt=424&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&correlator=4892836072971&frm=20&pv=2&ga_vid=2081853526.1574781591&ga_sid=1574781591&ga_hid=1714546185&ga_fc=0&iag=0&icsg=10995118907392&dssz=45&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=4340&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=1448605548268930&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=RWWBNd8GHc&p=https%3A//www.bleepingcomputer.com&dtd=468
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 26 Nov 2019 15:19:51 GMT
server
cafe
content-length
19072
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 26-Nov-2019 15:34:51 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Tue, 26 Nov 2019 15:19:51 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0e946b0ee0337cf23c845f67a238e1fefd5f1e014fdbd8ea27870172fcedd40f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29338
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:51 GMT
pubads_impl_2019111801.js
securepubads.g.doubleclick.net/gpt/ 		159 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
sffe /
Resource Hash
03b07f320a1692a2d507465027fffaa6560d19d248c33bb6a5f2c97b75680c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 18 Nov 2019 14:07:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
59620
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:51 GMT
jquery.fancybox.css
www.bleepstatic.com/js/redesign/fancybox/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:51 GMT
content-encoding
br
cf-cache-status
HIT
age
610
cf-polished
origSize=4895
status
200
cf-bgj
minify
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"9108074"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
53bcd7d128c8cbc4-VIE
expires
Fri, 22 Nov 2019 22:32:28 GMT
font-awesome.css
www.bleepstatic.com/css/redesign/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/font-awesome.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:51 GMT
content-encoding
br
cf-cache-status
HIT
age
3924
cf-polished
origSize=26776
status
200
cf-bgj
minify
last-modified
Tue, 03 May 2016 04:39:29 GMT
server
cloudflare
etag
W/"1700274315"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
53bcd7d128c9cbc4-VIE
expires
Fri, 22 Nov 2019 22:32:28 GMT
beacon.js
ad-delivery.net/ 		1 KB
987 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/beacon.js
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.196.65 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-65.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Tue, 31 Jan 2017 15:06:54 GMT
server
AmazonS3
age
3506
date
Tue, 26 Nov 2019 14:21:27 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
tGjIJomCzFuOU5sxC_zk8rU3fV2ZkFxtc56jJX-lUlltsQ8FT847sw==
via
1.1 7eb0b6b84b224c3eff8520d4bc275e4c.cloudfront.net (CloudFront)
ads
googleads.g.doubleclick.net/pagead/ Frame 43E9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1574616885&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A34635776&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1574781590941&bpp=10&bdt=676&fdt=302&idt=302&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=4892836072971&frm=20&pv=1&ga_vid=2081853526.1574781591&ga_sid=1574781591&ga_hid=1714546185&ga_fc=0&iag=0&icsg=43980476129280&dssz=48&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=1448605548268930&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=316
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1574616885&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A34635776&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1574781590941&bpp=10&bdt=676&fdt=302&idt=302&shv=r20191114&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=4892836072971&frm=20&pv=1&ga_vid=2081853526.1574781591&ga_sid=1574781591&ga_hid=1714546185&ga_fc=0&iag=0&icsg=43980476129280&dssz=48&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=1448605548268930&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=316
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 26 Nov 2019 15:19:51 GMT
server
cafe
content-length
44
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 26-Nov-2019 15:34:51 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Tue, 26 Nov 2019 15:19:51 GMT
cache-control
private
vendorlist.json
vendorlist.consensu.org/ 		91 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vendorlist.consensu.org/vendorlist.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:d800:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a53d4df190d658e52a1fbcea3fdda92433c812e35bb7a789876ff1c75ddb4bd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

date
Mon, 25 Nov 2019 02:38:47 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
132065
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Thu, 21 Nov 2019 16:00:26 GMT
server
AmazonS3
access-control-max-age
604800
access-control-allow-methods
GET
x-amz-version-id
q4qmkF37jkDkebN8AzjM.kkdN85YVWej
via
1.1 e3666efb6956ba7f03c75c3401b8c79e.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA54
content-type
application/json; charset=utf-8
x-amz-cf-id
vI_sbLBUl8154kxuNP2Dp7RSXIcJtWC4ciI-2ml3GbS6IJKfBYFakA==
fontawesome-webfont.woff
www.bleepstatic.com/fonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191114/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepstatic.com/css/redesign/font-awesome.css
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 26 Nov 2019 15:19:51 GMT
cf-cache-status
HIT
last-modified
Thu, 23 Apr 2015 09:36:00 GMT
server
cloudflare
age
3807
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
status
200
accept-ranges
bytes
cf-ray
53bcd7d29b24cbb8-VIE
access-control-allow-origin
*
content-length
65452
layers.ab5cd98fe1b9a38a4a9f.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-21-36-164.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 18 Sep 2019 14:16:17 GMT
server
nginx/1.15.8
etag
W/"5d823c31-41b9f"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
date
Tue, 26 Nov 2019 15:19:51 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77528
apstag.js
c.amazon-adsystem.com/aax2/ 		88 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-86-250.fra2.r.cloudfront.net
Software
Server /
Resource Hash
1412d7245072504d1975da264074e475485b5bab1edab58938a536542a4f3dd5

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 17:32:54 GMT
content-encoding
gzip
server
Server
age
78417
etag
f95fda3d4fe6103808d969fc52fa66db
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
YQsSBPf1FpkfZWpmEFt48BHCCSVZP1FseUDGwxEKowAYzBeeKoCcmw==
via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
v2
d.pub.network/floors/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/floors/v2?key=535desktop
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.71.188.35.bc.googleusercontent.com
Software
/
Resource Hash
def709ba515a22127c4da36701315c859ff8a1445c2aaae4b899432df9e38041

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Tue, 26 Nov 2019 15:19:52 GMT
Access-Control-Allow-Credentials
true
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding
chunked
Content-Type
application/json
truncated
/ 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
g
rtb.connatix.com/ 		91 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb.connatix.com/g?c_pw=834&c_ph=469&c_tk=C018218D-4AD0-4E01-8158-045425E65946&c_bu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&c_ivt=0&connatix_sess=7DVyK9tb-93rCG28a0--ohhaN-0uTVAPGrZXs3_JbWC8LDIpnZCZMsHSyEN6EWLZ20T_zYUtlcfn1JsiJ1nSolcgZvFSWtOaZqYCdJd2DllF1KLH5cegL_UGTlyrTUQm2JASE0rE3F9RCsFlZMZAgUnIZamN63Qy7OIZlsYcPz8vdq8-8j5TPEI3TunmvQI-&notServed=false&xplr=false&c_s=false&c_pl=SLEROxj0csrgRkI4F3oTnlWP1SIhNA9hK_I_5DK_ayqRfLH1XAK8CxdKD-dlFVRh9EjY8vbTtQeR84PgJwV429P7rAz2Y3Byj8oiy0bNRKUtjvKhHX8jh-0Ox8ohburUiMrwoHixGwC0qj8L0wCJ-ovlJ7gsaUnu313RrhbTWEyfSrg9ojFFphEaO-IpS4pFTA5IGdZRgYIs1aaBrSTroAhLLB35EEeO8pnLa3tdHEQ&gdpr=1&med_id=639404&req_no=0&v=1&c_pt=1&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-e&c_v=1822_0_0_0_0&spp=1&callback=cnxJSONP_32e076e2ece141ec532a1574781591943
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.73.180 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-164-73-180.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
e58542cacf97175fab0a0e3d7a8252b93bc57652dc2520650388317cefd5f726

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 26 Nov 2019 15:19:52 GMT
Content-Encoding
gzip
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
105
327.jpg
i.connatix.com/s3/connatix-uploads/af391ba1-47b0-4ff1-87cb-08a6df11845f/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/af391ba1-47b0-4ff1-87cb-08a6df11845f/327.jpg?mode=stretch&connatiximg=true&scale=both&height=469&width=834
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
c8444ac3b0379ce828317141c6128d128bcd5418ad3e4e9bd1be1ecadccc1095

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:51 GMT
via
1.1 varnish, 1.1 varnish
age
56884
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
1, 3
accept-ranges
bytes
x-timer
S1574781592.946974,VS0,VE0
access-control-allow-origin
*
content-length
15039
x-served-by
cache-sjc3130-SJC, cache-hhn4055-HHN
1.jpg
i.connatix.com/s3/connatix-uploads/4f14e8c7-7feb-4e60-859e-a2809e13bd1b/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/4f14e8c7-7feb-4e60-859e-a2809e13bd1b/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
4e720804ff4314f1a7c70173d456594cc37b97d284072f8763294f5d1fee8d58

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:51 GMT
via
1.1 varnish, 1.1 varnish
age
56884
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
1, 3
accept-ranges
bytes
x-timer
S1574781592.947058,VS0,VE0
access-control-allow-origin
*
content-length
18829
x-served-by
cache-sjc3142-SJC, cache-hhn4055-HHN
1.jpg
i.connatix.com/s3/connatix-uploads/e4656b71-6c32-4779-a602-e39583327617/ 		168 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/e4656b71-6c32-4779-a602-e39583327617/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
c4405054dff1040cf4914e27f544f02dc63fec0e12695ea76b7ce98b8605a7b1

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:51 GMT
via
1.1 varnish, 1.1 varnish
age
56884
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
1, 1
accept-ranges
bytes
x-timer
S1574781592.946949,VS0,VE1
access-control-allow-origin
*
content-length
172535
x-served-by
cache-sjc3144-SJC, cache-hhn4055-HHN
1.jpg
i.connatix.com/s3/connatix-uploads/09c4c4e2-937d-41ee-8570-59862a3cd33b/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/09c4c4e2-937d-41ee-8570-59862a3cd33b/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
20d2cb2691e261ada55a9c4d60c663479277d651d9b8d6d768ede5870c3b5993

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:51 GMT
via
1.1 varnish, 1.1 varnish
age
56884
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
2, 3
accept-ranges
bytes
x-timer
S1574781592.947183,VS0,VE0
access-control-allow-origin
*
content-length
34278
x-served-by
cache-sjc3130-SJC, cache-hhn4055-HHN
1.jpg
i.connatix.com/s3/connatix-uploads/70db2117-5813-4069-a291-9da2180314a5/ 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/70db2117-5813-4069-a291-9da2180314a5/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
29407dab7bfc70257bdb18f8f784b9c0608c69f8290b750618feee47dd1bddcc

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:51 GMT
via
1.1 varnish, 1.1 varnish
age
56884
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
1, 3
accept-ranges
bytes
x-timer
S1574781592.946956,VS0,VE0
access-control-allow-origin
*
content-length
114127
x-served-by
cache-sjc3142-SJC, cache-hhn4055-HHN
1.jpg
i.connatix.com/s3/connatix-uploads/72d0a047-e762-4794-ac1e-9c0420504866/ 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-uploads/72d0a047-e762-4794-ac1e-9c0420504866/1.jpg?mode=crop&width=1001&height=563
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
dac702bbb288a8038c909915b51f4423c7c52826395f824682a0218935f240b1

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:51 GMT
via
1.1 varnish, 1.1 varnish
age
56884
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
1, 1
accept-ranges
bytes
x-timer
S1574781592.947175,VS0,VE1
access-control-allow-origin
*
content-length
160038
x-served-by
cache-sjc3146-SJC, cache-hhn4055-HHN
bleeping-computerlogo-lg.png
www.bleepstatic.com/logos/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/logos/bleeping-computerlogo-lg.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a56e644a617b2d1e4e7d808dfc334a7ea8622979f22999dc9eccd21c61958b3

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:51 GMT
cf-cache-status
HIT
age
477049
cf-polished
origFmt=png, origSize=15281
status
200
content-disposition
inline; filename="bleeping-computerlogo-lg.webp"
cf-bgj
imgq:85
content-length
7156
last-modified
Wed, 07 Jan 2015 22:52:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
53bcd7d5be00cbc4-VIE
expires
Sat, 21 Dec 2019 02:49:01 GMT
0_th_1.jpg
i.connatix.com/s3/connatix-videos/af391ba1-47b0-4ff1-87cb-08a6df11845f/ Frame C779 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.connatix.com/s3/connatix-videos/af391ba1-47b0-4ff1-87cb-08a6df11845f/0_th_1.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
c3034d0370c5faa09e7a8d7b0c48925afa0371cf17e4827dde23059f56019dae

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:51 GMT
via
1.1 varnish, 1.1 varnish
age
7831810
x-cache
HIT, HIT
content-type
image/jpeg
status
200
cache-control
max-age=31557600
x-cache-hits
1, 3769
accept-ranges
bytes
x-timer
S1574781592.957710,VS0,VE0
access-control-allow-origin
*
content-length
23507
x-served-by
cache-sjc3139-SJC, cache-hhn4055-HHN
CookieAccess
api.quantcast.mgr.consensu.org/ 		30 B
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.quantcast.mgr.consensu.org/CookieAccess
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.196.91 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-91.fra2.r.cloudfront.net
Software
/
Resource Hash
5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 26 Nov 2019 15:19:52 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
x-amzn-requestid
955899c1-2271-463c-8191-d58d395d146f
x-cache
Error from cloudfront
status
404
x-amz-apigw-id
DxdXwEn3IAMFYpA=
content-length
50
access-control-allow-origin
https://www.bleepingcomputer.com
x-amzn-trace-id
Root=1-5ddd4297-7072a2f5c5e2bc8613ae8d7b;Sampled=0
vary
Origin
access-control-allow-methods
GET, POST
content-type
application/json
via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
x-amz-cf-id
9xE_KywO7LK_c5IKKl2SF7ltHf5W9AMQIeAN6ztUZsvwvNhLwta66Q==
r
trk.connatix.com/ Frame C779 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.connatix.com/r?connatix_sess=7DVyK9tb-93rCG28a0--ohhaN-0uTVAPGrZXs3_JbWC8LDIpnZCZMsHSyEN6EWLZ20T_zYUtlcfn1JsiJ1nSolcgZvFSWtOaZqYCdJd2DllF1KLH5cegL_UGTlyrTUQm2JASE0rE3F9RCsFlZMZAgUnIZamN63Qy7OIZlsYcPz8vdq8-8j5TPEI3TunmvQI-&videoID=639404&c_pl=SLEROxj0csrgRkI4F3oTnlWP1SIhNA9hK_I_5DK_ayqRfLH1XAK8CxdKD-dlFVRh9EjY8vbTtQeR84PgJwV429P7rAz2Y3Byj8oiy0bNRKUtjvKhHX8jh-0Ox8ohburUiMrwoHixGwC0qj8L0wCJ-ovlJ7gsaUnu313RrhbTWEyfSrg9ojFFphEaO-IpS4pFTA5IGdZRgYIs1aaBrSTroAhLLB35EEeO8pnLa3tdHEQ&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-e&c_v=1822_0_0_0_0&spp=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.1.10 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-211-1-10.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 26 Nov 2019 15:19:52 GMT
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
0
av
connatix-d.openx.net/v/1.0/ Frame C779
Redirect Chain
  • https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=95a2c5ca41fbb1a36...
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=95a2c5ca41fb...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=95a2c5ca41fbb1a3640a1574781591944&vwd=834&vht=469&gdpr=1&gdpr_consent=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:52 GMT
via
1.1 google
server
OXGW/16.167.2
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=95a2c5ca41fbb1a3640a1574781591944&vwd=834&vht=469&gdpr=1&gdpr_consent=0
p3p
CP="CUR ADM OUR NOR STA NID"
status
302
access-control-allow-credentials
true
alt-svc
clear
content-length
0

Redirect headers

date
Tue, 26 Nov 2019 15:19:52 GMT
via
1.1 google
server
OXGW/16.167.2
status
302
location
https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=95a2c5ca41fbb1a3640a1574781591944&vwd=834&vht=469&gdpr=1&gdpr_consent=0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
clear
content-length
0
g
rtb.connatix.com/ 		136 B
324 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb.connatix.com/g?c_pw=834&c_ph=470&c_tk=C018218D-4AD0-4E01-8158-045425E65946&c_bu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&c_ivt=0&connatix_sess=7DVyK9tb-93rCG28a0--ohhaN-0uTVAPGrZXs3_JbWC8LDIpnZCZMsHSyEN6EWLZ20T_zYUtlcfn1JsiJ1nSolcgZvFSWtOaZqYCdJd2DllF1KLH5cegL_UGTlyrTUQm2JASE0rE3F9RCsFlZMZAgUnIZamN63Qy7OIZlsYcPz8vdq8-8j5TPEI3TunmvQI-&notServed=false&xplr=false&c_s=false&c_pl=SLEROxj0csrgRkI4F3oTnlWP1SIhNA9hK_I_5DK_ayqRfLH1XAK8CxdKD-dlFVRh9EjY8vbTtQeR84PgJwV429P7rAz2Y3Byj8oiy0bNRKUtjvKhHX8jh-0Ox8ohburUiMrwoHixGwC0qj8L0wCJ-ovlJ7gsaUnu313RrhbTWEyfSrg9ojFFphEaO-IpS4pFTA5IGdZRgYIs1aaBrSTroAhLLB35EEeO8pnLa3tdHEQ&gdpr=1&med_id=639404&req_no=1&v=2&c_pt=1&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-e&c_v=1822_0_0_0_0&spp=1&callback=cnxJSONP_426a8cafea32a12665051574781592103
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.73.180 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-164-73-180.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
9e18996c315a3e343350070ad5452b442ed96417cfb3816b7dc8ec863a4b1e6e

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 26 Nov 2019 15:19:52 GMT
Content-Encoding
gzip
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
136
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-86-250.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 26 Nov 2019 14:18:33 GMT
content-encoding
gzip
vary
Origin
age
3680
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Fri, 01 Nov 2019 13:46:13 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
eDYyXJBZ_MbVQoAAm9UOfR9ALwG_WMFhMkHMNyRlcPf9KbfMW9i-cQ==
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame C779
Redirect Chain
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=95a2c5ca41fb...
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:52 GMT
via
1.1 google
server
OXGW/16.167.2
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
p3p
CP="CUR ADM OUR NOR STA NID", CP="CUR ADM OUR NOR STA NID"
status
302
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:52 GMT
via
1.1 google
server
OXGW/16.167.2
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
p3p
CP="CUR ADM OUR NOR STA NID", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C779
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBw3skBUP3AH-L9cXrB-UI4&google_cver=1
0
0
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&pid=XHpTpW1UR1ICl&cb=0&ws=1600x1200&v=7.44.02&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_1%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%22%7D%5D&cfgv=0&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-86-250.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 26 Nov 2019 15:19:52 GMT
via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C2
status
200
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
73Xr-CUV40psfODTDb4sSlIQXd_YCw_Rf-OQAbszVb1MJmqcHmpuIg==
48.008759e9efe1c1b693dd.js
s7.addthis.com/static/ 		281 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/48.008759e9efe1c1b693dd.js
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.36.164 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-21-36-164.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Wed, 18 Sep 2019 14:16:17 GMT
server
nginx/1.15.8
etag
W/"5d823c31-119"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=86313600
date
Tue, 26 Nov 2019 15:19:52 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
246
/
graph.facebook.com/ 		305 B
414 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_5v8c0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
82cd20d35080c5648b43d784ac787314ddd55cf9db6462ee7271d50f324d1fdb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-app-usage
{"call_count":0,"total_cputime":0,"total_time":0}
status
200
date
Tue, 26 Nov 2019 15:19:52 GMT
x-fb-rev
1001473541
alt-svc
h3-23=":443"; ma=3600
content-length
214
pragma
no-cache
x-fb-debug
0Q8OfaUHh/wkh5kdxFakVelE8sXHbd9VwdOwVbUdqrhP3VAtdLk3nrCnDIG3mpdsq6hm3S6fSGn1ADNtFUpuAw==
x-fb-trace-id
GRKp28vljRj
etag
"db88be6862224e40c1f0d45ab969ab80fb1ca88c"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
Av9T1ninHtMrH6JlgZK4WQH
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v2.11
expires
Sat, 01 Jan 2000 00:00:00 GMT
info.json
www.reddit.com/api/ 		126 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reddit.com/api/info.json?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&jsonp=_ate.cbs.rcb_7wny0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
snooserv /
Resource Hash
cdfcbd26b58ca5277b266b7696abaf66b640db2fa853240817266ef07f99f724
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:52 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
status
200
x-cache-hits
0
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
126
x-xss-protection
1; mode=block
x-served-by
cache-fra19125-FRA
x-moose
majestic
server
snooserv
x-timer
S1574781592.251268,VS0,VE115
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ua-compatible
IE=edge
accept-ranges
bytes
expires
-1
/
graph.facebook.com/ 		145 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_hfp80
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
7ce260e650fee14d5469f88fc58ab03d183bb6c081c40c2dcb053645085f177b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-app-usage
{"call_count":0,"total_cputime":0,"total_time":0}
status
200
date
Tue, 26 Nov 2019 15:19:52 GMT
x-fb-rev
1001473541
alt-svc
h3-23=":443"; ma=3600
content-length
145
pragma
no-cache
x-fb-debug
uVt3awsB2/yfdOGQz/ZU5BBbHogECn8aY5a4vq7Fm5Is8CsI2AXDufeiyw64oEZP25kgzDRTen7t6iH1c8wBRg==
x-fb-trace-id
BI+6J1c5pFG
etag
"3b01749d8af3faa866c97b38aacd5ebb5cdc17cd"
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AhlQlWOk7oKgcyv-8ecpE48
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v2.11
expires
Sat, 01 Jan 2000 00:00:00 GMT
info.json
www.reddit.com/api/ 		126 B
259 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reddit.com/api/info.json?url=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&jsonp=_ate.cbs.rcb_esxb0
Requested by
Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
snooserv /
Resource Hash
bc0b9a471e25b8fe764d5fd2bf64cfab53e0633961da117c7460f7560cfd69a6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:52 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
status
200
x-cache-hits
0
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
126
x-xss-protection
1; mode=block
x-served-by
cache-fra19125-FRA
x-moose
majestic
server
snooserv
x-timer
S1574781592.251544,VS0,VE139
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ua-compatible
IE=edge
accept-ranges
bytes
expires
-1
514171
vid.springserve.com/vast/ Frame C779 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.245.241.249 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-245-241-249.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b7ed8341c69be138913b8d656f180cd0fa9a43c5579af3dcce968836d2c37e4b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

Date
Tue, 26 Nov 2019 15:19:52 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
914
jquery.color-2.1.2.min.js
cluster-na.cdnjquery.com/color/ 		93 B
357 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cluster-na.cdnjquery.com/color/jquery.color-2.1.2.min.js?integrity=btjsonpcallback1574781592329&checksum=%7B%22cbc%22%3A0%2C%22st%22%3A2%2C%22au%22%3A%5B%5D%2C%22hau%22%3A%5B%5D%2C%22ref%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F%22%2C%22aa%22%3A3%2C%22pgid%22%3A%2230f160e0-1060-11ea-a296-eab65b79c6fd%22%2C%22v%22%3A1%2C%22format%22%3A%22jsonp%22%7D&o=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&csVersion=1.20.9&clearThroughOptions=undefined
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.108.72 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-206-108-72.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
da445026801d9f140fa8a646834ff3a1a0ffbf55b8c6d76d193b02279d1bd013
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 Nov 2019 15:19:52 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
ETag
W/"5d-y8njHFCXYcFZe5DEYByr8WMbx2s"
X-Frame-Options
DENY
Content-Type
text/javascript; charset=utf-8
Charset
utf8
Connection
keep-alive
Content-Length
85
px.gif
ad-delivery.net/ 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.40020273987177957
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.196.65 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-65.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 7eb0b6b84b224c3eff8520d4bc275e4c.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2017 18:59:05 GMT
server
AmazonS3
age
70865
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
x-cache
Hit from cloudfront
content-type
image/gif
status
200
date
Mon, 25 Nov 2019 19:38:48 GMT
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
43
x-amz-cf-id
cKhFYyetBMxNR-XkhEKdywluUExgRR_Q9OhIt8nOCvkK_KwTAVMuJg==
vpaid_855affef.js
vpaid.springserve.com/production/ Frame 0BA3 		420 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_855affef.js
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
AmazonS3 /
Resource Hash
8a41e097be4591fa4f13e6eea4fddaa0dabfb232193ce6885653f244f2dc7a3a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:52 GMT
content-encoding
gzip
last-modified
Fri, 22 Nov 2019 18:17:07 GMT
server
AmazonS3
x-amz-request-id
5AD82A02192E0B0E
etag
"b03e75f0c79cce2a5b914f3297f941d3"
x-hw
1574781592.dop036.fr8.t,1574781592.cds109.fr8.hn,1574781592.cds010.fr8.c
content-type
application/javascript
status
200
cache-control
max-age=2294859
accept-ranges
bytes
access-control-allow-origin
*
content-length
95929
x-amz-id-2
w7aOYBQiB1wbaziIFJipv3PYfz6eZFn23etM0yKArksBc48Q6cMciAzrDP2XXTobyJ/blkuhfMo=
/
audit.quantcast.mgr.consensu.org/ 		80 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit.quantcast.mgr.consensu.org/?log=;1574781592379;BleepingComputer.com;https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F;;;;;p,off,false,,1,en,27,176,true,false,false;displayConsentUi:mandatory,
Requested by
Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v27/cmpui-popup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.196.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-112.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 26 Nov 2019 07:30:01 GMT
via
1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
vary
Origin
age
28191
x-cache
Hit from cloudfront
status
200
content-length
80
last-modified
Mon, 11 Jun 2018 22:07:34 GMT
server
AmazonS3
etag
"0614149d8033903db5de46d6c184bbfd"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
2-hoF3Xirp2ykmif3y6ZLOs6nqH0hT1_EzSeOxWoybxiAXbbaN-W-w==
oath-viewability-sdk.js
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 0BA3 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 04:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40204
status
200
content-length
7868
strict-transport-security
max-age=15552000
x-amz-request-id
046F19794F1C89E4
x-amz-id-2
rwuCqqVkGCiGHUSLNJpnZIe/zkpm+7AlPbiwXfvk+iXX+eSnoX7UjRPVXlvo8A0oi0OxZDIO4oE=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Jan 2018 04:39:44 GMT
server
ATS
etag
"f89c71522a28b573b7e8c681892779ce-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
accept-ranges
bytes
content-type
application/javascript
/
ima3vpaid.appspot.com/ Frame 0BA3 		1 KB
924 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ima3vpaid.appspot.com/?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781592334%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781592334&type=js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
f118bd1c464439f4795dfcee905e400ca35fde3eb1d6f0ddb6c6ff88ac6e0103

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 26 Nov 2019 15:19:52 GMT
content-encoding
gzip
server
Google Frontend
status
200
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
x-cloud-trace-context
c2e42aa2ab7d43b20007507a255763c9
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
566
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame 3B96 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781592334%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781592334&type=js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
529c00446502c1e3f4c46ed903dcd0a20d3f10a1ca22c7b790d448e6d8cb6902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 20 Nov 2019 19:35:27 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14224
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:34:52 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 3B96 		273 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781592334%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781592334&type=js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94888
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:52 GMT
bridge3.353.0_en.html
imasdk.googleapis.com/js/core/ Frame F9D5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.353.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
196419
date
Fri, 22 Nov 2019 15:28:56 GMT
expires
Sat, 21 Nov 2020 15:28:56 GMT
last-modified
Wed, 20 Nov 2019 19:30:13 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
345056
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
client.js
s0.2mdn.net/instream/video/ Frame 3B96 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10523
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:52 GMT
integrator.js
adservice.google.com/adsid/ Frame 3B96 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
c
c.pub.network/ 		36 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
9725704c43fa763697a109da7a90d7f64d98825280b4f052b9b2eb616ce15b9c

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Tue, 26 Nov 2019 15:19:53 GMT
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
imp
g2.gumgum.com/hbid/ 		123 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ns=10240&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.34.242 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-34-242.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5bf800345f0de8cbd1b266df13222308b4865b24a97576c8afd0c0ed4274bf93

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14288&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ns=10240&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.34.242 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-34-242.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
12757aacd8065f1dae7232eee05d72060f2f8de1547afe1136b9d774b262e902

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ns=10240&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.34.242 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-34-242.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
77fa233d8c9a9df15915f6663b3263d28c2d8dbba9b21ee5a30be6c85d9507eb

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14288&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ns=10240&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.34.242 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-34-242.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
92951ff2c54ef10555938539aa7b1fb88529604aba3c52bf2dbda653b51e83df

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		0
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=zztu1szx&pi=2&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ns=10240&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.34.242 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-34-242.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
204
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14290&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ns=10240&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.34.242 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-34-242.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2518f67334194509d1c64f68ef973e15db3bd6bd47a0471923ffa25989fd697f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ns=10240&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.34.242 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-34-242.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
11c3c61a1229467b401c579d42cdb5cf2e161c570a2533384669ca703a2ef3a4

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		0
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=zztu1szx&pi=2&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ns=10240&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.34.242 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-34-242.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
204
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=14290&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ns=10240&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.34.242 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-34-242.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1baf016718320e8a4b278d8c53ec77df2fb1efd07c866d6be510add91d6f1d1d

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&tk_flint=pbjs_lite_v2.36.0&x_source.tid=2cbabe33-20eb-4691-9c33-a2ce14b7b4ba&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5255842957840591
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
ed659a77fdd28a80a4c84933f79862ea9921cbe5ef5f1cba94ba4ee8e719b203

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:53 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=159
Content-Length
1523
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&tk_flint=pbjs_lite_v2.36.0&x_source.tid=f76e162e-82d8-44df-8931-d15780d17c38&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.550425645852834
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
7d9967dd0e2212cba7ee10ab600d2a93f23e1a64818bdca3bf6e01765e9f1fd4

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:53 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=311
Content-Length
1520
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		257 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&tk_flint=pbjs_lite_v2.36.0&x_source.tid=34bf892d-4c79-403e-a598-af81781bec4c&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.10589362005678638
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
acbe9cdf9d772d65eb2b250cf080d2ccdf56a84f4f0323c27c4969212398b43d

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:53 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=422
Content-Length
257
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&tk_flint=pbjs_lite_v2.36.0&x_source.tid=3091ddf0-240b-4ae6-a462-3c419a398909&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6173424767203686
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
ca4f0a5d8c912140811de513da53c06da21a5c60ad8c0331cc41bfc094d080db

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:53 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=338
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		257 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&tk_flint=pbjs_lite_v2.36.0&x_source.tid=2d600d9e-fe90-4fe1-9b63-03def385c13f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.37429474049796707
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
73343d7c5908fe8c352daa089f212c63c5d7b5dd9a67ad3272ac26e24b4246c6

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:53 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=129
Content-Length
257
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
hb.emxdgt.com/ 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1200&ts=1574781592948&src=pbjs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Nov 2019 15:19:52 GMT
Content-Type
text/html
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
0
v1
dmx.districtm.io/b/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Tue, 26 Nov 2019 15:19:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://www.bleepingcomputer.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
status
204
access-control-max-age
14400
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
53bcd7dbffebc295-FRA
access-control-allow-headers
origin, content-type
prebid
ib.adnxs.com/ut/v3/ 		587 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
435f3b941790a950ffcbbf77b354611bd92bfce90007a689296a3c65dc16a280
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Nov 2019 15:19:55 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.88:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a8f7a9b7-cf69-4ffb-985c-888f431368f8
Server
nginx/1.13.4
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
24
web.hb.ad.cpe.dotomi.com/s2s/header/ 		456 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software
nginx /
Resource Hash
a11f6f961dc2120662e3aaa900ca077b0ec2cf313860a28ae7f7a6cc50afbf57

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
456
expires
0
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=-60&buster=1574781592955&secure=true&version=9&mobile=false&title=Silly%20Phishing%20Spotlight%3A%20Login%20to%20Unblock%20Microsoft%20Excel&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&measurable=true&bids[0][bidId]=42bf650f59109f7&bids[0][config][property]=5c3404d83e048a00261ad27f&bids[0][config][zone]=bleepingcomputer_728x90_970x90_970x250_320x50_ATF&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=970&bids[0][sizes][1][height]=90&bids[0][sizes][2][width]=970&bids[0][sizes][2][height]=250&bids[1][bidId]=437d8e7afe43d2e&bids[1][config][property]=5c3404d83e048a00261ad27f&bids[1][config][zone]=bleepingcomputer_728x90_970x90_970x250_320x50_BTF&bids[1][sizes][0][width]=728&bids[1][sizes][0][height]=90&bids[1][sizes][1][width]=970&bids[1][sizes][1][height]=90&bids[1][sizes][2][width]=970&bids[1][sizes][2][height]=250&bids[2][bidId]=44f7fa7bafc848a&bids[2][config][property]=5c3404d83e048a00261ad27f&bids[2][config][zone]=bleepingcomputer_300x250_300x600_160x600_Right_1&bids[2][sizes][0][width]=300&bids[2][sizes][0][height]=250&bids[2][sizes][1][width]=300&bids[2][sizes][1][height]=600&bids[3][bidId]=451bdc29e0b3bb8&bids[3][config][property]=5c3404d83e048a00261ad27f&bids[3][config][zone]=bleepingcomputer_728x90_320x50_InContent_1&bids[3][sizes][0][width]=728&bids[3][sizes][0][height]=90&bids[4][bidId]=46c42ace5019d41&bids[4][config][property]=5c3404d83e048a00261ad27f&bids[4][config][zone]=bleepingcomputer_300x250_300x600_160x600_Right_3&bids[4][sizes][0][width]=300&bids[4][sizes][0][height]=250&bids[4][sizes][1][width]=300&bids[4][sizes][1][height]=600&property=5c3404d83e048a00261ad27f&foo
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.165.42 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-72-165-42.compute-1.amazonaws.com
Software
/ Express
Resource Hash
249193c3827d0fb6e4646050b7491f0955be7f7194a496c3e894d71119740a67

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
status
200
x-powered-by
Express
etag
"-1728702279"
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
arj
freestar-d.openx.net/w/1.0/ 		174 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=2cbabe33-20eb-4691-9c33-a2ce14b7b4ba%2Cf76e162e-82d8-44df-8931-d15780d17c38%2C34bf892d-4c79-403e-a598-af81781bec4c%2C3091ddf0-240b-4ae6-a462-3c419a398909%2C2d600d9e-fe90-4fe1-9b63-03def385c13f&nocache=1574781592956&x_gdpr_f=1&pubcid=d0e13832-2ba0-47e3-842e-fdfec6ec23b7&aus=728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250%7C300x250%2C300x600%7C728x90%7C300x250%2C300x600&divIds=bleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_300x250_300x600_160x600_Right_1%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&auid=539181725%2C539181725%2C539181725%2C539181725%2C539181725&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
4417f5df74ddb9f8e4f37efb96e9275072ed0fe7fc59dc422203eb6f18030be2

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
174
expires
Mon, 26 Jul 1997 05:00:00 GMT
ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13417a9dface4a1e;misc=1574781592957
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13417a9dface4a1e;misc=1574781592957;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13417a9dface4a1e;misc=1574781592957
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13417a9dface4a1e;misc=1574781592957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13417a9dface4a1e;misc=1574781592957
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13417a9dface4a1e;misc=1574781592957
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1355d426a2a74ac1;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1355d426a2a74ac1;misc=1574781592958;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1355d426a2a74ac1;misc=1574781592958
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1355d426a2a74ac1;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1355d426a2a74ac1;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1355d426a2a74ac1;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1366674a2593e657;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1366674a2593e657;misc=1574781592958;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1366674a2593e657;misc=1574781592958
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1366674a2593e657;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1366674a2593e657;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1366674a2593e657;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1378a3199620e992;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1378a3199620e992;misc=1574781592958;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1378a3199620e992;misc=1574781592958
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1378a3199620e992;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1378a3199620e992;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1378a3199620e992;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13893eaceff5f078;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13893eaceff5f078;misc=1574781592958;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13893eaceff5f078;misc=1574781592958
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13893eaceff5f078;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13893eaceff5f078;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13893eaceff5f078;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=139770658ddba071;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=139770658ddba071;misc=1574781592958;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=139770658ddba071;misc=1574781592958
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=139770658ddba071;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=139770658ddba071;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=139770658ddba071;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=14041b6bd4ab4b2;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=14041b6bd4ab4b2;misc=1574781592958;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=14041b6bd4ab4b2;misc=1574781592958
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=14041b6bd4ab4b2;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=14041b6bd4ab4b2;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=14041b6bd4ab4b2;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1412b34443b0975c;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1412b34443b0975c;misc=1574781592958;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1412b34443b0975c;misc=1574781592958
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1412b34443b0975c;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1412b34443b0975c;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1412b34443b0975c;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=142851be9df324bc;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=142851be9df324bc;misc=1574781592958;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=142851be9df324bc;misc=1574781592958
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=142851be9df324bc;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=142851be9df324bc;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=142851be9df324bc;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1438a11ec487c2d3;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1438a11ec487c2d3;misc=1574781592958;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1438a11ec487c2d3;misc=1574781592958
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1438a11ec487c2d3;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1438a11ec487c2d3;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1438a11ec487c2d3;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1447564c0f4dd858;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1447564c0f4dd858;misc=1574781592958;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1447564c0f4dd858;misc=1574781592958
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1447564c0f4dd858;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1447564c0f4dd858;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1447564c0f4dd858;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
cygnus
as-sec.casalemedia.com/ 		25 B
914 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%226557d313ff32436%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22663aaa6a0893601%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%2267073a82d4879b2%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22id%22%3A%22686280debe20515%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22id%22%3A%2269a2803b8e74aa4%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%2270271179ce23f9a%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22id%22%3A%2271807be60bd5cd1%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22id%22%3A%2272d065feee1e657%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%227312e6ac85f138b%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22id%22%3A%2274368203e802618%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%2275bcb74531a7f0c%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%2276fcae98ed3736%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5a185dc6e1bc9d4465e26a1c41df9cbf2fa8982c3c873c7b5c49c9b9dc201e76

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:53 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
45
Expires
Tue, 26 Nov 2019 15:19:53 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=789c384c000c595&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.36.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.1.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-1-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=wDH8n844o8J5LF7qDwHQ7sj5&bidId=79ed6ce62388c42&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.36.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.1.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-1-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&bidId=80458b2c69bf7db&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.36.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.1.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-1-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=810c046d49c7e6c&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.36.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.1.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-1-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=wDH8n844o8J5LF7qDwHQ7sj5&bidId=822b22dcc55b724&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.36.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.1.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-1-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&bidId=836132768c29a93&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.36.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.1.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-1-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=DSthphoQqH66AkQXPDoXn74b&bidId=847d0dfa6e3aea6&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.36.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.1.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-1-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Y2PwNBba8FyKXESSc72DFF25&bidId=854e8ae4a56acc8&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.36.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.1.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-1-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&bidId=8622170e2320127&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.36.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.1.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-1-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=875545a273b0fd6&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.36.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.1.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-1-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Ggh1aXSgpQAvBpkxoyAsBJPd&bidId=88f282ef0ba0f1c&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.36.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.1.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-1-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=DSthphoQqH66AkQXPDoXn74b&bidId=89c943ecdd09e4f&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.36.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.1.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-1-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Y2PwNBba8FyKXESSc72DFF25&bidId=903479281f706c3&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.36.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.1.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-1-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&bidId=912215cfbe5eebd&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.36.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.1.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-1-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v2
i.connectad.io/api/ 		188 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:9174 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
288651393313df9a06c79020f0c8c81da40f1fdec7bcadc5a323290c33153dca

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Nov 2019 15:19:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
alt-svc
clear
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
53bcd7dc9fe55976-VIE
content-type
application/json
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ 		611 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
846a89a05b2cc88c9a49778ca03205dd9711fc6a1ca97d3719fa1b966b4ed0d4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Nov 2019 15:19:55 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.107:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3aa1d2dd-861c-4f99-babd-083f26a01e6a
Server
nginx/1.13.4
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		37 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
d483fbfc12cb1c539c26c9bb0c64ee971bbaaff41e5afba77caf5f2c80d429cb

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
200
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
x-openrtb-version
2.3
access-control-allow-credentials
true
date
Tue, 26 Nov 2019 15:19:53 GMT
content-type
application/json
auction
tlx.3lift.com/header/ 		19 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=2.36.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&tmax=1200
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.206.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-206-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
x-auction-status
12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12, 12
status
200
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		100 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1448605548268930&correlator=1017314897163186&output=ldjh&impl=fifs&adsid=NT&vrg=2019111801&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A134250504&sc=1&sfv=1-0-36&ecs=20191126&iu_parts=15184186%2Cbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_300x250_300x600_160x600_Right_1%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_1x1%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%2C728x90%2C1x1%2C300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7C%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1574616885&dt=1574781593042&dlt=1574781590265&idt=1385&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C436%2C1082%2C268%2C800%2C1082&adys=146%2C5131%2C327%2C3700%2C5637%2C1391&adks=960084856%2C976516616%2C771041174%2C4047242158%2C2635258439%2C523518761&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&dssz=55&icsg=703687617945600&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x120%7C1200x90%7C306x250%7C834x90%7C1600x5638%7C306x250&msz=1170x90%7C1170x90%7C306x250%7C834x90%7C1600x1%7C306x250&ga_vid=2081853526.1574781591&ga_sid=1574781591&ga_hid=1714546185&fws=4%2C4%2C4%2C4%2C4%2C516&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
f0529cc7165f04b9d0d90eba1650ab32f1b8ffc911dc3c5b45b959b4784abaa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 26 Nov 2019 15:19:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15664
x-xss-protection
0
google-lineitem-id
-1,-2,-1,-2,4893662829,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2,-1,-2,138254592126,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019111801.js
securepubads.g.doubleclick.net/gpt/ 		65 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
sffe /
Resource Hash
23f5a3eca6fec1f8380dd45a87da65ee9ab4c93d4602403dc26b18e2afeb201f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 18 Nov 2019 14:07:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
25219
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:53 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
v1
dmx.districtm.io/b/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 26 Nov 2019 15:19:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
53bcd7dcfea6beba-FRA
access-control-allow-headers
origin, content-type
bc2
bc-rtb-dub.springserve.com/ Frame 0BA3 		2 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc-rtb-dub.springserve.com/bc2?r=863d24ea-48c8-4730-b4ae-e15eeb4ba45d-s.514171-d.528021-dc.73342&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.175.165 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-252-175-165.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Nov 2019 15:19:53 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
ADTECH;apid=1A3223e978-1060-11ea-beba-12244f280cb6;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=1355d426a2a74ac1;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1355d426a2a74ac1;misc=1574781592958
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1A3223e978-1060-11ea-beba-12244f280cb6;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=1355d426a2a74ac1;misc=1...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1A3223e978-1060-11ea-beba-12244f280cb6;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=1355d426a2a74ac1;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1A3223e978-1060-11ea-beba-12244f280cb6;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=1355d426a2a74ac1;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1A3223e978-1060-11ea-beba-12244f280cb6;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=1355d426a2a74ac1;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A32241c7c-1060-11ea-9a52-12d2f833f2cc;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1366674a2593e657;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1366674a2593e657;misc=1574781592958
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A32241c7c-1060-11ea-9a52-12d2f833f2cc;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1366674a2593e657;misc=1...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A32241c7c-1060-11ea-9a52-12d2f833f2cc;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1366674a2593e657;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A32241c7c-1060-11ea-9a52-12d2f833f2cc;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1366674a2593e657;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A32241c7c-1060-11ea-9a52-12d2f833f2cc;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1366674a2593e657;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A3224008e-1060-11ea-b12e-1248c7260bf4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1412b34443b0975c;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1412b34443b0975c;misc=1574781592958
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;apid=1A3224008e-1060-11ea-b12e-1248c7260bf4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1412b34443b0975c;misc=1...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;apid=1A3224008e-1060-11ea-b12e-1248c7260bf4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1412b34443b0975c;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;apid=1A3224008e-1060-11ea-b12e-1248c7260bf4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1412b34443b0975c;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;apid=1A3224008e-1060-11ea-b12e-1248c7260bf4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1412b34443b0975c;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A322407f0-1060-11ea-847b-1279d50753f0;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=13893eaceff5f078;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13893eaceff5f078;misc=1574781592958
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1A322407f0-1060-11ea-847b-1279d50753f0;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=13893eaceff5f078;misc=1...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1A322407f0-1060-11ea-847b-1279d50753f0;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=13893eaceff5f078;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1A322407f0-1060-11ea-847b-1279d50753f0;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=13893eaceff5f078;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1A322407f0-1060-11ea-847b-1279d50753f0;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=13893eaceff5f078;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A32240a0c-1060-11ea-9ded-12dbe8ba47fa;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13417a9dface4a1e;misc=1574781592957
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13417a9dface4a1e;misc=1574781592957
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1A32240a0c-1060-11ea-9ded-12dbe8ba47fa;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13417a9dface4a1e;misc=1...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1A32240a0c-1060-11ea-9ded-12dbe8ba47fa;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13417a9dface4a1e;misc=1574781592957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1A32240a0c-1060-11ea-9ded-12dbe8ba47fa;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13417a9dface4a1e;misc=1574781592957
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1A32240a0c-1060-11ea-9ded-12dbe8ba47fa;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13417a9dface4a1e;misc=1574781592957
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A322442ec-1060-11ea-bcd5-127f7115e3c4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=14041b6bd4ab4b2;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=14041b6bd4ab4b2;misc=1574781592958
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;apid=1A322442ec-1060-11ea-bcd5-127f7115e3c4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=14041b6bd4ab4b2;misc=15...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;apid=1A322442ec-1060-11ea-bcd5-127f7115e3c4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=14041b6bd4ab4b2;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;apid=1A322442ec-1060-11ea-bcd5-127f7115e3c4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=14041b6bd4ab4b2;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;apid=1A322442ec-1060-11ea-bcd5-127f7115e3c4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=14041b6bd4ab4b2;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A322405de-1060-11ea-bfcc-12e650fea264;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=1378a3199620e992;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1378a3199620e992;misc=1574781592958
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1A322405de-1060-11ea-bfcc-12e650fea264;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=1378a3199620e992;misc=1...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1A322405de-1060-11ea-bfcc-12e650fea264;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=1378a3199620e992;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1A322405de-1060-11ea-bfcc-12e650fea264;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=1378a3199620e992;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1A322405de-1060-11ea-bfcc-12e650fea264;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=1378a3199620e992;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A32241128-1060-11ea-b647-121c10c2940c;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1438a11ec487c2d3;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1438a11ec487c2d3;misc=1574781592958
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;apid=1A32241128-1060-11ea-b647-121c10c2940c;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1438a11ec487c2d3;misc=1...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;apid=1A32241128-1060-11ea-b647-121c10c2940c;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1438a11ec487c2d3;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;apid=1A32241128-1060-11ea-b647-121c10c2940c;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1438a11ec487c2d3;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;apid=1A32241128-1060-11ea-b647-121c10c2940c;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1438a11ec487c2d3;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A32244d8c-1060-11ea-8442-127f7115e3c4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=139770658ddba071;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=139770658ddba071;misc=1574781592958
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A32244d8c-1060-11ea-8442-127f7115e3c4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=139770658ddba071;misc=1...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A32244d8c-1060-11ea-8442-127f7115e3c4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=139770658ddba071;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A32244d8c-1060-11ea-8442-127f7115e3c4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=139770658ddba071;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A32244d8c-1060-11ea-8442-127f7115e3c4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=139770658ddba071;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A3224546c-1060-11ea-b73b-12d220623a1c;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1447564c0f4dd858;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1447564c0f4dd858;misc=1574781592958
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;apid=1A3224546c-1060-11ea-b73b-12d220623a1c;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1447564c0f4dd858;misc=1...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;apid=1A3224546c-1060-11ea-b73b-12d220623a1c;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1447564c0f4dd858;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;apid=1A3224546c-1060-11ea-b73b-12d220623a1c;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1447564c0f4dd858;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;apid=1A3224546c-1060-11ea-b73b-12d220623a1c;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1447564c0f4dd858;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A32248f40-1060-11ea-97f5-120b32d93760;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=142851be9df324bc;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=142851be9df324bc;misc=1574781592958
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A32248f40-1060-11ea-97f5-120b32d93760;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=142851be9df324bc;misc=1...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A32248f40-1060-11ea-97f5-120b32d93760;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=142851be9df324bc;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A32248f40-1060-11ea-97f5-120b32d93760;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=142851be9df324bc;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A32248f40-1060-11ea-97f5-120b32d93760;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=142851be9df324bc;misc=1574781592958
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A3223e978-1060-11ea-beba-12244f280cb6;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=1355d426a2a74ac1;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ 		945 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1A3223e978-1060-11ea-beba-12244f280cb6;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=1355d426a2a74ac1;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
c86030d5bc831b022c436556681fafb5e98c647d3df39333bd5cccb478db090b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
945
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A322407f0-1060-11ea-847b-1279d50753f0;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=13893eaceff5f078;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ 		944 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1A322407f0-1060-11ea-847b-1279d50753f0;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=13893eaceff5f078;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
0e0f8d99bded628c036cbbe528726ac88dcc4ab85597e36bb926c2f61488a48e

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
944
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A322405de-1060-11ea-bfcc-12e650fea264;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=1378a3199620e992;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ 		944 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1A322405de-1060-11ea-bfcc-12e650fea264;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=1378a3199620e992;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
33d2b8e46bcf65d2550434523b2166ae01524267009f02197aa54fd9dedb07b7

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
944
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A32240a0c-1060-11ea-9ded-12dbe8ba47fa;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13417a9dface4a1e;misc=1574781592957
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ 		944 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1A32240a0c-1060-11ea-9ded-12dbe8ba47fa;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=13417a9dface4a1e;misc=1574781592957
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
8bbc6b45b69f6e51a25a0444d4d9dd0bfa24ad608ec5cb2addcdfe6239c72e28

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
944
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A32241128-1060-11ea-b647-121c10c2940c;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1438a11ec487c2d3;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ 		945 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;apid=1A32241128-1060-11ea-b647-121c10c2940c;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1438a11ec487c2d3;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
4ad7e831f90fbcb22313b27afe3ab546fb79bf3c7b0c39ea73d8ad0ed1ba78b8

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
945
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A32241c7c-1060-11ea-9a52-12d2f833f2cc;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1366674a2593e657;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ 		945 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A32241c7c-1060-11ea-9a52-12d2f833f2cc;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1366674a2593e657;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
ddbb0c0602f72da31f211dbfdef948d03ddfb077f1e08d8ea27278ba12e4edc2

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
945
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A32244d8c-1060-11ea-8442-127f7115e3c4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=139770658ddba071;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ 		945 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A32244d8c-1060-11ea-8442-127f7115e3c4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=139770658ddba071;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
6bfc1fe25171678703ff41c6bc38a275a4b2d50b1c0875a73b57c062e100c22d

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
945
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A322442ec-1060-11ea-bcd5-127f7115e3c4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=14041b6bd4ab4b2;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ 		944 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;apid=1A322442ec-1060-11ea-bcd5-127f7115e3c4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=14041b6bd4ab4b2;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
d83452998b9ea08e11d7aa2890d6df04397a0709fb15555c9f6c8ae1a03d4835

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
944
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A3224008e-1060-11ea-b12e-1248c7260bf4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1412b34443b0975c;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ 		944 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;apid=1A3224008e-1060-11ea-b12e-1248c7260bf4;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1412b34443b0975c;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
b1839488116b4abfd1e3cae794644fb9e5a1f1c9639a1010d2e5017be7a08131

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
944
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A3224546c-1060-11ea-b73b-12d220623a1c;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1447564c0f4dd858;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ 		944 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;apid=1A3224546c-1060-11ea-b73b-12d220623a1c;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=1447564c0f4dd858;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
9b25663f92420c3fca13e2ac5f616172ab535f9a40a9c2b76201e7cb9d996d3f

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
944
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A32248f40-1060-11ea-97f5-120b32d93760;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=142851be9df324bc;misc=1574781592958
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ 		945 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A32248f40-1060-11ea-97f5-120b32d93760;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=142851be9df324bc;misc=1574781592958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
c3cd2ba844c17ac117988136c03c23ffc741f87851a38e02aa0eed47897ab729

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
945
expires
Mon, 15 Jun 1998 00:00:00 GMT
i
vid-io.springserve.com/vd/ Frame 0BA3 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io.springserve.com/vd/i?suuid=863d24ea&ps_id=514171&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.219.23 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-200-219-23.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Tue, 26 Nov 2019 15:19:53 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
av
connatix-d.openx.net/v/1.0/ Frame C779 		48 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=0aeb2a04bd2ef72791711574781593456&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
48
expires
Mon, 26 Jul 1997 05:00:00 GMT
514171
vid.springserve.com/vast/ Frame C779 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.245.241.249 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-245-241-249.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c6992139579970191b8ccdc3a4737451fff363b6e6eb8c80685ab2695e503e4f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

Date
Tue, 26 Nov 2019 15:19:53 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
912
amp4ads-host-v0.js
cdn.ampproject.org/rtv/011911070201440/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
866a1264b956a58da8e640a6191453d62f20d8676f63f193d2786318f83f6422
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
7279
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7132
x-xss-protection
0
server
sffe
date
Tue, 26 Nov 2019 13:18:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"796f98bb73f13f89"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Nov 2020 13:18:34 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011911070201440/ Frame 3560 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7a52d4e3f541e459f9069f6f596242684704eeaca5a95f05285d16e2e609927d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
8712
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
55611
x-xss-protection
0
server
sffe
date
Tue, 26 Nov 2019 12:54:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d3c4309c2c9fce1d"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Nov 2020 12:54:41 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 3560 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f6b7ba3cc9a8177d62950984426ff73450f229d389c449b0631392be2f5b5b61
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
20064
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5592
x-xss-protection
0
server
sffe
date
Tue, 26 Nov 2019 09:45:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9ac5c138bfec1b90"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Nov 2020 09:45:29 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 3560 		151 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e4ad56bd91f08203b208a3db86c463c7952fad443a239de6454c73b7ce669657
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
11601
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
41358
x-xss-protection
0
server
sffe
date
Tue, 26 Nov 2019 12:06:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ed96f4a845755c74"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Nov 2020 12:06:32 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 3560 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3c10cb1ddf712f08a5082f5759b9496c250d195a9e6746e2ab0088b52775b21e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
20036
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1402
x-xss-protection
0
server
sffe
date
Tue, 26 Nov 2019 09:45:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"49ed1549bef9ee2d"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Nov 2020 09:45:57 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 3560 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
71dae7cc7766c98bdc4b766789af22fe0442d58aced342736f044ec12aaba058
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
20028
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14180
x-xss-protection
0
server
sffe
date
Tue, 26 Nov 2019 09:46:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"15a9b640489a7720"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Nov 2020 09:46:05 GMT
css
fonts.googleapis.com/ Frame 3560 		4 KB
677 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
efe95cb2cc312e0132b0ce914c642ecee0534223df3f1d47579cdabe6cc070cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 26 Nov 2019 15:19:53 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 26 Nov 2019 15:19:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:53 GMT
css
fonts.googleapis.com/ Frame 3560 		4 KB
631 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
efe95cb2cc312e0132b0ce914c642ecee0534223df3f1d47579cdabe6cc070cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 26 Nov 2019 15:19:53 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 26 Nov 2019 15:19:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:53 GMT
truncated
/ Frame 3560 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
806078b99ac2e973dd30e1112251e73c963f67c8015c27af40b73426ebf665f0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&pid=gzkZljeiW6Far&cb=1&ws=1600x1200&v=7.44.02&t=1000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%5D&cfgv=0&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-86-250.fra2.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 26 Nov 2019 15:19:53 GMT
via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C2
status
200
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
m-_clslHsCwlYHPEWlADwhBy-SHEdYoeWyqISw1tELF6uUs_QgAyVg==
auction
tlx.3lift.com/header/ 		19 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=2.36.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&tmax=1200
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.206.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-206-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
x-auction-status
12, 12, 12, 12
status
200
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=160cdded866aee77&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.36.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.1.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-1-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=wDH8n844o8J5LF7qDwHQ7sj5&bidId=16174fd23e7386b2&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.36.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.1.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-1-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&bidId=162ba0c46065fc21&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.36.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.1.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-1-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
arj
freestar-d.openx.net/w/1.0/ 		173 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=5b526744-8ffe-4108-a184-d0cb3b5a4362&nocache=1574781593597&x_gdpr_f=1&pubcid=d0e13832-2ba0-47e3-842e-fdfec6ec23b7&aus=728x90%2C970x90%2C970x250&divIds=bleepingcomputer_728x90_970x90_970x250_320x50_BTF&auid=539181725&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
0bfc0b3c10e61b72ae2840e06203795fdbbcd9c71d319373139ee59a8f0290d2

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
173
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		140 B
988 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
5a90232ad413139dc68f4450c60790a23768e401274b54ecc08323b0affd7266
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:55 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.25:80
AN-X-Request-Uuid
789ba729-88a1-4947-a244-6dbc098b3dc0
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&tk_flint=pbjs_lite_v2.36.0&x_source.tid=5b526744-8ffe-4108-a184-d0cb3b5a4362&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8572698086876989
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
8bbb08239fe3caae49948806a937efa2b7f89ea87f05fc5e7868fe64a2cd64a1

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:53 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=415
Content-Length
1524
Expires
Wed, 17 Sep 1975 21:32:10 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=194105b7cfeb688d;misc=1574781593602;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ 		945 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=194105b7cfeb688d;misc=1574781593602;
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
6ea6d9943fa4e53b8fb94ac625cc55585d53f2f0ab7be659f8243fd7b75771b0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
945
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=195c136a614376f7;misc=1574781593602;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ 		945 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=195c136a614376f7;misc=1574781593602;
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
18a85343466642ec57a184aaf7ddf7b1ff8939198bdbbb6d22ee91f00bb16812

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
945
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=196ec694e7a09f82;misc=1574781593602;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ 		943 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=196ec694e7a09f82;misc=1574781593602;
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
2cbf1729776f2bc7881907cec24496cbd1400eabc4ce25ee34fcf6ac12da1ad0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/json
content-length
943
expires
Mon, 15 Jun 1998 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Tue, 26 Nov 2019 15:19:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
ac19cd27d0df72c5ce07f3bcc9330caa63ce10a0651791a0bb5e2dd0953dcf70
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:55 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.252:80
AN-X-Request-Uuid
db2b1277-2606-4a60-a167-0e2ff8b088bc
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
24
web.hb.ad.cpe.dotomi.com/s2s/header/ 		194 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software
nginx /
Resource Hash
7955c0914dee7450ad60cc58dd8240e98537d8ece40b9b68023bd747998974d1

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
194
expires
0
v2
i.connectad.io/api/ 		97 B
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:9174 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
feb00c371b08777227888978a718fb8cec317184cbdbd263c1fd58cc73919137

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Nov 2019 15:19:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
alt-svc
clear
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
53bcd7e01a045976-VIE
content-type
application/json
via
1.1 google
v1
dmx.districtm.io/b/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Tue, 26 Nov 2019 15:19:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://www.bleepingcomputer.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
status
204
access-control-max-age
14400
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
53bcd7e01ba1c295-FRA
access-control-allow-headers
origin, content-type
imp
g2.gumgum.com/hbid/ 		123 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=6e5f1bf6-6515-41ee-a758-2c72a959cbca&si=14287&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ns=10240&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.34.242 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-34-242.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
12757aacd8065f1dae7232eee05d72060f2f8de1547afe1136b9d774b262e902

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=6e5f1bf6-6515-41ee-a758-2c72a959cbca&si=14288&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ns=10240&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.34.242 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-34-242.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
12757aacd8065f1dae7232eee05d72060f2f8de1547afe1136b9d774b262e902

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=-60&buster=1574781593605&secure=true&version=9&mobile=false&uuid=393ecb8b-ee41-42d4-a9ba-33fdc65f8e5a&title=Silly%20Phishing%20Spotlight%3A%20Login%20to%20Unblock%20Microsoft%20Excel&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&measurable=true&bids[0][bidId]=189217a58358190d&bids[0][config][property]=5c3404d83e048a00261ad27f&bids[0][config][zone]=bleepingcomputer_728x90_970x90_970x250_320x50_BTF&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=970&bids[0][sizes][1][height]=90&bids[0][sizes][2][width]=970&bids[0][sizes][2][height]=250&property=5c3404d83e048a00261ad27f&foo
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.165.42 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-72-165-42.compute-1.amazonaws.com
Software
/ Express
Resource Hash
249193c3827d0fb6e4646050b7491f0955be7f7194a496c3e894d71119740a67

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
status
200
x-powered-by
Express
etag
"-1728702279"
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
cygnus
as-sec.casalemedia.com/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%22190bd774ae338ab6%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221914bb497af7396a%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%221920f14e5f3ae879%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22id%22%3A%22193b47607e1acafd%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1c3850c30b0caf90190a6959e82a1c4ffa3b6eb5d8ff5d2d733e23fd4e77db6e

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:53 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
1011
Expires
Tue, 26 Nov 2019 15:19:53 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/17831236470380784658/ Frame 3560 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17831236470380784658/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoI2gMQ-AEYASABLQAAAD8w2gM4-AFFAACAPw&rs=AOga4qkzSwaSYYwgNB1A8sZgdprQegJP2w
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7c5038506dacbcd8a117352de3409a7842ea9ee27c00f8f3d7ac28e469d58b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 23:27:35 GMT
x-content-type-options
nosniff
last-modified
Fri, 15 Nov 2019 10:53:14 GMT
server
sffe
age
489138
content-type
image/jpeg
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
31946
x-xss-protection
0
expires
Thu, 19 Nov 2020 23:27:35 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/6105328926431293641/ Frame 3560 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6105328926431293641/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qlX4eO4QUclkNlRWvdTSo1kwFaGfQ
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
501196b547ac8238761fa5144f51baa4a7c995546f358564e91ea100bd30c805
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 22 Nov 2019 04:06:49 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Nov 2019 12:11:11 GMT
server
sffe
age
385984
content-type
image/png
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
27362
x-xss-protection
0
expires
Sat, 21 Nov 2020 04:06:49 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 3560 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cwf5XmULdXfnoCYSVgAe2pYHgC8iOlJpa797agNsKyrqM8b4BEAEg2tfFOWCVAqABk7SQ4wPIAQapAhFjhk5ReLI-4AIAqAMByAMKqgTCAk_Q284ANBKN14EXcjjJ92_zSSmDbqY9VqBKoZZL98F7r8vCRUNmpKmofzmEpu8j866jvkc4G6-yZlHx67Jjr6gCJ1JUPrXlj0iue8cdmWePeqYEHhmt149flLFoUyEu0xhp8y5dolWIqBHLx3knUAtyG1MLRm4h4uglqzNd9NH-NDdsmJiYUsWN7gL89Py_Ws0yVt9cxpACkBidPMCSVMDCQr0SRmsblzTAs5H0uhTx0OhW2-2Lpq6BcpSNrougqkKKgDAEOArPQpnl6KWnsDFUoBh5CfhqexkpDxdT-jMFOgKyslZKeIjd6dmeiwmYZzsGZ81x8MB9Lk69eGcgHqytrTkuOR9lHcwDVqHyHQ6lE4GBPdOPjVgKubh43DTv8QrzIhI0Gj9Fj_YigRJIOhqgig0ExpAC4VkI2lVcHNpn4kvABO3IqqW3AuAEAaAGN4AH1cvvHKgHjs4bqAfVyRuoB5PYG6gHugaoB9nLG6gHz8wbqAemvhuoB-zVG9gHAfIHBBDfrA_SCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTE3NDIyNDk2MDMyODkwODOACgPYEwOIFAQ&sigh=tx-TTy57a7Q&template_id=492&tpd=AGWhJmtKZ9-l8-12NTQdAnZlzhCYqdEVXpXPJfyV2GNZHg78iw
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3560 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 23:33:42 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
56771
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Tue, 26 Nov 2019 23:33:42 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3560 		295 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 21:53:21 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
62792
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 26 Nov 2019 21:53:21 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011911070201440/ Frame DE52 		200 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7a52d4e3f541e459f9069f6f596242684704eeaca5a95f05285d16e2e609927d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
8712
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
55611
x-xss-protection
0
server
sffe
date
Tue, 26 Nov 2019 12:54:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d3c4309c2c9fce1d"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Nov 2020 12:54:41 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/011911070201440/v0/ Frame DE52 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f6b7ba3cc9a8177d62950984426ff73450f229d389c449b0631392be2f5b5b61
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
20064
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5592
x-xss-protection
0
server
sffe
date
Tue, 26 Nov 2019 09:45:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9ac5c138bfec1b90"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Nov 2020 09:45:29 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011911070201440/v0/ Frame DE52 		151 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e4ad56bd91f08203b208a3db86c463c7952fad443a239de6454c73b7ce669657
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
11601
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
41358
x-xss-protection
0
server
sffe
date
Tue, 26 Nov 2019 12:06:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ed96f4a845755c74"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Nov 2020 12:06:32 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/011911070201440/v0/ Frame DE52 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3c10cb1ddf712f08a5082f5759b9496c250d195a9e6746e2ab0088b52775b21e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
20036
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1402
x-xss-protection
0
server
sffe
date
Tue, 26 Nov 2019 09:45:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"49ed1549bef9ee2d"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Nov 2020 09:45:57 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/011911070201440/v0/ Frame DE52 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011911070201440/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
71dae7cc7766c98bdc4b766789af22fe0442d58aced342736f044ec12aaba058
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
20028
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14180
x-xss-protection
0
server
sffe
date
Tue, 26 Nov 2019 09:46:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"15a9b640489a7720"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Nov 2020 09:46:05 GMT
css
fonts.googleapis.com/ Frame DE52 		4 KB
631 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
efe95cb2cc312e0132b0ce914c642ecee0534223df3f1d47579cdabe6cc070cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 26 Nov 2019 15:19:53 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 26 Nov 2019 15:19:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:53 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DE52 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 23:33:42 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
56771
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Tue, 26 Nov 2019 23:33:42 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DE52 		295 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 21:53:21 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
62792
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 26 Nov 2019 21:53:21 GMT
truncated
/ Frame DE52 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b4afeef55fb756ea98174b77c46fccfa648e9765e97acdae77c47bb662f645c

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&pid=yNkAIZ5sOOIte&cb=2&ws=1600x1200&v=7.44.02&t=1000&slots=%5B%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%5D&cfgv=0&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-86-250.fra2.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 26 Nov 2019 15:19:53 GMT
via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C2
status
200
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
K5-SfvmfELP73_1ywYy7R_OErpG9wkDy9eZk2DrRfV_UOLiafCl5CA==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&pid=Guy7E8ROp5C3X&cb=3&ws=1600x1200&v=7.44.02&t=1000&slots=%5B%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%22%7D%5D&cfgv=0&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-86-250.fra2.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 26 Nov 2019 15:19:53 GMT
via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C2
status
200
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
3qMDwwyGtoVmS_c3GFTMVW2GKp1IXIhsci5zOodJ5cEDuMFkUaTdaA==
view
securepubads.g.doubleclick.net/pcs/ Frame F613 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuR7r33mMVi62EjbzQkHeC8SCjUuVa2NkK8vN3PV2ZP_mWwKw92rJVRKvLlUuazCWBR18N-xcRP-knj1hbVi4itrI5CCh_Q-B3ARjm4WKmdxTNb7cOgkTG4isiES35jbWN8hz2uQn0yhMjy7pkQohMu-f-brscBeHdG6cilQSk_9DArbmyHJ1QPXsb3HKZNketkQXQQ7oEzMbOXk-9Lc6pt7LPyN62hOBwWKSzH9IJ_tzhdZf-wYVIVhdF-Fkf_Khbl2xMI-BvsWIQ9w04mXc8tQKgRg4eW0zwj&sig=Cg0ArKJSzMGA63Aqt2AgEAE&urlfix=1&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Nov 2019 15:19:53 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame F613 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29138
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:53 GMT
l
www.google.com/ads/measurement/ Frame DE52 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQRp2yu5hQzbEgWlQBH0nmSYTc6tSmz2MFATqthwBnXzOtTJiJF4EEKkHdyFyJpFyr2tZH2xoE0cLdgCNRHYe5K43UINA
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
B22124189.254854372;dc_pre=CLTW9MuWiOYCFc2rewods7kDDw;dc_trk_aid=454091777;dc_trk_cid=123175425;ord=2989050072;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/ Frame DE52
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.254854372;dc_trk_aid=454091777;dc_trk_cid=123175425;ord=2989050072;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
  • https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.254854372;dc_pre=CLTW9MuWiOYCFc2rewods7kDDw;dc_trk_aid=454091777;dc_trk_cid=123175425;ord=2989050072;dc_lat=;dc_rdid=;tag_for_ch...
42 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.254854372;dc_pre=CLTW9MuWiOYCFc2rewods7kDDw;dc_trk_aid=454091777;dc_trk_cid=123175425;ord=2989050072;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.134 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f134.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.254854372;dc_pre=CLTW9MuWiOYCFc2rewods7kDDw;dc_trk_aid=454091777;dc_trk_cid=123175425;ord=2989050072;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame DE52 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CzadLmULdXfvsCYSVgAe2pYHgC-PP9Z5ahPiO2aoKv-EeEAEgx4P8AWCVAqAB0vjL4gPIAQHgAgCoAwHIAwqqBMMCT9CGCQ70zWnRYJ5b2gOBA_JF46wwf-Xutriyg0wThjxwTULlhESw2QdypSvg1OuCEhOtQALkWptvQIn41C53e5Mygc9Vdhy9c-L3LoPP6aZ1Kuef5zV_iyODrp9wSTuMX9MUbM7V3VKRP2TIuK_-QUJ0Y2l9cvimMYDdUmZ1onk_XNcecCDQUrduj9Ovpohc-WmYqux8Pt-w9sUycHjRriyqyay4j7_lMW5-bWwMrfqE6xOr2R1tY1gZx7rqYePhoGQgbG6he3fn1Bx4fsR0btjoI-La9Q2H0qzVWd47LniC5YQpRVJmH85VwYp4d-5PjDBP2CBJsCO_G6wumtR3QzzCbFMFW-XyD4lnUws33BwBMSZ8L1MpT4YUzf0QQdY_vBPlGjNK-ItNznqInjIn2L6zrDX14R3IJQ7xN7xOHJswqgrABLyM-PyGAuAEAYAHgYjWQ6gHjs4bqAfVyRuoB5PYG6gHugaoB9nLG6gHz8wbqAemvhuoB-zVG9gHAfIHBBDWiw3SCAkIgOGAEBABGB2ACgHYEwM&sigh=xIS0EBND2FI&tpd=AGWhJmtbSZNe7rlUCLREQDmfZRYqQJt_mqwkdrlrSuF7gRWB1w
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&tk_flint=pbjs_lite_v2.36.0&x_source.tid=634f3054-2128-41b1-b138-5a6df0d4c24e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9003688347497936
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
7a12f0eee52a176cb64f3bdb63b2784787e195bf5010155d4f64c298841026a1

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:53 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=396
Content-Length
1507
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=2.36.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&tmax=1200
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.206.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-206-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
x-auction-status
12
status
200
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=205dd2ef5e28c66c&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.36.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.1.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-1-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Ggh1aXSgpQAvBpkxoyAsBJPd&bidId=20661fbae34e65a7&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.36.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.1.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-1-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
ADTECH;v=2;cmd=bid;cors=yes;alias=271ce0e65e0c2e61;misc=1574781593663;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ 		945 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=271ce0e65e0c2e61;misc=1574781593663;
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
256b50a209001533a8a275b36caa7a9fe3c273f26304a421d91c5ae3394d6c49

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
945
expires
Mon, 15 Jun 1998 00:00:00 GMT
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=-60&buster=1574781593663&secure=true&version=9&mobile=false&uuid=393ecb8b-ee41-42d4-a9ba-33fdc65f8e5a&title=Silly%20Phishing%20Spotlight%3A%20Login%20to%20Unblock%20Microsoft%20Excel&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&measurable=true&bids[0][bidId]=2107e5092e14ba0e&bids[0][config][property]=5c3404d83e048a00261ad27f&bids[0][config][zone]=bleepingcomputer_728x90_320x50_InContent_1&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&property=5c3404d83e048a00261ad27f&foo
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.165.42 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-72-165-42.compute-1.amazonaws.com
Software
/ Express
Resource Hash
249193c3827d0fb6e4646050b7491f0955be7f7194a496c3e894d71119740a67

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
status
200
x-powered-by
Express
etag
"-1728702279"
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
24
web.hb.ad.cpe.dotomi.com/s2s/header/ 		194 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software
nginx /
Resource Hash
6175f1f2e554b22ae23db1515c988e1ec80909097272052dfa938e3641d901ed

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
194
expires
0
translator
hbopenbid.pubmatic.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Tue, 26 Nov 2019 15:19:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.bleepingcomputer.com
prebid
ib.adnxs.com/ut/v3/ 		140 B
989 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
48f9e523c2f6b847b2cabf311c8ae090a21acffdc8e838ad990cddd3c8a43741
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:55 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.120:80
AN-X-Request-Uuid
8509a91a-f142-4211-8b7b-a5516bb68de5
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
as-sec.casalemedia.com/ 		26 B
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%222174b3402b158edd%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22218aec80abd3883f%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1022f23a95a6bf4f7fdbea9dd91e0e85a9c0a437c460ee27e43a81e65522f1a7

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:53 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
46
Expires
Tue, 26 Nov 2019 15:19:53 GMT
v2
i.connectad.io/api/ 		97 B
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:9174 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6391d747f867408f4a197c27abbd9b1cba213a5455f808a83e28cc02b7010ae

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Nov 2019 15:19:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
alt-svc
clear
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
53bcd7e07a605976-VIE
content-type
application/json
via
1.1 google
arj
freestar-d.openx.net/w/1.0/ 		173 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=634f3054-2128-41b1-b138-5a6df0d4c24e&nocache=1574781593673&x_gdpr_f=1&pubcid=d0e13832-2ba0-47e3-842e-fdfec6ec23b7&aus=728x90&divIds=bleepingcomputer_728x90_320x50_InContent_1&auid=539181725&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
d7350344f13299c5afa6659905e3333c67ff3c0e427694fee3b877ab9bbf5bce

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
173
expires
Mon, 26 Jul 1997 05:00:00 GMT
imp
g2.gumgum.com/hbid/ 		123 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=6e5f1bf6-6515-41ee-a758-2c72a959cbca&si=14287&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ns=10240&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.34.242 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-34-242.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
12757aacd8065f1dae7232eee05d72060f2f8de1547afe1136b9d774b262e902

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
5c67aed7670e5089c27840eb75fc349ac508111708d933388a80253192d079df
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:55 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.234:80
AN-X-Request-Uuid
bf65b492-be09-4ed9-a031-e9dc240a52a4
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
dmx.districtm.io/b/ 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Tue, 26 Nov 2019 15:19:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://www.bleepingcomputer.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
status
204
access-control-max-age
14400
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
53bcd7e07cb3c295-FRA
access-control-allow-headers
origin, content-type
v1
dmx.districtm.io/b/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 26 Nov 2019 15:19:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
53bcd7e09be3beba-FRA
access-control-allow-headers
origin, content-type
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 3560 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de
Origin
https://www.bleepingcomputer.com

Response headers

date
Wed, 20 Nov 2019 05:05:44 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
555249
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Thu, 19 Nov 2020 05:05:44 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 3560 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de
Origin
https://www.bleepingcomputer.com

Response headers

date
Thu, 21 Nov 2019 23:44:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
401714
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11056
x-xss-protection
0
expires
Fri, 20 Nov 2020 23:44:39 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame DE52 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin
https://www.bleepingcomputer.com

Response headers

date
Thu, 21 Nov 2019 23:44:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
401714
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11056
x-xss-protection
0
expires
Fri, 20 Nov 2020 23:44:39 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame DE52 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin
https://www.bleepingcomputer.com

Response headers

date
Wed, 20 Nov 2019 05:05:44 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
555249
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Thu, 19 Nov 2020 05:05:44 GMT
v1
dmx.districtm.io/b/ 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 26 Nov 2019 15:19:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
53bcd7e0fc46beba-FRA
access-control-allow-headers
origin, content-type
fastlane.json
fastlane.rubiconproject.com/a/api/ 		257 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&tk_flint=pbjs_lite_v2.36.0&x_source.tid=0aadcc8a-20e0-4ab9-9023-dc59104b525f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.38230731205468893
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
d60eed120f3d03e477e8d7a5281069d4a31b32e5abecf1c8318dcd360ddeba3e

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:53 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=393
Content-Length
257
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v2
i.connectad.io/api/ 		97 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:9174 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
322b0c2fa4ec751df4ea5244d4245d6ff9f05735f0d873ee55ab60e50aa5c1dd

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Nov 2019 15:19:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
alt-svc
clear
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
53bcd7e11ad05976-VIE
content-type
application/json
via
1.1 google
24
web.hb.ad.cpe.dotomi.com/s2s/header/ 		194 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software
nginx /
Resource Hash
ae6d664511820e43f58c2364d402d7d88d21e490f789d2660d65c1c1b9456ed7

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
200
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
194
expires
0
translator
hbopenbid.pubmatic.com/ 		21 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
18522624c3465128e0d871a716cd3315955ffefc6a0acb9eb16dd06c09450dae

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
200
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
x-openrtb-version
2.3
access-control-allow-credentials
true
date
Tue, 26 Nov 2019 15:19:54 GMT
content-type
application/json
auction
tlx.3lift.com/header/ 		19 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=2.36.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&tmax=1200
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.206.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-206-192.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
x-auction-status
12, 12, 12, 12
status
200
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=DSthphoQqH66AkQXPDoXn74b&bidId=247a83a169611999&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.36.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.1.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-1-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Y2PwNBba8FyKXESSc72DFF25&bidId=2487ec80b0b44af1&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.36.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.1.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-1-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&bidId=249c1cc522e7c49a&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=2.36.0&strVersion=3.1.0&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.1.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-1-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
imp
g2.gumgum.com/hbid/ 		0
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=6e5f1bf6-6515-41ee-a758-2c72a959cbca&t=zztu1szx&pi=2&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ns=10240&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.34.242 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-34-242.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
204
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		123 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pv=6e5f1bf6-6515-41ee-a758-2c72a959cbca&si=14290&pi=3&gdprApplies=0&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ns=10240&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.34.242 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-34-242.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
12757aacd8065f1dae7232eee05d72060f2f8de1547afe1136b9d774b262e902

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
server
nginx
status
200
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
v1
dmx.districtm.io/b/ 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method
POST
Origin
https://www.bleepingcomputer.com
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Tue, 26 Nov 2019 15:19:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://www.bleepingcomputer.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
status
204
access-control-max-age
14400
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
53bcd7e11e2fc295-FRA
access-control-allow-headers
origin, content-type
arj
freestar-d.openx.net/w/1.0/ 		174 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=0aadcc8a-20e0-4ab9-9023-dc59104b525f&nocache=1574781593775&x_gdpr_f=1&pubcid=d0e13832-2ba0-47e3-842e-fdfec6ec23b7&aus=300x250%2C300x600&divIds=bleepingcomputer_300x250_300x600_160x600_Right_3&auid=539181725&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
5dd783144574bd34ebe437cdaef2aebfab1803db65134ad55ef8906da78edc7b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
via
1.1 google
server
OXGW/16.167.2
status
200
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
174
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		140 B
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
94b564eb561a1831342eadd34c97751a75353a6f4f46920b99072d3918e55923
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:55 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.232:80
AN-X-Request-Uuid
26ac3793-2fd0-4e21-a81c-25646bb84eb9
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=-60&buster=1574781593776&secure=true&version=9&mobile=false&uuid=393ecb8b-ee41-42d4-a9ba-33fdc65f8e5a&title=Silly%20Phishing%20Spotlight%3A%20Login%20to%20Unblock%20Microsoft%20Excel&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&measurable=true&bids[0][bidId]=2602993739779d7c&bids[0][config][property]=5c3404d83e048a00261ad27f&bids[0][config][zone]=bleepingcomputer_300x250_300x600_160x600_Right_3&bids[0][sizes][0][width]=300&bids[0][sizes][0][height]=250&bids[0][sizes][1][width]=300&bids[0][sizes][1][height]=600&property=5c3404d83e048a00261ad27f&foo
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.165.42 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-72-165-42.compute-1.amazonaws.com
Software
/ Express
Resource Hash
249193c3827d0fb6e4646050b7491f0955be7f7194a496c3e894d71119740a67

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
status
200
x-powered-by
Express
etag
"-1728702279"
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
/
hb.emxdgt.com/ 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1200&ts=1574781593777&src=pbjs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Nov 2019 15:19:53 GMT
Content-Type
text/html
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
0
ADTECH;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=27564ab203cb0c5;misc=1574781593777
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=27564ab203cb0c5;misc=1574781593777;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=27564ab203cb0c5;misc=1574781593777
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=27564ab203cb0c5;misc=1574781593777
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=27564ab203cb0c5;misc=1574781593777
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=27564ab203cb0c5;misc=1574781593777
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=2764459048259848;misc=1574781593777
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=2764459048259848;misc=1574781593777;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=2764459048259848;misc=1574781593777
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=2764459048259848;misc=1574781593777
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=2764459048259848;misc=1574781593777
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=2764459048259848;misc=1574781593777
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
cygnus
as-sec.casalemedia.com/ 		26 B
913 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%222666616c007c4bc9%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2226773828b97ff4d1%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%22268b2cbb94ebff01%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
70ac0b55040fc7ec03f8d817383cb6d7ee01acc3582b60f163f35fa9c540e61c

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:53 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
44
Expires
Tue, 26 Nov 2019 15:19:53 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
d9b1994b724c80fe16153005ecb0d6e7644d8466088af4f96fb76d3230415125
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:55 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.167:80
AN-X-Request-Uuid
55985366-72b2-4cc2-8d72-7c1f9289c6c7
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
c.pub.network/ 		36 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
58.36.226.35.bc.googleusercontent.com
Software
/
Resource Hash
d24aa150c8e684dc61526472cb0f821d6fe952ec5b0713ee4d6fa7697d27d608

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Tue, 26 Nov 2019 15:19:53 GMT
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
36
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain;charset=utf-8
v1
dmx.districtm.io/b/ 		0
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 26 Nov 2019 15:19:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
53bcd7e1bd5dbeba-FRA
access-control-allow-headers
origin, content-type
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3560
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Tue, 26 Nov 2019 15:19:53 GMT
x-content-type-options
nosniff
server
safe
location
https://googleads.g.doubleclick.net/pagead/drt/si
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
246
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame DE52
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Tue, 26 Nov 2019 15:19:53 GMT
x-content-type-options
nosniff
server
safe
location
https://googleads.g.doubleclick.net/pagead/drt/si
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
246
x-xss-protection
0
ADTECH;apid=1A3290780e-1060-11ea-8daf-1200a56dfbc2;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=27564ab203cb0c5;misc=1574781593777
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=27564ab203cb0c5;misc=1574781593777
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;apid=1A3290780e-1060-11ea-8daf-1200a56dfbc2;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=27564ab203cb0c5;misc=15...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;apid=1A3290780e-1060-11ea-8daf-1200a56dfbc2;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=27564ab203cb0c5;misc=1574781593777
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;apid=1A3290780e-1060-11ea-8daf-1200a56dfbc2;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=27564ab203cb0c5;misc=1574781593777
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;apid=1A3290780e-1060-11ea-8daf-1200a56dfbc2;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=27564ab203cb0c5;misc=1574781593777
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A329053b0-1060-11ea-a62f-12f0dd10f918;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=2764459048259848;misc=1574781593777
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;cfp=1;rndc=1574781592;v=2;cmd=bid;cors=yes;alias=2764459048259848;misc=1574781593777
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;apid=1A329053b0-1060-11ea-a62f-12f0dd10f918;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=2764459048259848;misc=1...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;apid=1A329053b0-1060-11ea-a62f-12f0dd10f918;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=2764459048259848;misc=1574781593777
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;apid=1A329053b0-1060-11ea-a62f-12f0dd10f918;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=2764459048259848;misc=1574781593777
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:53 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;apid=1A329053b0-1060-11ea-a62f-12f0dd10f918;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=2764459048259848;misc=1574781593777
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1448605548268930&correlator=1017314897163186&output=ldjh&impl=fifs&adsid=NT&vrg=2019111801&guci=1.2.0.0.2.2.0.0&plat=1%3A67108864%2C2%3A67108864%2C8%3A67108864&sc=1&sfv=1-0-36&ecs=20191126&iu_parts=15184186%2Cbleepingcomputer_728x90_320x50_InContent_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&rcs=1&prev_scp=amznbid%3D2%26amznp%3D2%26freestar_path%3D%252Fnews%252Fsecurity%252Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%252F%26freestar_domain%3Dbleepingcomputer.com%26fs_safeframe%3Dfalse%26custom_bidder_size%3Drubicon_728x90%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D27357d6ac2a79afa%26hb_bidder%3Drubicon&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1574616885&dt=1574781593908&dlt=1574781590265&idt=1385&frm=20&biw=1600&bih=1200&oid=3&adxs=268&adys=3860&adks=4047242158&ucis=7&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&dssz=54&icsg=703687617945600&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=834x90&msz=834x90&psts=AA2WTGPNxr0CeNnB2GY4q-ltPz59%2CAA2WTGP-rCwpT_WXvV0t9Uxs4Oric2m8Gvd6pzI6WXMzRFsMBDq1CGTMgcqfR_jyWD6-ftkDlCL8AYkRjCGq%2CAA2WTGPNxr0CeNnB2GY4q-ltPz59&ga_vid=2081853526.1574781591&ga_sid=1574781591&ga_hid=1714546185&fws=4&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e5217e9f4eabe859d6c69662fc025af50029c4b371dc2aea3f9c19a4d1a600a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 26 Nov 2019 15:19:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2210
x-xss-protection
0
google-lineitem-id
4721361505
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138237452898
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/17831236470380784658/ Frame 3560 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17831236470380784658/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoI2gMQ-AEYASABLQAAAD8w2gM4-AFFAACAPw&rs=AOga4qkzSwaSYYwgNB1A8sZgdprQegJP2w
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7c5038506dacbcd8a117352de3409a7842ea9ee27c00f8f3d7ac28e469d58b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 23:27:35 GMT
x-content-type-options
nosniff
last-modified
Fri, 15 Nov 2019 10:53:14 GMT
server
sffe
age
489138
content-type
image/jpeg
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
31946
x-xss-protection
0
expires
Thu, 19 Nov 2020 23:27:35 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/6105328926431293641/ Frame 3560 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6105328926431293641/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qlX4eO4QUclkNlRWvdTSo1kwFaGfQ
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
501196b547ac8238761fa5144f51baa4a7c995546f358564e91ea100bd30c805
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 22 Nov 2019 04:06:49 GMT
x-content-type-options
nosniff
last-modified
Thu, 07 Nov 2019 12:11:11 GMT
server
sffe
age
385984
content-type
image/png
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
27362
x-xss-protection
0
expires
Sat, 21 Nov 2020 04:06:49 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3560 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 23:33:42 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
56771
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Tue, 26 Nov 2019 23:33:42 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3560 		295 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 21:53:21 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
62792
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 26 Nov 2019 21:53:21 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DE52 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 23:33:42 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
56771
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Tue, 26 Nov 2019 23:33:42 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DE52 		295 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 Nov 2019 21:53:21 GMT
x-content-type-options
nosniff
content-type
image/png
server
cafe
age
62792
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 26 Nov 2019 21:53:21 GMT
vpaid_855affef.js
vpaid.springserve.com/production/ Frame 87B2 		420 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_855affef.js
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
AmazonS3 /
Resource Hash
8a41e097be4591fa4f13e6eea4fddaa0dabfb232193ce6885653f244f2dc7a3a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:53 GMT
content-encoding
gzip
last-modified
Fri, 22 Nov 2019 18:17:07 GMT
server
AmazonS3
x-amz-request-id
5AD82A02192E0B0E
etag
"b03e75f0c79cce2a5b914f3297f941d3"
x-hw
1574781593.dop036.fr8.t,1574781593.cds109.fr8.hn,1574781593.cds010.fr8.c
content-type
application/javascript
status
200
cache-control
max-age=2294858
accept-ranges
bytes
access-control-allow-origin
*
content-length
95929
x-amz-id-2
w7aOYBQiB1wbaziIFJipv3PYfz6eZFn23etM0yKArksBc48Q6cMciAzrDP2XXTobyJ/blkuhfMo=
oath-viewability-sdk.js
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 87B2 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 04:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40206
status
200
content-length
7868
strict-transport-security
max-age=15552000
x-amz-request-id
046F19794F1C89E4
x-amz-id-2
rwuCqqVkGCiGHUSLNJpnZIe/zkpm+7AlPbiwXfvk+iXX+eSnoX7UjRPVXlvo8A0oi0OxZDIO4oE=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Jan 2018 04:39:44 GMT
server
ATS
etag
"f89c71522a28b573b7e8c681892779ce-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
accept-ranges
bytes
content-type
application/javascript
ADTECH;apid=1A3290780e-1060-11ea-8daf-1200a56dfbc2;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=27564ab203cb0c5;misc=1574781593777
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ 		944 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;apid=1A3290780e-1060-11ea-8daf-1200a56dfbc2;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=27564ab203cb0c5;misc=1574781593777
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
1aff0b32a17911d706614827315e3d38bebe9f86f340d54ec9b9ca9c7306ac53

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:54 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
944
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A329053b0-1060-11ea-a62f-12f0dd10f918;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=2764459048259848;misc=1574781593777
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ 		945 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;apid=1A329053b0-1060-11ea-a62f-12f0dd10f918;cfp=1;rndc=1574781593;v=2;cmd=bid;cors=yes;alias=2764459048259848;misc=1574781593777
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
2c38c6bd5dce47e84473fcd67e19153d498735d14c8f48596ee00f59d7633ba2

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:54 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
945
expires
Mon, 15 Jun 1998 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1448605548268930&correlator=1017314897163186&output=ldjh&impl=fifs&adsid=NT&vrg=2019111801&guci=1.2.0.0.2.2.0.0&plat=1%3A67108864%2C2%3A67108864%2C8%3A67108864&sc=1&sfv=1-0-36&ecs=20191126&iu_parts=15184186%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250&rcs=1&prev_scp=amznbid%3D2%26amznp%3D2%26freestar_path%3D%252Fnews%252Fsecurity%252Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%252F%26freestar_domain%3Dbleepingcomputer.com%26fs_safeframe%3Dfalse%26custom_bidder_size%3Dix_970x90%26hb_format%3Dbanner%26hb_size%3D970x90%26hb_pb%3D0.12%26hb_adid%3D2741b2d9b803ecad%26hb_bidder%3Dix&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1574616885&dt=1574781594011&dlt=1574781590265&idt=1385&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=5291&adks=976516616&ucis=8&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&dssz=54&icsg=703687617945600&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1200x90&msz=1170x90&psts=AA2WTGP-rCwpT_WXvV0t9Uxs4Oric2m8Gvd6pzI6WXMzRFsMBDq1CGTMgcqfR_jyWD6-ftkDlCL8AYkRjCGq%2CAA2WTGPNxr0CeNnB2GY4q-ltPz59&ga_vid=2081853526.1574781591&ga_sid=1574781591&ga_hid=1714546185&fws=4&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
5798dd3098256f9afde472fbdd2e24ef68ec0e5e3262d0e194ec24ae93b0b1ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 26 Nov 2019 15:19:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2430
x-xss-protection
0
google-lineitem-id
4721361520
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138237496046
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ima3vpaid.appspot.com/ Frame 87B2 		1 KB
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ima3vpaid.appspot.com/?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781593560%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781593560&type=js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
3110422f30b8614d3f5af530b0c24ac6c67b7429219795176cbfeb147c92312e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 26 Nov 2019 15:19:54 GMT
content-encoding
gzip
server
Google Frontend
status
200
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
x-cloud-trace-context
917dfbadee28095ba790fb8175bdb1e2
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
565
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame 50AD 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781593560%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781593560&type=js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
529c00446502c1e3f4c46ed903dcd0a20d3f10a1ca22c7b790d448e6d8cb6902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 20 Nov 2019 19:35:27 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14224
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:34:54 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1448605548268930&correlator=1017314897163186&output=ldjh&impl=fifs&adsid=NT&vrg=2019111801&guci=1.2.0.0.2.2.0.0&plat=1%3A67108864%2C2%3A67108864%2C8%3A67108864&sc=1&sfv=1-0-36&ecs=20191126&iu_parts=15184186%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&rcs=1&prev_scp=amznbid%3D2%26amznp%3D2%26freestar_path%3D%252Fnews%252Fsecurity%252Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%252F%26freestar_domain%3Dbleepingcomputer.com%26fs_safeframe%3Dfalse%26custom_bidder_size%3Dpubmatic_300x250%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.02%26hb_adid%3D1494a1c8083561e4%26hb_bidder%3Dpubmatic&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1574616885&dt=1574781594165&dlt=1574781590265&idt=1385&frm=20&biw=1600&bih=1200&oid=3&adxs=1082&adys=1901&adks=523518761&ucis=9&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&dssz=54&icsg=703687617945600&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=306x250&msz=306x250&psts=AA2WTGP-rCwpT_WXvV0t9Uxs4Oric2m8Gvd6pzI6WXMzRFsMBDq1CGTMgcqfR_jyWD6-ftkDlCL8AYkRjCGq&ga_vid=2081853526.1574781591&ga_sid=1574781591&ga_hid=1714546185&fws=516&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
85e679f1871bb9aab4087c7aa64555fe123cdb60b009ef4b3c1815b31e1ce21c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 26 Nov 2019 15:19:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2389
x-xss-protection
0
google-lineitem-id
4721360848
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138237452352
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 50AD 		273 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781593560%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781593560&type=js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94888
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:54 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EAF6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGng0NEP65r2hmNXWpomwidk3Dztjh3jfW0OZJFqzbmjFD2uEGIBDtdPUwxQuyErXyjl_uEm_tDahtL6-lxPXOMgcQl0BJ53xZHPt6RLemuBNSyA6k_9qKLCqkufAVdJBdK7gkJ0J7FRKKzESEm7BLFBaV8Ge3tJjyba_0MKsEgHmcJJjBZcidZnKu1U-CHYG5hK4gdXCpxGThQBvg3kB_kqKTHKcBKeKhL6oM7TgQr3xveYBW7sbAdZ_PfkPH_ZjFLLhNm1xh7K4fw2SZzc11K2HWsgLDJdspY_3jV2ebYADe7DpZTF232MK3bC3A&sai=AMfl-YTe4HrR8ywsFtIXeIftRW40YUocfqCDY5sIF1f_ke5irOtJ8cp2uPr7InuEfqBbtW7t0MJebZTQ554rmFqCLkaoZRX7Js-briIHhmcYig&sig=Cg0ArKJSzOojqmB0zOdhEAE&urlfix=1&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Nov 2019 15:19:54 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:54 GMT
/
track.adform.net/adfscript/ Frame EAF6 		20 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=32050304;rtbwp=CF3C904FD9876181;rtbdata=XByNXCr87TASCfYZDSd2aXD5LT7d0wqYoSo8dDYZwNKwxj6VO89j9y1bsJMJNdgOp6nyIZ7AtHjBL2TLNDMgXsrsk0kkM8v497eWfFsDo_J4VLtl1qLXrZpAnvhgEYycikSyMY6XAlx0ELgKAZ-7-Tnj9pbYx5k-5l_VyMI_ww38vamEe6zchVRZHGYYsQT96_2LLUaPoiyQ48MNLdwN30T1KcrmH9IaMYiAYMx2S_bJpCnPsKnUhZLGUUHwoP9PdMgmc-9YsbE2brh1j-uzd7ut6wIJPUaw07p9AVkl_NWhLWf8uBWALODtcivAb94qYctqD52uXjpAV22M5CLR6AY_XY_D3lCi0;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/06db5550-9730-4f66-a918-1bbfbd5a28ec/
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
08123daa43836577b0d5f4ed597d5be71da6a8e67d7ac40d3c705499246a1646

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:54 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
10086
expires
-1
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame EAF6 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29138
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:54 GMT
06db5550-9730-4f66-a918-1bbfbd5a28ec
beacon-eu2.rubiconproject.com/beacon/d/ Frame EAF6 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-eu2.rubiconproject.com/beacon/d/06db5550-9730-4f66-a918-1bbfbd5a28ec?oo=0&accountId=16924&siteId=151312&zoneId=1006006&sizeId=2&e=6A1E40E384DA563BE706C790BC4153AFA467852D99596E5265424C15FE9A1139986C09A515DF0DDBA2ACE7F6882EC2946D748C0D8D7FAA226944474DCCC45EC186AA05D74CED0E8549E9BBA2284AD5937C34702E12ABB9E21E25E8341F736329E3DC45B387162FB3EFF5C7CFD889081A2DB549014BEA36608943A5A56B0F04485FC00A7229830933B63B40195F45A139C906E3D99347F00CE88D14A8E282D0F94F78733E19FCD36DA75CC485AB8E128F2AFB43BBB3DFA9055AA50200B62D2F61F39531F473F6F0CEAF3E6FC487B256AD
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:54 GMT
Cache-Control
private, max-age=0, no-cache
Expires
01 Jan 1970 10:00:00 GMT
Server
Rubicon Project
Content-Length
43
Content-Type
image/webp
bootstrap.js
s1.adform.net/stoat/620/s1.adform.net/ Frame EAF6 		31 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=32050304;rtbwp=CF3C904FD9876181;rtbdata=XByNXCr87TASCfYZDSd2aXD5LT7d0wqYoSo8dDYZwNKwxj6VO89j9y1bsJMJNdgOp6nyIZ7AtHjBL2TLNDMgXsrsk0kkM8v497eWfFsDo_J4VLtl1qLXrZpAnvhgEYycikSyMY6XAlx0ELgKAZ-7-Tnj9pbYx5k-5l_VyMI_ww38vamEe6zchVRZHGYYsQT96_2LLUaPoiyQ48MNLdwN30T1KcrmH9IaMYiAYMx2S_bJpCnPsKnUhZLGUUHwoP9PdMgmc-9YsbE2brh1j-uzd7ut6wIJPUaw07p9AVkl_NWhLWf8uBWALODtcivAb94qYctqD52uXjpAV22M5CLR6AY_XY_D3lCi0;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/06db5550-9730-4f66-a918-1bbfbd5a28ec/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9e36e1481ba480e4971fdf3571f6e9bd6af1a8eb24f0e4dcd480892e9027dabe

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:54 GMT
content-encoding
gzip
last-modified
Fri, 15 Nov 2019 09:11:30 GMT
server
nginx
access-control-allow-origin
*
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=100000
expires
Wed, 27 Nov 2019 18:47:10 GMT
bridge3.353.0_en.html
imasdk.googleapis.com/js/core/ Frame 115A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.353.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
196419
date
Fri, 22 Nov 2019 15:28:56 GMT
expires
Sat, 21 Nov 2020 15:28:56 GMT
last-modified
Wed, 20 Nov 2019 19:30:13 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
345058
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
client.js
s0.2mdn.net/instream/video/ Frame 50AD 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10523
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:54 GMT
integrator.js
adservice.google.com/adsid/ Frame 50AD 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
/
track.adform.net/wpf/v2/kta44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7s... Frame EAF6 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/wpf/v2/kta44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWocQTPOKSfB6QqgXK_Pmtd0UbUV8afuyPBAhqvnetv_0zIpBSK4B65wuaDeyjaY2ftckuyPBDjaY2.rIN87gq1a_2Ap9Qg4F3rAR0odm_dhrxbuJjkWxv5iJ3A0KAGYiMhU.0Y.KI0Hb9.RcWqrT4yMgzB6rgPuVr914VecL57GY5BNv_uY5BNkOmqw0GY5aw7vrNidNc1lF4XVA4.L9.gJ0Nc0KXV4.hL9.KHpNc5jaYZtNc5jaYZtNc3eielF1VLf4.ATjV.70V/adfserve/?CC=1&bn=32050304;rtbwp=CF3C904FD9876181;rtbdata=XByNXCr87TASCfYZDSd2aXD5LT7d0wqYoSo8dDYZwNKwxj6VO89j9y1bsJMJNdgOp6nyIZ7AtHjBL2TLNDMgXsrsk0kkM8v497eWfFsDo_J4VLtl1qLXrZpAnvhgEYycikSyMY6XAlx0ELgKAZ-7-Tnj9pbYx5k-5l_VyMI_ww38vamEe6zchVRZHGYYsQT96_2LLUaPoiyQ48MNLdwN30T1KcrmH9IaMYiAYMx2S_bJpCnPsKnUhZLGUUHwoP9PdMgmc-9YsbE2brh1j-uzd7ut6wIJPUaw07p9AVkl_NWhLWf8uBWALODtcivAb94qYctqD52uXjpAV22M5CLR6AY_XY_D3lCi0;oobclicktrack=http%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2f06db5550-9730-4f66-a918-1bbfbd5a28ec%2f;js=1;adfxid=1x;3391;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|0|0;fd=2|2&CREFURL=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0bd7a9131b6eb7b7a245c266da71593e9e46c23a2e59483cd96f7b906fb9cfa9

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:54 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
2858
expires
-1
view
securepubads.g.doubleclick.net/pcs/ Frame 9F21 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIyOeoJllLKynciBQFBsySXFn0UgXdCO7lVpjvL984CqJwZBn8D6705LJR8MVCcvUBb9rq3sEAsA5FQvZIHpqbSB0ov_WCMQq9nOU2ntEQW4fNl8LJE4o5faIfdFODuV4be35aAkf3D23qIV-ShaFMHYZ5iI_SlSGmiWOVZtZLadkGdYly97LhkeyxOmQoBu2hcoRKMhpI3EmrzcbHhAY1pVElMt68OPCFWVljT09G-Jr-_2vkKf16I8FkJOpbwaFU1Ym0o5PoEylpwfmq3Q5QUqPNyqWbN04Fwar0mK9D4LacjCHIWxlNOGZVwz8FbHQaczkxAw&sai=AMfl-YQ3hMxA3mJj9aFGC-d24W2SKyeQZSbchTHhHeExnia7SuXYjCxlDEyYTTIJePI_8iWOwWOYjRc5srzM_CooLJWKCU48j2t55kBnFp30&sig=Cg0ArKJSzP0T8lsKtuczEAE&urlfix=1&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Nov 2019 15:19:54 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:54 GMT
Cookie set ifnotify
a3226.casalemedia.com/ Frame 1A04 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a3226.casalemedia.com/ifnotify?gdprconsent=1&c=1323445&r=DE09D07F&t=5DDD4299&u=WGQxQ21ibFFKc01BQUctTElka0FBQUVX&m=fccb7995cb8e608ee4db3df4c7563ba4&wp=11&aid=85E9D6464D6F786F&tid=15063&s=6015A&cp=0.17&n=www.bleepingcomputer.com&pr=xx&epr=190bd774ae338ab6
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.80.38.195 , Netherlands, ASN27381 (CASALE-MEDIA - Index Exchange Inc., CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Host
a3226.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

Date
Tue, 26 Nov 2019 15:19:54 GMT
Server
Apache
Pragma
no-cache
Cache-Control
no-cache
Expires
0
Set-Cookie
CMST=Xd1Cml3dQpoA;domain=casalemedia.com;path=/;expires=Wed, 27 Nov 2019 15:19:54 GMT CMDD=;domain=casalemedia.com;path=/;expires=Wed, 27 Nov 2019 15:19:54 GMT
Keep-Alive
timeout=1, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html
js
tags.mathtag.com/notify/ Frame 9F21 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?id=5aW95q2jLzIwLyAvTmpZeVlqRTBZamt0WTJGaU55MHhZVEU0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM3OTI2MzEyNjgyMjU1ODMwMDEvNjg2NDA2Mi80ODAyMzcyLzE1L0RmOEtzclhRS1lIZzhHN3lqYjFaeFpjdzRBWEhrTE1SaXRwZ1ZwUThVUUUvMS8xNS8wLzAvOTU2ODAzLzI0MjA5Mjc3NDQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzM3OTI2MzEyNjgyMjU1ODMwMDEvenJoLzAvMjczMC82OC85OTkvNDAvMTQ0Ljc2LjEwOS4wLzAuMDAwLzE1NzQ3ODE1OTMv/JuiGbhytcYxALFf7z7GPossWUjk&nodeid=722&auctionid=3792631268225583001&exch=cas&sid=4802372&cid=6864062&price=0.17&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_bhgaac
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.133.224 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software
MMBD/3.160.0 /
Resource Hash
fbc9d2cd46d0907850eb41c367778541b469ada82a65d7698ea256ca25bcd3ca

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 Nov 2019 15:19:54 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1574781593
Last-Modified
Tue, 26 Nov 2019 15:19:53 GMT
Server
MMBD/3.160.0
x-mm-latency
2 (2)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
count
Cache-Control
no-cache
x-mm-host
zrh-router-x40, zrh-bidder-x75
Connection
close
x-mm-pending-bid-state
eyJOb3RpZnlUeXBlIjoid2ViIiwiUEJEYXRhU291cmNlIjoiUEJDIiwiV2FpdEZvcldlYiI6ZmFsc2UsIldhaXRGb3JJbXAiOmZhbHNlLCJXYWl0Rm9yQ2siOnRydWUsIlBCU3RhdGUiOiJXaW4iLCJEdXBOb3RpZnkiOmZhbHNlLCJCaWRDbGFpbWVkIjpmYWxzZSwiUEJTV29ya2VkIjpmYWxzZSwiUEJTV2luUGF5bG9hZCI6IiJ9
Content-Type
application/x-javascript; charset=UTF-8
Expires
Tue, 26 Nov 2019 15:19:53 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 9F21 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29138
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:54 GMT
fxpcopuw.js
ad4m.at/ Frame EAF6 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.94.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
1.94.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5f86b19dc3848bfa004bd0d83111e5e7ef15e6e0984c12802e12f1aaa2595846

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 14:31:35 GMT
content-encoding
gzip
age
2899
status
200
x-guploader-uploadid
AEnB2UoiPb9Gqb-ovX0wAH6nyAg5Qjeb4WlkNLdVwrhArnUZv6uZXoWmTRR0j3hyygU80u0Kj_9aKWjThIDAT66DK5xYi4Xa7Kl_eEkZxnHo7WAkO40G2oI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
12708
last-modified
Tue, 29 Oct 2019 16:57:52 GMT
server
UploadServer
etag
"37754afb8ad4ba10b6f70239256333a6"
x-goog-hash
crc32c=nVvt6g==, md5=N3VK+4rUuhC29wI5JWMzpg==
x-goog-generation
1572368272352073
cache-control
public, max-age=3600, no-transform
x-goog-stored-content-length
12708
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
expires
Tue, 26 Nov 2019 15:31:35 GMT
/
track.adform.net/csimpr/ Frame EAF6 		35 B
420 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=32050304&csi=I0RubDYcl2vMLlxNIgoNYoRcgQRWte3v8KDCPSR-IFFNBB91lsK-cfNB3BGFtbz8RYvW2Twyv0Gs7A9yGzt-n2I2SaJEkJyXbuQ8anSF0XGcD_vjBU7LOQ2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:54 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
usync.html
eus.rubiconproject.com/ Frame DD03 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-55-184.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 14 Nov 2019 18:59:50 GMT
Content-Encoding
gzip
Content-Length
7459
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=26375
Expires
Tue, 26 Nov 2019 22:39:29 GMT
Date
Tue, 26 Nov 2019 15:19:54 GMT
Connection
keep-alive
Vary
Accept-Encoding
truncated
/ Frame EAF6 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9dc6373c8601a2598028a5aed1162aa12427dad572d30889facbd42726ddf247

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
ThirdParty
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.181/e/.wSBgiD/i/8IC-4gAAAAKAA/r:types/ Frame EAF6 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.181/e/.wSBgiD/i/8IC-4gAAAAKAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
977564dbb279f23ecc8621722b2a65066d85958cf508c30bfb18a4ec9342f046

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:54 GMT
content-encoding
gzip
last-modified
Fri, 15 Nov 2019 09:11:30 GMT
server
nginx
access-control-allow-origin
*
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=100000
expires
Wed, 27 Nov 2019 18:09:59 GMT
frame.html
ad4m.at/ Frame 6B4E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.94.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
1.94.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
x-guploader-uploadid
AEnB2UpZsnjwxXiEhwpCOObA8GoF76V9TDIa3ZGtsPnZ5Y8ZMRy1a_bT8kBbDdqszMe7OHb69uNgn_B00VkFNkZpHA_gwdtu9E0JmAGhN1EDTSYdlOq6fD8
date
Mon, 25 Nov 2019 17:03:44 GMT
expires
Tue, 26 Nov 2019 17:03:44 GMT
last-modified
Thu, 11 Oct 2018 08:50:29 GMT
etag
"ad2f98a9fd46a0250dabddf7805fe3d2"
x-goog-generation
1539247829792189
x-goog-metageneration
4
x-goog-stored-content-encoding
utf-8
x-goog-stored-content-length
1570
content-type
text/html
content-encoding
utf-8
content-language
en
x-goog-hash
crc32c=P/mrYg== md5=rS+Yqf1GoCUNq933gF/j0g==
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
content-length
1570
server
UploadServer
cache-control
public, max-age=86400
age
80170
alt-svc
clear
view
securepubads.g.doubleclick.net/pcs/ Frame F682 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvf6vx2b-vRkeB0-csJHamoaq2V0T9d8ic1JZye_pCo9bRWmW5_RcQewlcuqbcM2oUP9_Fs0_br1KCtqxTvyBRyvVyEAM3FOjnZ_pcDzupORs6q1G5KC73WMBqL7fo9QZhKnWqW_IjRxRene7pmG8S7LjoHBLAf6CUoudfaG8_fMETD4WJpzbjUYOXKZhV2J3hyTJu0Xp0MFU2u9GJwcS3sTw-t7xv6JJeHofC96Kk34hEdY3TS6tL8HxVi-Q8tH2du-csB4WMrnUbXRNuCG-BXMJ8W8HUF1C2ddHwW-Kr_xkSjNskx8L--VV1H7Qz3H1UUMA2t&sai=AMfl-YQShr6i23XdbdqL8Ud5D3G3mxHmlEkbSC_EZcirsVM5YlSO2qeE0agzaRe58PxYWZ3GdA-Uwqatd4DpdTlp0Ai70Ufx7ZJ0PoF9y77mTQ&sig=Cg0ArKJSzI3kd_JB0Ra1EAE&urlfix=1&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 26 Nov 2019 15:19:54 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:54 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7BA9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYvoaTYjAB&v=APEucNUpfb2L-Zy30pcLRdDbCIgv2QiDAVNVSomnUcl73SpSzFBEN-kZItF9T7URCmIxji7Pqj6zhSAsPonLr50fwmi9gtjbng
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CNKOMxDkyTkYvoaTYjAB&v=APEucNUpfb2L-Zy30pcLRdDbCIgv2QiDAVNVSomnUcl73SpSzFBEN-kZItF9T7URCmIxji7Pqj6zhSAsPonLr50fwmi9gtjbng
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 26 Nov 2019 15:19:54 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUmYdpckMs2siuOng-ToSJLVy--VIZjaBdJei8feWCiPRVa_OOK6izUETLRv; expires=Sun, 20-Dec-2020 15:19:54 GMT; path=/; domain=.doubleclick.net; HttpOnly
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Tue, 26 Nov 2019 15:19:54 GMT
cache-control
private
ad
googleads.g.doubleclick.net/dbm/ Frame F682 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D6pHHV69quIE_p2ZCvY6yZv3ZhS7ubLXELxFox7gcVonI7HxcvNPMurqGIAE1ho1_uI_XI63Gporx1Ytv9gu9VWJ4Tvw&dbm_d=AKAmf-BroK6tjJ0h0lGUt2Z6vQwN_BLElzdhTYgER3kfBy1oJB1I7Q1KsHoJSKsJrsyB97ozTcRgjDStxUClToOCMQS8CV3KU4Gmh_bhBc8fhz8XwO_lz2ZLotF_8Jy9T2wrgSvCOp__MBfNQE40vAsY7E0bj--KQFSl-lVzVzP7g7IryYVSmsW7diYXduPjUfT8K24j5C_hzrJsYhWkNPjRjg_M56XubsLiQE4q19beiO35LEDoBo-5ENl8J4sK_fnznivtX1Fz7ftFX7FKvSzkZWQuCBgUyqXKPS9GpUpSHlXr_1dWQYY6TmAwthr53o1lfyL-S1VpzATthuyoMUtqXS3M2LIhkiLDByXaKiRfwOIlQI_0fUtUEDcX7IVi7WwgBB9hqLRizjqEV8UpsCgaZ3pYT9TcEYK2102eSevajhcEEKiN6jYyHFAfQo4c9OegW2yM2EGsue2rL0Ej8uMPJV5i582lsh8sJbxClOSEwzrYbGoKJV9ZymX_A_j93wUBoRsarvP-wTD2HunAIYeok30A9n5x0uhXjYRF0FZ3DDyAmqXxy3mj1-QOcQczZ_YiR2wDpsXhXd6E9DIzhDFIG698CM6gQ8CXdgE7gR0ahioHFi0HzG9CYvp8M2hp0QOrGJxkKNcQ9aIN1r0r_SrLCoilRJvQ42hzxdVk5OPKkXk5I3sL_8aYrvae-jSL3nGJnw2RZmGL-QDzPhgKvWeCiYXjHyRSiBdhwJzER1QTZE-w8PPjn8w-EoPpesdfv5e7bMyAjrRrznndW96l47dfBQ21nyiNvs6U90hzJXqAmnLppXus2Eup-DTMawOyQjkhqMkVLkLef7OnnvOSfe9R9RH6AjuTsLOgb6EN4MGworOHgEELxVCtopiREZ5jXNGhHd90fztSoYFA2X9Wu7pi6L648OtNMlVbsO13kNGa0_YHyjI8oFg5jcO24zWQtSFl8rWpxWF0rp-GN6gA2sg6zq_Lf0HLTA_ZWZB1y55zwtlwg3hFrmY2JdSRLcGQy86v4A1XWwmeQXeAVuDaS2rIttFJSx6uCSdZevM4mcNi1BcIlzltTCzzRA7adVl_MFgLe6uqtGSxPzzRsKaFWfHxUoG1TuJc4HHKu2QeuSDZgNutW5dxFvTuKG136T9oERJTWjgbWYUed3wsm8w90xlcsj6MYxI_ysnN4oAXcyZ9yCKY2MvIWHbgwcDeCxeSHLUL9Qus0COGdQ7e0Hk44-qrUQV7vcDsv0V9WX__8oUloPy_s-YLv8BObsfgQE8tyMdFstdbRaijZw9NJpRm2z2wognj-iwgnpe-Kx5_iYUvBomskyqc_uhcY4Xs5c71kP1Y8WfE69Ux7Ue8a5wukGtJF_vbHX74q_i1flI1epRvp_L8J_DoaxsRCtLjnSR2qoojmsNzgUIDVYbNOkI9LnUgGFKProo9d1_ydypLal74xGyEE_0RqOLFED4M_hRcxyRyGnwL6onNPoQD2u-BqOcSqnds5AASbH1U0afYvAjsGx6ssyP0TEDyZGXrIg--9F_H6zl9p2awrsgzjF6lRLxI9HP-3htmUByH6pItXYJrI8m0hg5Ft29A8djVEut82cX12wkppgzzT7Bl660cpA3X7KMTMrEYkS1lKVv41cVzEsaUhS2bo-Qoyv5OG-MPOdyOS-82PBdH-jsYoz_0rGq2K-oLtQuzx8LbJUm_hf78tA3dOFDmHokZrMnHzrVywmT0n49kcbnilqcroYNBifW0Clq0Li16z3FCsO8Nv2_h9SNecCpteQuH4eatIyF-kSEVbE8JkNfFvECK6T3wjp6q6dQO_eNXnCH3Sdq1cS6AWFQOMz6aXxDxWbvIdImORO9YPhfDBH2Ya2tQvIhuACRkdHgqJraOGdGCFBvE1s7O1IiK0F9NcpWcrL9xwfL4T8CQ1vk1MlJHtuxiEhHl3roKtOuYYtubO9IvJTD32wuq7HkYb9FpFSdvoToBUhe94rh62bSAEUMzRM7XAUrrQO2jeYUeSp0RWEStqYr6OThbP0AzunI9MjOJ9jkhwtjJvyp--lRsv6rKntX6LX64F3S7vc1vxivuL6G-Z4U-Av3eO7ERTM33P5vnd_zIBvcXtllDueOh4vPmcYBolGuMai4i1T0VtD3KaI2NRrOY__gjher_sxEs6vgTxyK4vwHJhJmwK8PnIKW_HFTrs4r8rxzt0jIOhcjxIm_oy7exjIl84sRpFolTPxv_QVhElIF8trIZDae61dYpjdwACJNAOAdgsg755pT-ErBbkGb46lk7bHc31Ibj4WpAb8hjwLi2CuHrM0S7ApK2mHM6HljxKMQUJeZBKQFN-m0Ae0App5ae3vjoQhTSBpskhprG8yhc6I_gE3Xgjstf59iuadwjPc7vWrSrstPpmA7v_EMT1K4QkRuu1Q9AfbE1X7STCruOmjOE-9lCfzrSpivL_pzDJPYjmsNP35XJPlaBifkYugXvPZYq7Hy4DbOmFsjIJZ0SiicJHesfulimGK1cDNyQW074lMYaLU5L7VpWLq4dVF5-ma2-FmS7AgvNdNMKQ8Lho1WtMzTfuL5NWG_aEjALQyV-gqbYWjs1CahYsWmmouMmBuTQuOVgJWBG-INo2uOL972LrBeWUMUW5mp8Sa8htpU0Gskx6tJAv9cw5gp8Ooe9ZEfCYD3Qn1Oosv0rS6seAdDZhHQaUxQubR1DvNgdXyYZkWDyVg52mkC0Jo6aQAnfMJglpAwB-7KnkoWW8Mj0acioqio26Wxh1TgSLRs3wMAlFJw1hCyPTxcquKC3jSc8L92qpRs0Cghxq82WB3ID5ILavn29BphLAxowbpuBRxTl13S_5AJQ8aVv-B2K4KDXpuoIhjDhfuFQlJ29uUpSTOySNnI4QNCeDqLLKN8Syl_weRiloc7tbJcl_KvQ0lR4E6wxTGBcS_U9BZ7Fee0YPcIFs0dg6GgLsgNPJMKuPXtl6L2LYgkeqnCeBbekd0-Vhw34_VS5fkJVPi2RnNHHXIv5zc37B3bE9zckEJXj7Ub3i3bXpzIftQ&pr=6:0.026522&cid=CAASBORos0s&xfc=http%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjY5NiZzaXRlSWQ9MjY5ODg1JmFkSWQ9MTMyNTE3NSZrYWRzaXplaWQ9OSZ0bGRJZD01OTY3MzM4NiZjYW1wYWlnbklkPTIyOTg3JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNDcyMDk5NTg4Nzg0OTYwMjY3MSZhZFNlcnZlcklkPTI0MyZpbXBpZD04MUI4NkNFRC1DRjJDLTRBMUQtOTMwNS1GNEUxRTMyMEI4MkYmcGFzc2JhY2s9MA%3D%3D_url%3D
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
51f420ba4c62fe0283fd9c9f553f05154c38a19c9e88f755901b7fa67235667a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:54 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21195
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F682 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BMNEcebnljctShmVnGnwwWOtA_fR93_WB5Br7McNubcBYXttIVhe4AjejWLbIkecQeE0lyhpE-OmBgurtNJ1NOljzSnnYyU-1WWIkrljmu_NRbQro
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:54 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame F682 		76 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29138
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:54 GMT
kz7wypcm3ihf
hal9000.redintelligence.net/zone/ Frame 9F21 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/kz7wypcm3ihf?subid=&rnd=3792631268225583001&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3792631268225583001%26mt_id%3D6864062%26mt_adid%3D216536%26mt_sid%3D4802372%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3D9c195ddd-429a-4101-8a30-a9035036d060%26redirect%3D
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.54.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.211.54.243.136.clients.your-server.de
Software
Apache /
Resource Hash
9215f51472b2915def2e834f1458c01a6b156a060af1dc72d67a6de562529b9d

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 Nov 2019 15:19:54 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2748
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
dvtp_src.js
cdn.doubleverify.com/ Frame 9F21 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=499507&cmp=DV119194&sid=17306&plc=sampletag&num=&adid=&advid=3819603&adsrv=0&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.src&DVP_IS_SAMPLE=1&DVP_PP_REP=1&DVP_IQM_ID=10&DVPX_PP_IMP_ID=3792631268225583001&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_DEAL_ID=&DVP_PP_APP_ID=&DVP_MM_1=216536&DVP_MM_2=651871&DVP_MM_3=4802372&DVP_MM_4=6864062&DVP_MM_5=cas&DVP_MM_6=15&DVP_MM_7=184310&DVP_MM_8=393562&DVP_MM_9=&turl=https%3A//www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIwLyAvTmpZeVlqRTBZamt0WTJGaU55MHhZVEU0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM3OTI2MzEyNjgyMjU1ODMwMDEvNjg2NDA2Mi80ODAyMzcyLzE1L0RmOEtzclhRS1lIZzhHN3lqYjFaeFpjdzRBWEhrTE1SaXRwZ1ZwUThVUUUvMS8xNS8wLzAvOTU2ODAzLzI0MjA5Mjc3NDQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzM3OTI2MzEyNjgyMjU1ODMwMDEvenJoLzAvMjczMC82OC85OTkvNDAvMTQ0Ljc2LjEwOS4wLzAuMDAwLzE1NzQ3ODE1OTMv/JuiGbhytcYxALFf7z7GPossWUjk&nodeid=722&auctionid=3792631268225583001&exch=cas&sid=4802372&cid=6864062&price=0.17&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_bhgaac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
72.247.226.173 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-226-173.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
273d06631db81b611e909c7124f43d5578960b2270c3cc49d676cce28d1a46c8

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 Nov 2019 15:19:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Nov 2019 15:40:50 GMT
Server
Microsoft-IIS/10.0
ETag
W/"06daa8d269ed51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=27988
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5780
img
pixel.mathtag.com/event/ Frame 9F21 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=15&v2=3792631268225583001&v3=651871&v4=4802372&v5=6864062&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIwLyAvTmpZeVlqRTBZamt0WTJGaU55MHhZVEU0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM3OTI2MzEyNjgyMjU1ODMwMDEvNjg2NDA2Mi80ODAyMzcyLzE1L0RmOEtzclhRS1lIZzhHN3lqYjFaeFpjdzRBWEhrTE1SaXRwZ1ZwUThVUUUvMS8xNS8wLzAvOTU2ODAzLzI0MjA5Mjc3NDQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzM3OTI2MzEyNjgyMjU1ODMwMDEvenJoLzAvMjczMC82OC85OTkvNDAvMTQ0Ljc2LjEwOS4wLzAuMDAwLzE1NzQ3ODE1OTMv/JuiGbhytcYxALFf7z7GPossWUjk&nodeid=722&auctionid=3792631268225583001&exch=cas&sid=4802372&cid=6864062&price=0.17&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_bhgaac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 1913 979072d master cdg-pixel-x4 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 Nov 2019 15:19:54 GMT
Server
MT3 1913 979072d master cdg-pixel-x4
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 26 Nov 2019 15:19:53 GMT
img
tags.mathtag.com/event/ Frame 9F21 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=cas&bid=3792631268225583001&st=4802372&time=1574781594&nodeid=722
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIwLyAvTmpZeVlqRTBZamt0WTJGaU55MHhZVEU0TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM3OTI2MzEyNjgyMjU1ODMwMDEvNjg2NDA2Mi80ODAyMzcyLzE1L0RmOEtzclhRS1lIZzhHN3lqYjFaeFpjdzRBWEhrTE1SaXRwZ1ZwUThVUUUvMS8xNS8wLzAvOTU2ODAzLzI0MjA5Mjc3NDQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzM3OTI2MzEyNjgyMjU1ODMwMDEvenJoLzAvMjczMC82OC85OTkvNDAvMTQ0Ljc2LjEwOS4wLzAuMDAwLzE1NzQ3ODE1OTMv/JuiGbhytcYxALFf7z7GPossWUjk&nodeid=722&auctionid=3792631268225583001&exch=cas&sid=4802372&cid=6864062&price=0.17&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_bhgaac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.133.224 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software
MMBD/3.160.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 Nov 2019 15:19:54 GMT
Server
MMBD/3.160.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x38, zrh-bidder-x75
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 26 Nov 2019 15:19:53 GMT
bc2
bc-rtb-dub.springserve.com/ Frame 87B2 		2 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc-rtb-dub.springserve.com/bc2?r=f895ca1c-dc9a-4290-9bcf-ffb1ed145ffa-s.514171-d.528021-dc.73342&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.175.165 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-252-175-165.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Nov 2019 15:19:54 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
request.php
hal900021.redintelligence.net/ Frame 9F21
Redirect Chain
  • https://hal900021.redintelligence.net/request.php?zone=kz7wypcm3ihf&nw=20&renderingType=javascript&namespace=5254cd544b&subid=&uid=92b7db68fb3ee649&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900021.redintelligence.net/request.php?zone=kz7wypcm3ihf&nw=20&renderingType=javascript&namespace=5254cd544b&subid=&uid=92b7db68fb3ee649&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900021.redintelligence.net/request.php?zone=kz7wypcm3ihf&nw=20&renderingType=javascript&namespace=5254cd544b&subid=&uid=92b7db68fb3ee649&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3792631268225583001%26mt_id%3D6864062%26mt_adid%3D216536%26mt_sid%3D4802372%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3D9c195ddd-429a-4101-8a30-a9035036d060%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ancestorOrigins=https%3A%2F%2Fwww.bleepingcomputer.com&random=1036848775172&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.84.253 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e007b54bc657b5d1c5be45950c6905b1354526a02ed811d86225d58e639a942e

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:54 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
71005200101434701049096011059021
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
840
Expires
Tue, 26 Nov 2019 15:19:54 +0100

Redirect headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:54 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=kz7wypcm3ihf&nw=20&renderingType=javascript&namespace=5254cd544b&subid=&uid=92b7db68fb3ee649&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3792631268225583001%26mt_id%3D6864062%26mt_adid%3D216536%26mt_sid%3D4802372%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3D9c195ddd-429a-4101-8a30-a9035036d060%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ancestorOrigins=https%3A%2F%2Fwww.bleepingcomputer.com&random=1036848775172&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Tue, 26 Nov 2019 15:19:54 +0100
frame.html
ad4mat.net/ Frame C919 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4mat.net/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.148.127.183 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
183.127.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
ad4mat.net
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
server
nginx
date
Tue, 26 Nov 2019 15:19:54 GMT
content-type
text/html
etag
W/"5acf0fb7-57f"
content-encoding
gzip
html_inpage_rendering_lib_200_260.js
s0.2mdn.net/879366/ Frame F682 		183 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
61aa815692e9edf603f12550ad0976ccde355df6e118e42f018a691738997d40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 26 Nov 2019 08:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25022
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
64774
x-xss-protection
0
last-modified
Wed, 31 Jul 2019 21:01:39 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Nov 2019 08:22:52 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20191114/r20110914/ Frame F682 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20191114/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D6pHHV69quIE_p2ZCvY6yZv3ZhS7ubLXELxFox7gcVonI7HxcvNPMurqGIAE1ho1_uI_XI63Gporx1Ytv9gu9VWJ4Tvw&dbm_d=AKAmf-BroK6tjJ0h0lGUt2Z6vQwN_BLElzdhTYgER3kfBy1oJB1I7Q1KsHoJSKsJrsyB97ozTcRgjDStxUClToOCMQS8CV3KU4Gmh_bhBc8fhz8XwO_lz2ZLotF_8Jy9T2wrgSvCOp__MBfNQE40vAsY7E0bj--KQFSl-lVzVzP7g7IryYVSmsW7diYXduPjUfT8K24j5C_hzrJsYhWkNPjRjg_M56XubsLiQE4q19beiO35LEDoBo-5ENl8J4sK_fnznivtX1Fz7ftFX7FKvSzkZWQuCBgUyqXKPS9GpUpSHlXr_1dWQYY6TmAwthr53o1lfyL-S1VpzATthuyoMUtqXS3M2LIhkiLDByXaKiRfwOIlQI_0fUtUEDcX7IVi7WwgBB9hqLRizjqEV8UpsCgaZ3pYT9TcEYK2102eSevajhcEEKiN6jYyHFAfQo4c9OegW2yM2EGsue2rL0Ej8uMPJV5i582lsh8sJbxClOSEwzrYbGoKJV9ZymX_A_j93wUBoRsarvP-wTD2HunAIYeok30A9n5x0uhXjYRF0FZ3DDyAmqXxy3mj1-QOcQczZ_YiR2wDpsXhXd6E9DIzhDFIG698CM6gQ8CXdgE7gR0ahioHFi0HzG9CYvp8M2hp0QOrGJxkKNcQ9aIN1r0r_SrLCoilRJvQ42hzxdVk5OPKkXk5I3sL_8aYrvae-jSL3nGJnw2RZmGL-QDzPhgKvWeCiYXjHyRSiBdhwJzER1QTZE-w8PPjn8w-EoPpesdfv5e7bMyAjrRrznndW96l47dfBQ21nyiNvs6U90hzJXqAmnLppXus2Eup-DTMawOyQjkhqMkVLkLef7OnnvOSfe9R9RH6AjuTsLOgb6EN4MGworOHgEELxVCtopiREZ5jXNGhHd90fztSoYFA2X9Wu7pi6L648OtNMlVbsO13kNGa0_YHyjI8oFg5jcO24zWQtSFl8rWpxWF0rp-GN6gA2sg6zq_Lf0HLTA_ZWZB1y55zwtlwg3hFrmY2JdSRLcGQy86v4A1XWwmeQXeAVuDaS2rIttFJSx6uCSdZevM4mcNi1BcIlzltTCzzRA7adVl_MFgLe6uqtGSxPzzRsKaFWfHxUoG1TuJc4HHKu2QeuSDZgNutW5dxFvTuKG136T9oERJTWjgbWYUed3wsm8w90xlcsj6MYxI_ysnN4oAXcyZ9yCKY2MvIWHbgwcDeCxeSHLUL9Qus0COGdQ7e0Hk44-qrUQV7vcDsv0V9WX__8oUloPy_s-YLv8BObsfgQE8tyMdFstdbRaijZw9NJpRm2z2wognj-iwgnpe-Kx5_iYUvBomskyqc_uhcY4Xs5c71kP1Y8WfE69Ux7Ue8a5wukGtJF_vbHX74q_i1flI1epRvp_L8J_DoaxsRCtLjnSR2qoojmsNzgUIDVYbNOkI9LnUgGFKProo9d1_ydypLal74xGyEE_0RqOLFED4M_hRcxyRyGnwL6onNPoQD2u-BqOcSqnds5AASbH1U0afYvAjsGx6ssyP0TEDyZGXrIg--9F_H6zl9p2awrsgzjF6lRLxI9HP-3htmUByH6pItXYJrI8m0hg5Ft29A8djVEut82cX12wkppgzzT7Bl660cpA3X7KMTMrEYkS1lKVv41cVzEsaUhS2bo-Qoyv5OG-MPOdyOS-82PBdH-jsYoz_0rGq2K-oLtQuzx8LbJUm_hf78tA3dOFDmHokZrMnHzrVywmT0n49kcbnilqcroYNBifW0Clq0Li16z3FCsO8Nv2_h9SNecCpteQuH4eatIyF-kSEVbE8JkNfFvECK6T3wjp6q6dQO_eNXnCH3Sdq1cS6AWFQOMz6aXxDxWbvIdImORO9YPhfDBH2Ya2tQvIhuACRkdHgqJraOGdGCFBvE1s7O1IiK0F9NcpWcrL9xwfL4T8CQ1vk1MlJHtuxiEhHl3roKtOuYYtubO9IvJTD32wuq7HkYb9FpFSdvoToBUhe94rh62bSAEUMzRM7XAUrrQO2jeYUeSp0RWEStqYr6OThbP0AzunI9MjOJ9jkhwtjJvyp--lRsv6rKntX6LX64F3S7vc1vxivuL6G-Z4U-Av3eO7ERTM33P5vnd_zIBvcXtllDueOh4vPmcYBolGuMai4i1T0VtD3KaI2NRrOY__gjher_sxEs6vgTxyK4vwHJhJmwK8PnIKW_HFTrs4r8rxzt0jIOhcjxIm_oy7exjIl84sRpFolTPxv_QVhElIF8trIZDae61dYpjdwACJNAOAdgsg755pT-ErBbkGb46lk7bHc31Ibj4WpAb8hjwLi2CuHrM0S7ApK2mHM6HljxKMQUJeZBKQFN-m0Ae0App5ae3vjoQhTSBpskhprG8yhc6I_gE3Xgjstf59iuadwjPc7vWrSrstPpmA7v_EMT1K4QkRuu1Q9AfbE1X7STCruOmjOE-9lCfzrSpivL_pzDJPYjmsNP35XJPlaBifkYugXvPZYq7Hy4DbOmFsjIJZ0SiicJHesfulimGK1cDNyQW074lMYaLU5L7VpWLq4dVF5-ma2-FmS7AgvNdNMKQ8Lho1WtMzTfuL5NWG_aEjALQyV-gqbYWjs1CahYsWmmouMmBuTQuOVgJWBG-INo2uOL972LrBeWUMUW5mp8Sa8htpU0Gskx6tJAv9cw5gp8Ooe9ZEfCYD3Qn1Oosv0rS6seAdDZhHQaUxQubR1DvNgdXyYZkWDyVg52mkC0Jo6aQAnfMJglpAwB-7KnkoWW8Mj0acioqio26Wxh1TgSLRs3wMAlFJw1hCyPTxcquKC3jSc8L92qpRs0Cghxq82WB3ID5ILavn29BphLAxowbpuBRxTl13S_5AJQ8aVv-B2K4KDXpuoIhjDhfuFQlJ29uUpSTOySNnI4QNCeDqLLKN8Syl_weRiloc7tbJcl_KvQ0lR4E6wxTGBcS_U9BZ7Fee0YPcIFs0dg6GgLsgNPJMKuPXtl6L2LYgkeqnCeBbekd0-Vhw34_VS5fkJVPi2RnNHHXIv5zc37B3bE9zckEJXj7Ub3i3bXpzIftQ&pr=6:0.026522&cid=CAASBORos0s&xfc=http%3A%2F%2Fclicktrack.pubmatic.com%2FAdServer%2FAdDisplayTrackerServlet%3FclickData%3DJnB1YklkPTE1NjY5NiZzaXRlSWQ9MjY5ODg1JmFkSWQ9MTMyNTE3NSZrYWRzaXplaWQ9OSZ0bGRJZD01OTY3MzM4NiZjYW1wYWlnbklkPTIyOTg3JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xNDcyMDk5NTg4Nzg0OTYwMjY3MSZhZFNlcnZlcklkPTI0MyZpbXBpZD04MUI4NkNFRC1DRjJDLTRBMUQtOTMwNS1GNEUxRTMyMEI4MkYmcGFzc2JhY2s9MA%3D%3D_url%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
91fd13d213ef266cb4fccdda1fdf5deacd3a06a2b0fc92a9239561e55032bf11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 15:28:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
431493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11470
x-xss-protection
0
server
cafe
etag
3656872508270369265
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Dec 2019 15:28:21 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F682 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 12:42:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 May 2018 20:45:00 GMT
server
sffe
age
9441
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15207
x-xss-protection
0
expires
Wed, 25 Nov 2020 12:42:33 GMT
Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame B6C7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.32 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-32.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

Last-Modified
Tue, 12 Nov 2019 06:59:02 GMT
ETag
"13006b6-97cd-59720c88c16d1"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
Set-Cookie
KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14515
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=21640
Expires
Tue, 26 Nov 2019 21:20:34 GMT
Date
Tue, 26 Nov 2019 15:19:54 GMT
Connection
keep-alive
Vary
Accept-Encoding
AdDisplayTrackerServlet
aktrack.pubmatic.com/AdServer/ Frame A526 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156696&siteId=269885&adId=1325175&adType=10&adServerId=243&kefact=0.025365&kaxefact=0.025365&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1574781593&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.026522&dcId=3&tldId=59673386&passback=0&svr=BID22385U&ekefact=mULdXRU8AgDInXmjZiiCzQT7fFql0KZ6mnYP7rXP2cGCoh0Q&ekaxefact=mULdXSo8AgCUuqVL5UpE9eDuu_hDM52ivBp9wRB8mJ5xxJF4&ekpbmtpfact=mULdXTs8AgDtss272QcaAN5Hi_EX2PBnX7WhmrUs0sv8-_5V&crID=205833022&lpu=tui.com&ucrid=14720995887849602671&campaignId=22987&creativeId=0&pctr=0.000000&wDSPByrId=837458&wDspId=80&wbId=3&wrId=0&wAdvID=15272&isRTB=1&rtbId=330182AF-7305-4D7A-B99D-76FD427CCDA4&imprId=81B86CED-CF2C-4A1D-9305-F4E1E320B82F&oid=81B86CED-CF2C-4A1D-9305-F4E1E320B82F&cntryId=58&domain=bleepingcomputer.com&pageURL=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&sec=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Host
aktrack.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

Content-Type
text/html
Content-Length
0
Date
Tue, 26 Nov 2019 15:19:54 GMT
Connection
keep-alive
truncated
/ Frame F682 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9065fec5874826cfa671a456d8d9b9266e650c566877d16562d411f22e08bd1d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
i
vid-io.springserve.com/vd/ Frame 87B2 		0
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io.springserve.com/vd/i?suuid=f895ca1c&ps_id=514171&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.219.23 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-200-219-23.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Tue, 26 Nov 2019 15:19:54 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
awin.html
www.vehiculum.de/leasing/htlp/ Frame B4BC
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2335133&v=16039&q=356706&r=296283&pref1=71005200101434701049096011059021&pv=1
  • https://www.vehiculum.de/leasing/htlp/awin.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.vehiculum.de/leasing/htlp/awin.html
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=kz7wypcm3ihf&nw=20&renderingType=javascript&namespace=5254cd544b&subid=&uid=92b7db68fb3ee649&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3792631268225583001%26mt_id%3D6864062%26mt_adid%3D216536%26mt_sid%3D4802372%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3D9c195ddd-429a-4101-8a30-a9035036d060%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ancestorOrigins=https%3A%2F%2Fwww.bleepingcomputer.com&random=1036848775172&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:b368 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
www.vehiculum.de
:scheme
https
:path
/leasing/htlp/awin.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
date
Tue, 26 Nov 2019 15:19:55 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dbc5b20e6ca43919309610d34e816099a1574781594; expires=Thu, 26-Dec-19 15:19:54 GMT; path=/; domain=.vehiculum.de; HttpOnly
last-modified
Mon, 25 Nov 2019 18:57:10 GMT
via
1.1 vegur, 1.1 vegur
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
53bcd7e8482f5976-VIE
content-encoding
br

Redirect headers

Location
https://www.vehiculum.de/leasing/htlp/awin.html
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Content-Length
0
Date
Tue, 26 Nov 2019 15:19:54 GMT
Connection
keep-alive
Set-Cookie
awpv16039=296283|1574781594|331c9f00-1060-11ea-894e-692d07d3a653;domain=.awin1.com;path=/;expires=Friday, 27-Dec-2019 15:19:54 UTC; AWSESS=356706:2335133;domain=.awin1.com;path=/;
Awin-Akamai-Rule-Set
default
onepixel.gif
ad.zanox.com/ppv/images/ Frame CAD8
Redirect Chain
  • https://ad.zanox.com/tpv/?45475836C666538628T&zpar0=71005200101434701049096011059021
  • https://pb.media01.eu/view.aspx?trackid=91C09AA007C123F60FDC6F5FD61F1F1B&dt_subid1=45475836C666538628SV1yq17808558126014947841463036549257yb5yb7T2634429021555158016&dt_subid2=&actionid=879111&produ...
  • https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq17808558126014947841463036549257yb5yb7T2634429021555158016&dyn_id=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq17808558126014947841463036549257yb5yb7T2634429021555158016&dyn_id=
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=kz7wypcm3ihf&nw=20&renderingType=javascript&namespace=5254cd544b&subid=&uid=92b7db68fb3ee649&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3792631268225583001%26mt_id%3D6864062%26mt_adid%3D216536%26mt_sid%3D4802372%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3D9c195ddd-429a-4101-8a30-a9035036d060%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ancestorOrigins=https%3A%2F%2Fwww.bleepingcomputer.com&random=1036848775172&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.216.249.67 , France, ASN47268 (ZANOX, FR),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Host
ad.zanox.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Accept-Encoding
gzip, deflate, br
Cookie
zttpvc=5C279489S2634429021555158016T0II5C172440S2634429021555158016T0II45475836C0SV1yq17808558126014947841463036549257yb5yb7T2634429021555158016; zptpvc=5C279489S2634429021555158016T0II5C172440S2634429021555158016T0II45475836C0SV1yq17808558126014947841463036549257yb5yb7T2634429021555158016
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

Content-Type
image/gif
Last-Modified
Thu, 04 May 2000 17:04:38 GMT
Accept-Ranges
bytes
ETag
"09764d4eab5bf1:0"
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
P3P
policyref="http://ad.zanox.com/w3c/p3p.xml", CP="NOI CUR OUR STP"
jobs-at-zanox
https://www.zanox.com/jobs/international
Date
Tue, 26 Nov 2019 15:20:24 GMT
Content-Length
43
Via
10.30.0.115%1
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, must-revalidate
Pragma
no-cache
Content-Type
text/html; charset=UTF-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Tue, 26 Nov 2019 04:19:50 GMT
Location
https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq17808558126014947841463036549257yb5yb7T2634429021555158016&dyn_id=
Server
Microsoft-IIS/8.5
Set-Cookie
ASP.NET_SessionId=3rncd20lrgpjjy5ui4y5kmt3; path=/; HttpOnly DTU=98143C5C3C1588FD7974AE3B7CA1C43C; expires=Fri, 26-Nov-2021 15:19:50 GMT; path=/
P3P
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-XSS-Protection
1; mode=block
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Tue, 26 Nov 2019 15:19:49 GMT
Content-Length
0
request_content.php
hal900021.redintelligence.net/ Frame B55C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900021.redintelligence.net/request_content.php?s=71005200101434701049096011059021&a=ab2ff42f
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=kz7wypcm3ihf&nw=20&renderingType=javascript&namespace=5254cd544b&subid=&uid=92b7db68fb3ee649&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3792631268225583001%26mt_id%3D6864062%26mt_adid%3D216536%26mt_sid%3D4802372%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3D9c195ddd-429a-4101-8a30-a9035036d060%26redirect%3D&documentReferer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&ancestorOrigins=https%3A%2F%2Fwww.bleepingcomputer.com&random=1036848775172&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.84.253 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.253.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash

Request headers

Host
hal900021.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Accept-Encoding
gzip, deflate, br
Cookie
8lcfmzhxc8d6_uid=294fa18ebc181c65
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

Date
Tue, 26 Nov 2019 15:19:54 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 26 Nov 2019 15:19:54 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1485
Connection
close
Content-Type
text/html; charset=utf-8
cshow.php
www.awin1.com/ Frame 9F21 		43 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519563&v=14098&q=368694&r=296283&pref1=71005200101434701049096011059021&pv=1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.62.137.117 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-62-137-117.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:54 GMT
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
onepixel.gif
ad.zanox.com/ppv/images/ Frame 9F21
Redirect Chain
  • https://ad.zanox.com/ppv/?45475836C666538628&zpar0=71005200101434701049096011059021
  • https://ad.zanox.com/ppv/images/onepixel.gif
43 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.zanox.com/ppv/images/onepixel.gif
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.216.249.67 , France, ASN47268 (ZANOX, FR),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
73e88dfcd0f3a535341fb641c5400fcf772ffe36c628241104f829d3cf48e29b

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 Nov 2019 15:20:23 GMT
Via
10.30.0.119%1
ETag
"09764d4eab5bf1:0"
Last-Modified
Thu, 04 May 2000 17:04:38 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
policyref="http://ad.zanox.com/w3c/p3p.xml", CP="NOI CUR OUR STP"
jobs-at-zanox
https://www.zanox.com/jobs/international
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:20:23 GMT
Via
10.30.2.100%1
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
P3P
policyref="http://ad.zanox.com/w3c/p3p.xml", CP="NOI CUR OUR STP"
Location
https://ad.zanox.com/ppv/images/onepixel.gif
Cache-Control
no-store
Connection
close
Content-Length
0
jobs-at-zanox
https://www.zanox.com/jobs/international
id.js
mathid.mathtag.com/device/ Frame 9F21 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mathid.mathtag.com/device/id.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.133.33 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software
/ Express
Resource Hash
b08fefb255b40cd18b0f7db8ec21c6f0c79d16aa828d7ed9157da12a38538682

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 Nov 2019 15:19:54 GMT
Content-Encoding
gzip
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Transfer-Encoding
chunked
X-MM-Host
zrh-mathid-x2
Connection
keep-alive
Access-Control-Allow-Headers
Content-type, X-Optout
Keep-Alive
timeout=360
Expires
Tue, 26 Nov 2019 16:19:54 GMT
dv-measurements296.js
cdn.doubleverify.com/ Frame 0B78 		271 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements296.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
72.247.226.173 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-226-173.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
b7f6b8292b0dd3f0b28d4abb927a9188c7483490fecc868765f96419808c0afe

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 Nov 2019 15:19:54 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Nov 2019 11:24:32 GMT
Server
Microsoft-IIS/10.0
ETag
"0184095399dd51:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64161
truncated
/ Frame 9F21 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a84d56a27124f013b5124d787dd2a2c2af37f44595ab5cd1d524cd0f9cb7ac19

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7B70 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
8395
date
Tue, 26 Nov 2019 12:42:30 GMT
expires
Wed, 25 Nov 2020 12:42:30 GMT
last-modified
Wed, 09 May 2018 20:45:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
9444
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
lidar.js
www.googletagservices.com/activeview/js/current/ Frame F682 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f3b1cbcae30c3333030ae6e8aaab4f25aef478a5428f29510ee632c750f5decf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573858490126243"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29370
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:54 GMT
index.html
s0.2mdn.net/sadbundle/4008758915087990784/ Frame E21D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4008758915087990784/index.html?e=69&leftOffset=0&topOffset=0&c=oGqNLNrRYd&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/sadbundle/4008758915087990784/index.html?e=69&leftOffset=0&topOffset=0&c=oGqNLNrRYd&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
timing-allow-origin
*
date
Tue, 26 Nov 2019 15:19:54 GMT
expires
Wed, 25 Nov 2020 15:19:54 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 28 Oct 2019 14:09:11 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
view
googleads4.g.doubleclick.net/pcs/ Frame F682 		0
705 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsssRVee9IUnz5BjrfWrRpR3s9mdTidY-Bnwr71QIaoiUazuu3kaQLPK-2VLTX7en1JU0ybZWEC55IYm8ehkahoOxzOY8_bWQwBPqzbACBYs99ppMgNl60vmZTYh97V3j80taC-K9VPtkLkjxrDJh3FEbBw8BmYTHYIVvDZO7B6AIYnvdOSlZ93e9yLAkZDwuXwT88wDgbYHkrTwUz19wQAfRtxO7xKE_eKkcpO92sAxqmzhgF_Gh7CrGRPiD8ZLeLvtB6BteXsVGdd6Zmo1BcMfuyECGl0SOE1G0FjATexDncWrCvoRiCEdhMIrIW6QpISLtYF0vXcmmCG28X2IBaNEk47WiNwhodmUm16fBLZQaasuF9exAR8AHdquBa_nscgFN-OtKRPrf4hRWnOtUwefs53CteHXAON8tioBQp3UxOyY55Sc-QEu9oweVoXblr0CP_ELAhk_cfQGpJ-yiuYIkWloNtkxle9iCypb-HmSfOJZVnXRW-rCot9xd-mraPAg8iCeSg0z0fIIa9hwth_lFo-XEYdlLLgB2j4nZm02PmQZyMRbs3x1kAMFwW6PE7LF78UoXRjHun_5mFS6xsEWC2c0VTg9bJfT7kDzRvzrNPpAgQ7jxGVO155TYiCqj6JSmNbit8FQJD88jjdoY6To89yhdS457EX94e1NgUNPlIKonyssdM2pOLnV6wx30HDAxK8Bc7pxyTlHRaK4bln_BUteKQr-GgbLIxt_QhAhv1bGbDeepqCHDFb8-wERCqNsiTyJZXp4L-n6CahhXRPMiDmB-Y-eO8x5zQd68fP5lLxVAw7B-sCRPL6pSICmN7CZsEtPCbwi0xMvUp4kxO3z_m3T-LaxBLWiuzErXQrWc5adPh1HUTSY191PMMyZFfDIJ5b89zm1Y_6qyKrTENYPW18EfkLFLUWRDk0jodpgTZD_YGcnX13SEJGTm8CMLzcDNWW5AIGI_jMI8UsFSsXK-2o7RmkYL1g7iDGdcAe-PjRcHRPGB6WFaKApxnONUZDs3S4iJq5YKlRLidnOQi2-qLMNxlThkzPskdka28z1shgNOgNHPte6N7JFRrIf73CJ5A&sai=AMfl-YTkHLG-bbFDO7rEI5IyihCpIGCMctA7k1IbXTjIM_OK1K2vlGn6KL_o2E8-3_LUQFF4VvdTTez86Ej57uxklxFy3TT_UGwXNOVeKRRBshGQNCsR6S1eyds3nU6a8nWCHBEQ&sig=Cg0ArKJSzM46ebfN0_bFEAE&pr=6:0.026522&urlfix=1&omid=0&rm=1&ctpt=198&cstd=180&cisv=r20191114&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
date
Tue, 26 Nov 2019 15:19:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
t2tv7.html
cdn3.doubleverify.com/ Frame 9778 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn3.doubleverify.com/t2tv7.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements296.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
72.247.226.173 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-226-173.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

Cache-Control
max-age=946080000
Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Thu, 11 Sep 2014 19:15:16 GMT
Accept-Ranges
bytes
ETag
"0ba3b8f4cdcf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
3880
Date
Tue, 26 Nov 2019 15:19:55 GMT
Connection
keep-alive
visit.js
tps.doubleverify.com/ Frame 0B78 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETau%3F6HDTauD64FC%3AEJTauD%3A%3D%3DJ%5CA9%3AD9%3A%3F8%5CDA%40E%3D%3A89E%5C%3D%408%3A%3F%5CE%40%5CF%3F3%3D%404%3C%5C%3E%3A4C%40D%407E%5C6I46%3DTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3ETar9EEADTbpTauTauHHH%5D3%3D66A%3A%3F84%40%3EAFE6C%5D4%40%3EU2%26C%3Dl&srcurlD=0&aUrlD=0&ssl=https:&aadid=dc8284887766de036d53c81083a36706778d6633&uid=1574781595105112&jsCallback=dvCallback_1574781595105522&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=296&vavbkt=4,8,1,23&lvvn=26&m1=13&refD=1&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&fwc=0&fcl=196&flt=0&fec=1093&fcifrms=14&brh=2&dvp_epl=351&noc=16&ctx=499507&cmp=DV119194&sid=17306&plc=sampletag&adsrv=0&advid=3819603&turl=https%3A//www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/&DVP_IS_SAMPLE=1&DVP_PP_REP=1&DVP_IQM_ID=10&DVP_DV_TT=1&DVP_DV_CT=1&DVP_MM_1=216536&DVP_MM_2=651871&DVP_MM_3=4802372&DVP_MM_4=6864062&DVP_MM_5=cas&DVP_MM_6=15&DVP_MM_7=184310&DVP_MM_8=393562&DVPX_PP_IMP_ID=3792631268225583001&dvp_tuid=1387249773915
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements296.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.254.244.16 , Ireland, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
88f480dd44db1bf9c97136c14e99b95082f177acdf97b972d483ecb8bd8bfd26

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:55 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Expires
11/25/2019 3:19:55 PM
tracking.png
trk.connatix.com/ Frame C779 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:976,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:1083,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=794f9f3c000aa84fd1341574781595211&c_pl=SLEROxj0csrgRkI4F3oTnlWP1SIhNA9hK_I_5DK_ayqRfLH1XAK8CxdKD-dlFVRh9EjY8vbTtQeR84PgJwV429P7rAz2Y3Byj8oiy0bNRKUtjvKhHX8jh-0Ox8ohburUiMrwoHixGwC0qj8L0wCJ-ovlJ7gsaUnu313RrhbTWEyfSrg9ojFFphEaO-IpS4pFTA5IGdZRgYIs1aaBrSTroAhLLB35EEeO8pnLa3tdHEQ&c_v=1822_0_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-e&xplt=true&spp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.1.10 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-211-1-10.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 26 Nov 2019 15:19:55 GMT
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
0
view
googleads4.g.doubleclick.net/pcs/ Frame F682 		0
658 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsssRVee9IUnz5BjrfWrRpR3s9mdTidY-Bnwr71QIaoiUazuu3kaQLPK-2VLTX7en1JU0ybZWEC55IYm8ehkahoOxzOY8_bWQwBPqzbACBYs99ppMgNl60vmZTYh97V3j80taC-K9VPtkLkjxrDJh3FEbBw8BmYTHYIVvDZO7B6AIYnvdOSlZ93e9yLAkZDwuXwT88wDgbYHkrTwUz19wQAfRtxO7xKE_eKkcpO92sAxqmzhgF_Gh7CrGRPiD8ZLeLvtB6BteXsVGdd6Zmo1BcMfuyECGl0SOE1G0FjATexDncWrCvoRiCEdhMIrIW6QpISLtYF0vXcmmCG28X2IBaNEk47WiNwhodmUm16fBLZQaasuF9exAR8AHdquBa_nscgFN-OtKRPrf4hRWnOtUwefs53CteHXAON8tioBQp3UxOyY55Sc-QEu9oweVoXblr0CP_ELAhk_cfQGpJ-yiuYIkWloNtkxle9iCypb-HmSfOJZVnXRW-rCot9xd-mraPAg8iCeSg0z0fIIa9hwth_lFo-XEYdlLLgB2j4nZm02PmQZyMRbs3x1kAMFwW6PE7LF78UoXRjHun_5mFS6xsEWC2c0VTg9bJfT7kDzRvzrNPpAgQ7jxGVO155TYiCqj6JSmNbit8FQJD88jjdoY6To89yhdS457EX94e1NgUNPlIKonyssdM2pOLnV6wx30HDAxK8Bc7pxyTlHRaK4bln_BUteKQr-GgbLIxt_QhAhv1bGbDeepqCHDFb8-wERCqNsiTyJZXp4L-n6CahhXRPMiDmB-Y-eO8x5zQd68fP5lLxVAw7B-sCRPL6pSICmN7CZsEtPCbwi0xMvUp4kxO3z_m3T-LaxBLWiuzErXQrWc5adPh1HUTSY191PMMyZFfDIJ5b89zm1Y_6qyKrTENYPW18EfkLFLUWRDk0jodpgTZD_YGcnX13SEJGTm8CMLzcDNWW5AIGI_jMI8UsFSsXK-2o7RmkYL1g7iDGdcAe-PjRcHRPGB6WFaKApxnONUZDs3S4iJq5YKlRLidnOQi2-qLMNxlThkzPskdka28z1shgNOgNHPte6N7JFRrIf73CJ5A&sai=AMfl-YTkHLG-bbFDO7rEI5IyihCpIGCMctA7k1IbXTjIM_OK1K2vlGn6KL_o2E8-3_LUQFF4VvdTTez86Ej57uxklxFy3TT_UGwXNOVeKRRBshGQNCsR6S1eyds3nU6a8nWCHBEQ&sig=Cg0ArKJSzM46ebfN0_bFEAE&pr=6:0.026522&urlfix=1&omid=0&rm=1&ctpt=603&vt=11&dtpt=405&dett=3&cstd=180&cisv=r20191114&adurl=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 26 Nov 2019 15:19:55 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
av
connatix-d.openx.net/v/1.0/ Frame C779
Redirect Chain
  • https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=732d81ca31a412892...
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=732d81ca31a4...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=732d81ca31a412892b961574781594912&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:55 GMT
via
1.1 google
server
OXGW/16.167.2
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=732d81ca31a412892b961574781594912&vwd=834&vht=470&gdpr=1&gdpr_consent=0
p3p
CP="CUR ADM OUR NOR STA NID"
status
302
access-control-allow-credentials
true
alt-svc
clear
content-length
0

Redirect headers

date
Tue, 26 Nov 2019 15:19:55 GMT
via
1.1 google
server
OXGW/16.167.2
status
302
location
https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=732d81ca31a412892b961574781594912&vwd=834&vht=470&gdpr=1&gdpr_consent=0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
clear
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 3560 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C76t1mULdXfnoCYSVgAe2pYHgC8iOlJpa797agNsKyrqM8b4BEAEg2tfFOWCVAqABk7SQ4wPIAQapAhFjhk5ReLI-4AIAqAMBqgTCAk_Q284ANBKN14EXcjjJ92_zSSmDbqY9VqBKoZZL98F7r8vCRUNmpKmofzmEpu8j866jvkc4G6-yZlHx67Jjr6gCJ1JUPrXlj0iue8cdmWePeqYEHhmt149flLFoUyEu0xhp8y5dolWIqBHLx3knUAtyG1MLRm4h4uglqzNd9NH-NDdsmJiYUsWN7gL89Py_Ws0yVt9cxpACkBidPMCSVMDCQr0SRmsblzTAs5H0uhTx0OhW2-2Lpq6BcpSNrougqkKKgDAEOArPQpnl6KWnsDFUoBh5CfhqexkpDxdT-jMFOgKyslZKeIjd6dmeiwmYZzsGZ81x8MB9Lk69eGcgHqytrTkuOR9lHcwDVqHyHQ6lE4GBPdOPjVgKubh43DTv8QrzIhI0Gj9Fj_YigRJIOhqgig0ExpAC4VkI2lVcHNpn4kvABO3IqqW3AuAEAaAGN4AH1cvvHKgHjs4bqAfVyRuoB5PYG6gHugaoB9nLG6gHz8wbqAemvhuoB-zVG9gHAfIHBBDfrA_SCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTE3NDIyNDk2MDMyODkwODOACgPYEwOIFAQ&sigh=UYr6xCJxlHQ&vt=1&template_id=492
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 3560 		42 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGdJthVKCMMFiRUHnkjs_D975aFjStDU48pheL1dlqJwFVmSyECW774eID6kminXuoopcMCtcwx86zpgMeTJg_BNgJTa0bI8xJYb8td94Uu5epg3F4HC7gYZ48Tw&sai=AMfl-YRZxlXs7SezvgXF2AaIrTDVcPdeAU6iHNtcHKRLYXIdG6y8UJSV5-gusSokcjQ_R7uFG0Z2cTyeYG2v3-7cqCb5Ddg-Shr7Ms8Ylv0RVKzv50LmpO70MBnLvO0&sig=Cg0ArKJSzIINrH36fH-kEAE&cid=CAASF-RobVBU5ZNBWFkEsHOnMxUqUdXjcP-Q&id=ampim&o=315,146&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1305&mtos=0,0,0,1305,1305&tos=0,0,0,1305,0&tfs=186&tls=1491&g=100&h=100&tt=1491&r=v&adk=960084856&avms=ampa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:55 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame DE52 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CvyMomULdXfvsCYSVgAe2pYHgC-PP9Z5ahPiO2aoKv-EeEAEgx4P8AWCVAqAB0vjL4gPIAQHgAgCoAwGqBMMCT9CGCQ70zWnRYJ5b2gOBA_JF46wwf-Xutriyg0wThjxwTULlhESw2QdypSvg1OuCEhOtQALkWptvQIn41C53e5Mygc9Vdhy9c-L3LoPP6aZ1Kuef5zV_iyODrp9wSTuMX9MUbM7V3VKRP2TIuK_-QUJ0Y2l9cvimMYDdUmZ1onk_XNcecCDQUrduj9Ovpohc-WmYqux8Pt-w9sUycHjRriyqyay4j7_lMW5-bWwMrfqE6xOr2R1tY1gZx7rqYePhoGQgbG6he3fn1Bx4fsR0btjoI-La9Q2H0qzVWd47LniC5YQpRVJmH85VwYp4d-5PjDBP2CBJsCO_G6wumtR3QzzCbFMFW-XyD4lnUws33BwBMSZ8L1MpT4YUzf0QQdY_vBPlGjNK-ItNznqInjIn2L6zrDX14R3IJQ7xN7xOHJswqgrABLyM-PyGAuAEAYAHgYjWQ6gHjs4bqAfVyRuoB5PYG6gHugaoB9nLG6gHz8wbqAemvhuoB-zVG9gHAfIHBBDWiw3SCAkIgOGAEBABGB2ACgHYEwM&sigh=uj7nHlTsDg0&vt=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame DE52 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbYYTr9dzXzOt5yReKbi8HoYNDzF_M21Z37kRB3GLWTUENK6-rPYhVtvzbkOf36DFHG2fdz-CnU08LrMZXNpOj77f5AYrv3e7M_Q7mVP38p-EgBd5hRVoTavJseHR_sXdM9e6iFVULBQPDq4Rb_qRs&sai=AMfl-YRciTXqNuD_HgPm1zcQz_FMbjQm4Xf__3Y-boBFplB4uUDQCpuIom7ItXM5WW3KJ2c-jQ8XI3tQ_mcDb1f6HNEJu44vHI83aftMILdbeZexB-CUxNHU_OQ9cf4&sig=Cg0ArKJSzGZsaGf3VB7YEAE&cid=CAASF-RoKB7lAZxSpOVWGMHMFMQWyPnzzdZ3&id=ampim&o=1082,487&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1304&mtos=0,0,1304,1304,1304&tos=0,0,1304,0,0&tfs=161&tls=1465&g=100&h=100&tt=1465&r=v&adk=771041174&avms=ampa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:55 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rar
ad4m.at/ad/ Frame B9F7
Redirect Chain
  • https://ad4m.at/rs?a=&b=49&c=700&d=3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlk&e=728&f=90&g=1&h=adf01awindc&i=&j=1039&k=1&l=&m=&n=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D32050304%3Bcrtbwp%3DCF3C904FD9876...
  • https://ad4m.at/ad/rar?a=14044%2C12866%2C825&b=oneid925fMfmfYk4UKHBH2t7tVK4tgoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc%2ConeidX3ZFzfrfd17t6H4HetqtD29UAoneid__asuid3X6XwUYkSGKg1...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/rar?a=14044%2C12866%2C825&b=oneid925fMfmfYk4UKHBH2t7tVK4tgoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc%2ConeidX3ZFzfrfd17t6H4HetqtD29UAoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc%2ConeidggJT8frfjmhPHbH8t5tV4WF6oneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc&f=oneid1pACbfKfYwQU9HdH9tpC89zUMoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc%2ConeidejVa3fVfDGVCjHZHet2CWxksMoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc%2ConeidBJEUgfPfDkSxH6H3tgC4xAHzoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc&c=728&d=90&e=3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlk&g=84d30309953ff652d5c54c84a44f52f5%2F528350148830607122&i=25007%2C18122%2C11787&j=16%2C16%2C16&k=0&l=0&m=0&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D32050304%3Bcrtbwp%3DCF3C904FD9876181%3Bcrtbdata%3DXByNXCr87TASCfYZDSd2aXD5LT7d0wqYoSo8dDYZwNKwxj6VO89j9y1bsJMJNdgOp6nyIZ7AtHjBL2TLNDMgXsrsk0kkM8v497eWfFsDo_J4VLtl1qLXrZpAnvhgEYycikSyMY6XAlx0ELgKAZ-7-Tnj9pbYx5k-5l_VyMI_ww38vamEe6zchVRZHGYYsQT96_2LLUaPoiyQ48MNLdwN30T1KcrmH9IaMYiAYMx2S_bJpCnPsKnUhZLGUUHwoP9PdMgmc-9YsbE2brh1j-uzd7ut6wIJPUaw07p9AVkl_NWhLWf8uBWALODtcivAb94qYctqD52uXjpAV22M5CLR6AY_XY_D3lCi0%3Badfibeg%3D0%3Bcdata%3DJ6d1_gXBzQJNkoim8y32RgwRZGuFuL6pEx14g_hcwfpYBRXMc3-0AkKr1ztCzqheMrfXzzOMYt7gkvlIUh1_kx_pykNs07OXWzM2hOoE-0pS_GAZHSfv6kIBxy2nlfNLVL8X2O1t7uRqfceJ1CAz6VvC1O7lHHkIYC115S7qaP6W9GQvIDz6H21bgpSzATcgwhQlFUANFuN4Hk6_OJrp-oBKux_0fvDDHDiC3SsNMbT94cYkuPdDRa4WrCE8ovGn1lqp0K3JBHU1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.bleepingcomputer.com%252fnews%252fsecurity%252fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.94.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
1.94.190.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri /ad/report-csp-violation; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/rar?a=14044%2C12866%2C825&b=oneid925fMfmfYk4UKHBH2t7tVK4tgoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc%2ConeidX3ZFzfrfd17t6H4HetqtD29UAoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc%2ConeidggJT8frfjmhPHbH8t5tV4WF6oneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc&f=oneid1pACbfKfYwQU9HdH9tpC89zUMoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc%2ConeidejVa3fVfDGVCjHZHet2CWxksMoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc%2ConeidBJEUgfPfDkSxH6H3tgC4xAHzoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc&c=728&d=90&e=3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlk&g=84d30309953ff652d5c54c84a44f52f5%2F528350148830607122&i=25007%2C18122%2C11787&j=16%2C16%2C16&k=0&l=0&m=0&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D32050304%3Bcrtbwp%3DCF3C904FD9876181%3Bcrtbdata%3DXByNXCr87TASCfYZDSd2aXD5LT7d0wqYoSo8dDYZwNKwxj6VO89j9y1bsJMJNdgOp6nyIZ7AtHjBL2TLNDMgXsrsk0kkM8v497eWfFsDo_J4VLtl1qLXrZpAnvhgEYycikSyMY6XAlx0ELgKAZ-7-Tnj9pbYx5k-5l_VyMI_ww38vamEe6zchVRZHGYYsQT96_2LLUaPoiyQ48MNLdwN30T1KcrmH9IaMYiAYMx2S_bJpCnPsKnUhZLGUUHwoP9PdMgmc-9YsbE2brh1j-uzd7ut6wIJPUaw07p9AVkl_NWhLWf8uBWALODtcivAb94qYctqD52uXjpAV22M5CLR6AY_XY_D3lCi0%3Badfibeg%3D0%3Bcdata%3DJ6d1_gXBzQJNkoim8y32RgwRZGuFuL6pEx14g_hcwfpYBRXMc3-0AkKr1ztCzqheMrfXzzOMYt7gkvlIUh1_kx_pykNs07OXWzM2hOoE-0pS_GAZHSfv6kIBxy2nlfNLVL8X2O1t7uRqfceJ1CAz6VvC1O7lHHkIYC115S7qaP6W9GQvIDz6H21bgpSzATcgwhQlFUANFuN4Hk6_OJrp-oBKux_0fvDDHDiC3SsNMbT94cYkuPdDRa4WrCE8ovGn1lqp0K3JBHU1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.bleepingcomputer.com%252fnews%252fsecurity%252fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
server
nginx
date
Tue, 26 Nov 2019 15:19:55 GMT
content-type
text/html; charset=UTF-8
content-length
7875
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"/ad/violation-report-endpoint"}],"group":"report-endpoint","max_age":86400}
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri /ad/report-csp-violation; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
expires
0
feature-policy
autoplay 'self';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';midi 'none';payment 'none';sync-xhr 'none';usb 'none';vr 'none'
pragma
no-cache
referrer-policy
no-referrer
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-rc7d
via
1.1 google
alt-svc
clear

Redirect headers

status
307
server
nginx
date
Tue, 26 Nov 2019 15:19:55 GMT
location
https://ad4m.at/ad/rar?a=14044%2C12866%2C825&b=oneid925fMfmfYk4UKHBH2t7tVK4tgoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc%2ConeidX3ZFzfrfd17t6H4HetqtD29UAoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc%2ConeidggJT8frfjmhPHbH8t5tV4WF6oneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc&f=oneid1pACbfKfYwQU9HdH9tpC89zUMoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc%2ConeidejVa3fVfDGVCjHZHet2CWxksMoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc%2ConeidBJEUgfPfDkSxH6H3tgC4xAHzoneid__asuid3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlkasuid__adf01awindc&c=728&d=90&e=3X6XwUYkSGKg1Hs9Ppi39Pgqg78MCwlk&g=84d30309953ff652d5c54c84a44f52f5%2F528350148830607122&i=25007%2C18122%2C11787&j=16%2C16%2C16&k=0&l=0&m=0&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D32050304%3Bcrtbwp%3DCF3C904FD9876181%3Bcrtbdata%3DXByNXCr87TASCfYZDSd2aXD5LT7d0wqYoSo8dDYZwNKwxj6VO89j9y1bsJMJNdgOp6nyIZ7AtHjBL2TLNDMgXsrsk0kkM8v497eWfFsDo_J4VLtl1qLXrZpAnvhgEYycikSyMY6XAlx0ELgKAZ-7-Tnj9pbYx5k-5l_VyMI_ww38vamEe6zchVRZHGYYsQT96_2LLUaPoiyQ48MNLdwN30T1KcrmH9IaMYiAYMx2S_bJpCnPsKnUhZLGUUHwoP9PdMgmc-9YsbE2brh1j-uzd7ut6wIJPUaw07p9AVkl_NWhLWf8uBWALODtcivAb94qYctqD52uXjpAV22M5CLR6AY_XY_D3lCi0%3Badfibeg%3D0%3Bcdata%3DJ6d1_gXBzQJNkoim8y32RgwRZGuFuL6pEx14g_hcwfpYBRXMc3-0AkKr1ztCzqheMrfXzzOMYt7gkvlIUh1_kx_pykNs07OXWzM2hOoE-0pS_GAZHSfv6kIBxy2nlfNLVL8X2O1t7uRqfceJ1CAz6VvC1O7lHHkIYC115S7qaP6W9GQvIDz6H21bgpSzATcgwhQlFUANFuN4Hk6_OJrp-oBKux_0fvDDHDiC3SsNMbT94cYkuPdDRa4WrCE8ovGn1lqp0K3JBHU1%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.bleepingcomputer.com%252fnews%252fsecurity%252fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
cache-control
private, no-store, max-age=0
x-fastcgi-cache
BYPASS
x-backend-server
rs-t9gn
via
1.1 google
alt-svc
clear
pixel
cm.g.doubleclick.net/ Frame C779
Redirect Chain
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=732d81ca31a4...
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:55 GMT
via
1.1 google
server
OXGW/16.167.2
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
p3p
CP="CUR ADM OUR NOR STA NID", CP="CUR ADM OUR NOR STA NID"
status
302
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:55 GMT
via
1.1 google
server
OXGW/16.167.2
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
p3p
CP="CUR ADM OUR NOR STA NID", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C779
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPPjdcOQuaCkaslC3-JeBaQ&google_cver=1
0
0
event.png
tps20221.doubleverify.com/ Frame 0B78 		67 B
397 B 		Other
General
Check archive.org
Download Go to
Full URL
https://tps20221.doubleverify.com/event.png?impid=41dfe1bfc7864d2ca3ce3c87178024f0&dvp_ealrgx=1&eoid=6&msrjs=296&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&dvp_esdtms=1198&cbust=1574781596185454
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements296.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.254.244.18 , Ireland, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:55 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Content-Type
image/png
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
67
Expires
11/25/2019 3:19:56 PM
514171
vid.springserve.com/vast/ Frame C779 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.245.241.249 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-245-241-249.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
04e275c09f247f945daba3af97a258b96f820061a6699ef0a280696ad91102b8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

Date
Tue, 26 Nov 2019 15:19:56 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
913
ck-confirm
tags.mathtag.com/ Frame 9F21 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=3792631268225583001&node_id=722&exch_id=15&mathid_data=%7B%22dv1%22%3A%22TW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzc0LjAuMzcyOS4xNjkgU2FmYXJpLzUzNy4zNg%3D%3D%22%2C%22dv2%22%3A%22NWI2NjgwZjU1ZmFiYmMxM2YxMGMwMDgyNTM4NjQ0OTk%3D%22%2C%22dv3%22%3A%22%22%2C%22dv4%22%3A%22MTYwMHwxMjAwfDE2MDB8MTIwMHwyNHx8%22%2C%22dv5%22%3A%22RXVyb3BlL0Jlcmxpbg%3D%3D%22%2C%22dv6%22%3A%22%22%2C%22dv7%22%3A%22MA%3D%3D%22%2C%22dv8%22%3A%22ZmFsc2V8dHJ1ZXx0cnVl%22%2C%22dv9%22%3A%22fGVuLVVTfA%3D%3D%22%2C%22dv10%22%3A%22TW96aWxsYXxOZXRzY2FwZXxMaW51eCB4ODZfNjR8%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.133.224 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software
MMBD/3.160.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 Nov 2019 15:19:56 GMT
Server
MMBD/3.160.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x31, zrh-bidder-x75
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 26 Nov 2019 15:19:55 GMT
vpaid_855affef.js
vpaid.springserve.com/production/ Frame 2CFC 		420 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_855affef.js
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
AmazonS3 /
Resource Hash
8a41e097be4591fa4f13e6eea4fddaa0dabfb232193ce6885653f244f2dc7a3a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:56 GMT
content-encoding
gzip
last-modified
Fri, 22 Nov 2019 18:17:07 GMT
server
AmazonS3
x-amz-request-id
5AD82A02192E0B0E
etag
"b03e75f0c79cce2a5b914f3297f941d3"
x-hw
1574781596.dop123.fr8.t,1574781596.cds054.fr8.hc,1574781596.cds010.fr8.c
content-type
application/javascript
status
200
cache-control
max-age=2294855
accept-ranges
bytes
access-control-allow-origin
*
content-length
95929
x-amz-id-2
w7aOYBQiB1wbaziIFJipv3PYfz6eZFn23etM0yKArksBc48Q6cMciAzrDP2XXTobyJ/blkuhfMo=
oath-viewability-sdk.js
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 2CFC 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 03:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475196
status
200
content-length
7868
strict-transport-security
max-age=15552000
x-amz-request-id
316821272E7A90D7
x-amz-id-2
QiyDMbk2Iv868i8GdJwru1Y+Y6r6BEIAXzkIgAn2JbztekbUHjob6TxFAO7l9novcHEx19x9Jqs=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Jan 2018 04:39:44 GMT
server
ATS
etag
"f89c71522a28b573b7e8c681892779ce-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
accept-ranges
bytes
content-type
application/javascript
/
ima3vpaid.appspot.com/ Frame 2CFC 		1 KB
924 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ima3vpaid.appspot.com/?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781596451%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781596451&type=js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
a42387959fd00cf838ad744c2e385a7413d71727933da1ed451a4851724ed427

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 26 Nov 2019 15:19:56 GMT
content-encoding
gzip
server
Google Frontend
status
200
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
x-cloud-trace-context
8ac79718f2b9bd6967ba9012f4fdf742
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
565
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame E17F 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781596451%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781596451&type=js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
529c00446502c1e3f4c46ed903dcd0a20d3f10a1ca22c7b790d448e6d8cb6902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 20 Nov 2019 19:35:27 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14224
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:34:56 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame E17F 		273 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781596451%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781596451&type=js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94888
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:56 GMT
bridge3.353.0_en.html
imasdk.googleapis.com/js/core/ Frame A393 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.353.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
196419
date
Fri, 22 Nov 2019 15:28:56 GMT
expires
Sat, 21 Nov 2020 15:28:56 GMT
last-modified
Wed, 20 Nov 2019 19:30:13 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
345061
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
client.js
s0.2mdn.net/instream/video/ Frame E17F 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10523
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:57 GMT
integrator.js
adservice.google.com/adsid/ Frame E17F 		109 B
778 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
bc2
bc-rtb-dub.springserve.com/ Frame 2CFC 		2 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc-rtb-dub.springserve.com/bc2?r=3a9c0b86-7ad6-42bf-a2e0-9074792d5490-s.514171-d.528021-dc.73342&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.175.165 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-252-175-165.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Nov 2019 15:19:57 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
i
vid-io.springserve.com/vd/ Frame 2CFC 		0
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io.springserve.com/vd/i?suuid=3a9c0b86&ps_id=514171&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.219.23 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-200-219-23.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Tue, 26 Nov 2019 15:19:57 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
av
connatix-d.openx.net/v/1.0/ Frame C779
Redirect Chain
  • https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=db827bebccf3a8398...
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=db827bebccf3...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=db827bebccf3a83986621574781597804&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:57 GMT
via
1.1 google
server
OXGW/16.167.2
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=db827bebccf3a83986621574781597804&vwd=834&vht=470&gdpr=1&gdpr_consent=0
p3p
CP="CUR ADM OUR NOR STA NID"
status
302
access-control-allow-credentials
true
alt-svc
clear
content-length
0

Redirect headers

date
Tue, 26 Nov 2019 15:19:57 GMT
via
1.1 google
server
OXGW/16.167.2
status
302
location
https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=db827bebccf3a83986621574781597804&vwd=834&vht=470&gdpr=1&gdpr_consent=0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame C779
Redirect Chain
  • https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F&cb=db827bebccf3...
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:57 GMT
via
1.1 google
server
OXGW/16.167.2
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
p3p
CP="CUR ADM OUR NOR STA NID", CP="CUR ADM OUR NOR STA NID"
status
302
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:57 GMT
via
1.1 google
server
OXGW/16.167.2
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
p3p
CP="CUR ADM OUR NOR STA NID", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
clear
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C779
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
0
0
514171
vid.springserve.com/vast/ Frame C779 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.245.241.249 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-245-241-249.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e93d7c0e002dc1de88fdc23226c0c61e5cd2b5e672c5337d4b5d73b8db3a3717

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

Date
Tue, 26 Nov 2019 15:19:57 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
917
vpaid_855affef.js
vpaid.springserve.com/production/ Frame 128F 		420 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_855affef.js
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
AmazonS3 /
Resource Hash
8a41e097be4591fa4f13e6eea4fddaa0dabfb232193ce6885653f244f2dc7a3a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:57 GMT
content-encoding
gzip
last-modified
Fri, 22 Nov 2019 18:17:07 GMT
server
AmazonS3
x-amz-request-id
5AD82A02192E0B0E
etag
"b03e75f0c79cce2a5b914f3297f941d3"
x-hw
1574781597.dop123.fr8.t,1574781597.cds054.fr8.hc,1574781597.cds010.fr8.c
content-type
application/javascript
status
200
cache-control
max-age=2294854
accept-ranges
bytes
access-control-allow-origin
*
content-length
95929
x-amz-id-2
w7aOYBQiB1wbaziIFJipv3PYfz6eZFn23etM0yKArksBc48Q6cMciAzrDP2XXTobyJ/blkuhfMo=
oath-viewability-sdk.js
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 128F 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 03:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475197
status
200
content-length
7868
strict-transport-security
max-age=15552000
x-amz-request-id
316821272E7A90D7
x-amz-id-2
QiyDMbk2Iv868i8GdJwru1Y+Y6r6BEIAXzkIgAn2JbztekbUHjob6TxFAO7l9novcHEx19x9Jqs=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Jan 2018 04:39:44 GMT
server
ATS
etag
"f89c71522a28b573b7e8c681892779ce-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
accept-ranges
bytes
content-type
application/javascript
/
ima3vpaid.appspot.com/ Frame 128F 		1 KB
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ima3vpaid.appspot.com/?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781597878%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781597878&type=js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4b9881f6614ccb8b86af1d6af4882a4cb23cc577109c6ff9546ef934374a53cc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 26 Nov 2019 15:19:58 GMT
content-encoding
gzip
server
Google Frontend
status
200
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
x-cloud-trace-context
e167f8a69e74925f4adbb60e409abf1d
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
565
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame 3E27 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781597878%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781597878&type=js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
529c00446502c1e3f4c46ed903dcd0a20d3f10a1ca22c7b790d448e6d8cb6902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 20 Nov 2019 19:35:27 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14224
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:34:58 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 3E27 		273 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781597878%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781597878&type=js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94888
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:58 GMT
bridge3.353.0_en.html
imasdk.googleapis.com/js/core/ Frame AC2E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.353.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
196419
date
Fri, 22 Nov 2019 15:28:56 GMT
expires
Sat, 21 Nov 2020 15:28:56 GMT
last-modified
Wed, 20 Nov 2019 19:30:13 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
345062
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
client.js
s0.2mdn.net/instream/video/ Frame 3E27 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10523
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:58 GMT
integrator.js
adservice.google.com/adsid/ Frame 3E27 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
tracking.png
trk.connatix.com/ Frame C779 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:1285,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=093548ac7b91c7b378441574781598212&c_pl=SLEROxj0csrgRkI4F3oTnlWP1SIhNA9hK_I_5DK_ayqRfLH1XAK8CxdKD-dlFVRh9EjY8vbTtQeR84PgJwV429P7rAz2Y3Byj8oiy0bNRKUtjvKhHX8jh-0Ox8ohburUiMrwoHixGwC0qj8L0wCJ-ovlJ7gsaUnu313RrhbTWEyfSrg9ojFFphEaO-IpS4pFTA5IGdZRgYIs1aaBrSTroAhLLB35EEeO8pnLa3tdHEQ&c_v=1822_0_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-e&xplt=true&spp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.1.10 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-211-1-10.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 26 Nov 2019 15:19:58 GMT
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
0
bc2
bc-rtb-dub.springserve.com/ Frame 128F 		2 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc-rtb-dub.springserve.com/bc2?r=0e4930b6-0826-4b76-844d-28e28d3e5d4b-s.514171-d.528021-dc.73342&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.175.165 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-252-175-165.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Nov 2019 15:19:58 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
i
vid-io.springserve.com/vd/ Frame 128F 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io.springserve.com/vd/i?suuid=0e4930b6&ps_id=514171&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.219.23 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-200-219-23.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Tue, 26 Nov 2019 15:19:58 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
514171
vid.springserve.com/vast/ Frame C779 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.245.241.249 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-245-241-249.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4038fbbb669dd742a325f15d4a130b0a0dfd8d83440673b5ad0175aeb99d27ae

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

Date
Tue, 26 Nov 2019 15:19:58 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
916
vpaid_855affef.js
vpaid.springserve.com/production/ Frame 5A75 		420 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_855affef.js
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
AmazonS3 /
Resource Hash
8a41e097be4591fa4f13e6eea4fddaa0dabfb232193ce6885653f244f2dc7a3a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:58 GMT
content-encoding
gzip
last-modified
Fri, 22 Nov 2019 18:17:07 GMT
server
AmazonS3
x-amz-request-id
5AD82A02192E0B0E
etag
"b03e75f0c79cce2a5b914f3297f941d3"
x-hw
1574781598.dop123.fr8.t,1574781598.cds054.fr8.hc,1574781598.cds010.fr8.c
content-type
application/javascript
status
200
cache-control
max-age=2294853
accept-ranges
bytes
access-control-allow-origin
*
content-length
95929
x-amz-id-2
w7aOYBQiB1wbaziIFJipv3PYfz6eZFn23etM0yKArksBc48Q6cMciAzrDP2XXTobyJ/blkuhfMo=
oath-viewability-sdk.js
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 5A75 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 03:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475198
status
200
content-length
7868
strict-transport-security
max-age=15552000
x-amz-request-id
316821272E7A90D7
x-amz-id-2
QiyDMbk2Iv868i8GdJwru1Y+Y6r6BEIAXzkIgAn2JbztekbUHjob6TxFAO7l9novcHEx19x9Jqs=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Jan 2018 04:39:44 GMT
server
ATS
etag
"f89c71522a28b573b7e8c681892779ce-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
accept-ranges
bytes
content-type
application/javascript
/
ima3vpaid.appspot.com/ Frame 5A75 		1 KB
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ima3vpaid.appspot.com/?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781598512%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781598512&type=js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
48bc0aeba2405f90eb991e0e61540c0165e2a99e40dadd594aaad56bcb3bf9bc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 26 Nov 2019 15:19:58 GMT
content-encoding
gzip
server
Google Frontend
status
200
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
x-cloud-trace-context
d52b1a0caefc80c06c924fc9ef67935e
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
565
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame A91B 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781598512%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781598512&type=js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
529c00446502c1e3f4c46ed903dcd0a20d3f10a1ca22c7b790d448e6d8cb6902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 20 Nov 2019 19:35:27 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14224
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:34:58 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame A91B 		273 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781598512%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781598512&type=js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94888
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:58 GMT
bridge3.353.0_en.html
imasdk.googleapis.com/js/core/ Frame 39A2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.353.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
196419
date
Fri, 22 Nov 2019 15:28:56 GMT
expires
Sat, 21 Nov 2020 15:28:56 GMT
last-modified
Wed, 20 Nov 2019 19:30:13 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
345063
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
client.js
s0.2mdn.net/instream/video/ Frame A91B 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10523
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:58 GMT
integrator.js
adservice.google.com/adsid/ Frame A91B 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
event.png
tps20221.doubleverify.com/ Frame 0B78 		67 B
397 B 		Other
General
Check archive.org
Download Go to
Full URL
https://tps20221.doubleverify.com/event.png?impid=41dfe1bfc7864d2ca3ce3c87178024f0&msrcanlm=904&msrcannum=3&eoid=9&ismms=209&isumms=209&isvelg=1&nvr=2&isbxdms=3112&b0=3140&adhgt=90&adwdth=970&norwdth=970&norhgt=90&engisel=1&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1&lftb=3140&sftb=3140&msrdp=1&naral=640&vct=1&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=207&dvp_hdnAd=4000&dvp_dpr=1&dvp_ltspl=5197&dvp_esdtms=4012&cbust=1574781598999892
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements296.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.254.244.18 , Ireland, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:19:58 GMT
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Content-Type
image/png
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
67
Expires
11/25/2019 3:19:58 PM
bc2
bc-rtb-dub.springserve.com/ Frame 5A75 		2 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc-rtb-dub.springserve.com/bc2?r=1b8b718a-8a65-4877-ad8b-14a4d848ed6d-s.514171-d.528021-dc.73342&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.175.165 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-252-175-165.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Nov 2019 15:19:59 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
i
vid-io.springserve.com/vd/ Frame 5A75 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io.springserve.com/vd/i?suuid=1b8b718a&ps_id=514171&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.219.23 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-200-219-23.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Tue, 26 Nov 2019 15:19:59 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
514171
vid.springserve.com/vast/ Frame C779 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.245.241.249 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-245-241-249.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0e831a01c9f9d2ec878d197cefe82aaad1e748af4c0b852f4f19d4a0566c8ae4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

Date
Tue, 26 Nov 2019 15:19:59 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
922
vpaid_855affef.js
vpaid.springserve.com/production/ Frame F723 		420 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_855affef.js
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
AmazonS3 /
Resource Hash
8a41e097be4591fa4f13e6eea4fddaa0dabfb232193ce6885653f244f2dc7a3a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:59 GMT
content-encoding
gzip
last-modified
Fri, 22 Nov 2019 18:17:07 GMT
server
AmazonS3
x-amz-request-id
5AD82A02192E0B0E
etag
"b03e75f0c79cce2a5b914f3297f941d3"
x-hw
1574781599.dop123.fr8.t,1574781599.cds054.fr8.hc,1574781599.cds010.fr8.c
content-type
application/javascript
status
200
cache-control
max-age=2294852
accept-ranges
bytes
access-control-allow-origin
*
content-length
95929
x-amz-id-2
w7aOYBQiB1wbaziIFJipv3PYfz6eZFn23etM0yKArksBc48Q6cMciAzrDP2XXTobyJ/blkuhfMo=
oath-viewability-sdk.js
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame F723 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 03:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475199
status
200
content-length
7868
strict-transport-security
max-age=15552000
x-amz-request-id
316821272E7A90D7
x-amz-id-2
QiyDMbk2Iv868i8GdJwru1Y+Y6r6BEIAXzkIgAn2JbztekbUHjob6TxFAO7l9novcHEx19x9Jqs=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Jan 2018 04:39:44 GMT
server
ATS
etag
"f89c71522a28b573b7e8c681892779ce-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
accept-ranges
bytes
content-type
application/javascript
/
ima3vpaid.appspot.com/ Frame F723 		1 KB
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ima3vpaid.appspot.com/?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781599404%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781599404&type=js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
b3c3cececefdb390f95516a00c97c5beb3ec18f153e72e6b4a39100b0406cf1b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 26 Nov 2019 15:19:59 GMT
content-encoding
gzip
server
Google Frontend
status
200
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
x-cloud-trace-context
74d1b033d92a4fbe179f14c10a9d3ac1
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
565
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame E0F8 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781599404%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781599404&type=js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
529c00446502c1e3f4c46ed903dcd0a20d3f10a1ca22c7b790d448e6d8cb6902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 20 Nov 2019 19:35:27 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14224
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:34:59 GMT
/
track.adform.net/serving/unload/ Frame EAF6 		35 B
430 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=-4415780301758472885@@32050304,7253687148270650349,0|0|0|0|0|0|0|0|0||0|0|31|85c0a91679f7e1b5ad09b1b6245a13b2eeeece26_1|||1|0|0|-RuJh6ageGDtM-qxezg3lTifZiyUxSvbY6ixth2LPSG03_m_NalikgDCyA2L_VipmVKB6saG2-41|||11|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:19:59 GMT
server
nginx
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame E0F8 		273 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781599404%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781599404&type=js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:19:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94888
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:19:59 GMT
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame FCAC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.17 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-17.deploy.static.akamaitechnologies.com
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Server
nginx/1.9.13
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Wed, 25 Nov 2020 15:19:59 GMT
Date
Tue, 26 Nov 2019 15:19:59 GMT
Connection
keep-alive
Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 917F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.32 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-32.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

Last-Modified
Tue, 12 Nov 2019 06:59:02 GMT
ETag
"13006b6-97cd-59720c88c16d1"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
Set-Cookie
KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14515
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=21635
Expires
Tue, 26 Nov 2019 21:20:34 GMT
Date
Tue, 26 Nov 2019 15:19:59 GMT
Connection
keep-alive
Vary
Accept-Encoding
iframe
mantodea.mantisadnetwork.com/prebid/ Frame 4748 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-60&buster=1574781593750&secure=true&version=9&mobile=false&uuid=393ecb8b-ee41-42d4-a9ba-33fdc65f8e5a&title=Silly%20Phishing%20Spotlight%3A%20Login%20to%20Unblock%20Microsoft%20Excel&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.165.42 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-72-165-42.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

:method
GET
:authority
mantodea.mantisadnetwork.com
:scheme
https
:path
/prebid/iframe?tz=-60&buster=1574781593750&secure=true&version=9&mobile=false&uuid=393ecb8b-ee41-42d4-a9ba-33fdc65f8e5a&title=Silly%20Phishing%20Spotlight%3A%20Login%20to%20Unblock%20Microsoft%20Excel&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
date
Tue, 26 Nov 2019 15:19:59 GMT
content-type
text/html; charset=utf-8
content-length
332
x-powered-by
Express
vary
Origin
access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
etag
"-816291178"
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 8FBC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.17 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-17.deploy.static.akamaitechnologies.com
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Server
nginx/1.9.13
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Wed, 25 Nov 2020 15:19:59 GMT
Date
Tue, 26 Nov 2019 15:19:59 GMT
Connection
keep-alive
Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 60F7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.32 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-32.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

Last-Modified
Tue, 12 Nov 2019 06:59:02 GMT
ETag
"13006b6-97cd-59720c88c16d1"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
Set-Cookie
KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14515
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=21635
Expires
Tue, 26 Nov 2019 21:20:34 GMT
Date
Tue, 26 Nov 2019 15:19:59 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 6C9F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.17 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-17.deploy.static.akamaitechnologies.com
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Server
nginx/1.9.13
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Wed, 25 Nov 2020 15:19:59 GMT
Date
Tue, 26 Nov 2019 15:19:59 GMT
Connection
keep-alive
connectmyusers.php
cdn.connectad.io/ Frame 6C36 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:9274 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
date
Tue, 26 Nov 2019 15:19:59 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d3229194e04a5cdbf9df1488157722f241574781599; expires=Thu, 26-Dec-19 15:19:59 GMT; path=/; domain=.connectad.io; HttpOnly
cache-control
max-age=28800
cf-cache-status
HIT
age
4334
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
53bcd806ad635976-VIE
content-encoding
gzip
iframe
mantodea.mantisadnetwork.com/prebid/ Frame A846 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-60&buster=1574781593286&secure=true&version=9&mobile=false&uuid=393ecb8b-ee41-42d4-a9ba-33fdc65f8e5a&title=Silly%20Phishing%20Spotlight%3A%20Login%20to%20Unblock%20Microsoft%20Excel&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.165.42 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-72-165-42.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

:method
GET
:authority
mantodea.mantisadnetwork.com
:scheme
https
:path
/prebid/iframe?tz=-60&buster=1574781593286&secure=true&version=9&mobile=false&uuid=393ecb8b-ee41-42d4-a9ba-33fdc65f8e5a&title=Silly%20Phishing%20Spotlight%3A%20Login%20to%20Unblock%20Microsoft%20Excel&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
date
Tue, 26 Nov 2019 15:19:59 GMT
content-type
text/html; charset=utf-8
content-length
332
x-powered-by
Express
vary
Origin
access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
etag
"-816291178"
sync
eb2.3lift.com/ Frame 92B5
Redirect Chain
  • https://ib.3lift.com/sync?
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.62.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-194-62-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
cookie
tluid=17388790808339462647
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
date
Tue, 26 Nov 2019 15:19:59 GMT
content-type
text/html; charset=utf-8
content-length
516
set-cookie
sync=CgoI4gEQjoGxwuotCgoI5gEQjoGxwuotCgkICRCOgbHC6i0KCgipARCOgbHC6i0KCQg5EI6BscLqLQoJCDoQjoGxwuotCgkICxCOgbHC6i0KCgjOARCOgbHC6i0KCgiOARCOgbHC6i0KCQgfEI6BscLqLQ==; Max-Age=7776000; Expires=Mon, 24 Feb 2020 15:19:59 GMT; Path=/sync; Domain=.3lift.com tluid=17388790808339462647; Max-Age=7776000; Expires=Mon, 24 Feb 2020 15:19:59 GMT; Path=/; Domain=.3lift.com
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

status
302
date
Tue, 26 Nov 2019 15:19:59 GMT
content-length
0
set-cookie
tluid=17388790808339462647; Max-Age=7776000; Expires=Mon, 24 Feb 2020 15:19:59 GMT; Path=/; Domain=.3lift.com
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame F7BB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.17 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-17.deploy.static.akamaitechnologies.com
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Server
nginx/1.9.13
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Wed, 25 Nov 2020 15:19:59 GMT
Date
Tue, 26 Nov 2019 15:19:59 GMT
Connection
keep-alive
Cookie set check.html
biddr.brealtime.com/ Frame E2ED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

Date
Tue, 26 Nov 2019 15:19:59 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d843c9aec30d88e0658046390b340fef21574781599; expires=Thu, 26-Dec-19 15:19:59 GMT; path=/; domain=.brealtime.com; HttpOnly
x-amz-id-2
+i8PioR06DTXMjXZ4PV4MKhmtlG+ZYMi6U6gYzo+4TXr/ACDMK2pBRhK611jbDVa9PGZSNAXUvc=
x-amz-request-id
EE4C1A3D47967E3E
x-amz-meta-origin-date-iso8601
2019-05-30T19:14:20.000Z
Last-Modified
Thu, 30 May 2019 19:21:30 GMT
Cache-Control
max-age=60
CF-Cache-Status
HIT
Age
3992
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
53bcd8071accd709-FRA
Content-Encoding
gzip
iframe
mantodea.mantisadnetwork.com/prebid/ Frame DA90 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-60&buster=1574781593858&secure=true&version=9&mobile=false&uuid=393ecb8b-ee41-42d4-a9ba-33fdc65f8e5a&title=Silly%20Phishing%20Spotlight%3A%20Login%20to%20Unblock%20Microsoft%20Excel&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.165.42 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-72-165-42.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

:method
GET
:authority
mantodea.mantisadnetwork.com
:scheme
https
:path
/prebid/iframe?tz=-60&buster=1574781593858&secure=true&version=9&mobile=false&uuid=393ecb8b-ee41-42d4-a9ba-33fdc65f8e5a&title=Silly%20Phishing%20Spotlight%3A%20Login%20to%20Unblock%20Microsoft%20Excel&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
date
Tue, 26 Nov 2019 15:19:59 GMT
content-type
text/html; charset=utf-8
content-length
332
x-powered-by
Express
vary
Origin
access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
etag
"-816291178"
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 5404 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.17 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-17.deploy.static.akamaitechnologies.com
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Server
nginx/1.9.13
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Wed, 25 Nov 2020 15:19:59 GMT
Date
Tue, 26 Nov 2019 15:19:59 GMT
Connection
keep-alive
connectmyusers.php
cdn.connectad.io/ Frame 7FC9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:9274 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
cookie
__cfduid=d3229194e04a5cdbf9df1488157722f241574781599
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
date
Tue, 26 Nov 2019 15:19:59 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=28800
cf-cache-status
HIT
age
4334
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
53bcd8076df45976-VIE
content-encoding
gzip
index.html
cdn.districtm.io/ids/ Frame 41AE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
date
Tue, 26 Nov 2019 15:20:00 GMT
content-type
text/html
set-cookie
__cfduid=d00d33652ce207098b94acddefb42e6b21574781599; expires=Thu, 26-Dec-19 15:19:59 GMT; path=/; domain=.districtm.io; HttpOnly
cf-ray
53bcd807b942c295-FRA
cf-cache-status
DYNAMIC
cache-control
s-maxage=1209600, max-age=14400
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
content-encoding
br
sync
eb2.3lift.com/ Frame A4DD
Redirect Chain
  • https://ib.3lift.com/sync?
  • https://eb2.3lift.com/sync?
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.62.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-194-62-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
cookie
sync=CgoI4gEQjoGxwuotCgoI5gEQjoGxwuotCgkICRCOgbHC6i0KCgipARCOgbHC6i0KCQg5EI6BscLqLQoJCDoQjoGxwuotCgkICxCOgbHC6i0KCgjOARCOgbHC6i0KCgiOARCOgbHC6i0KCQgfEI6BscLqLQ==; tluid=17388790808339462647
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
date
Tue, 26 Nov 2019 15:19:59 GMT
content-type
text/html; charset=utf-8
content-length
459
set-cookie
sync=CgoIoQEQ2IGxwuotCgoI4gEQjoGxwuotCgoI4wEQ2IGxwuotCgoI5gEQjoGxwuotCgkICRCOgbHC6i0KCgipARCOgbHC6i0KCQgLEI6BscLqLQoKCM4BEI6BscLqLQoKCI4BEI6BscLqLQoJCHMQ2IGxwuotCgoI1gEQ2IGxwuotCgkIORCOgbHC6i0KCQg6EI6BscLqLQoJCBsQ2IGxwuotCgoIvQEQ2IGxwuotCgoI3gEQ2IGxwuotCgkIHxCOgbHC6i0KCQhfENiBscLqLQoKCP8BENiBscLqLQoJCD8Q2IGxwuot; Max-Age=7776000; Expires=Mon, 24 Feb 2020 15:19:59 GMT; Path=/sync; Domain=.3lift.com tluid=17388790808339462647; Max-Age=7776000; Expires=Mon, 24 Feb 2020 15:19:59 GMT; Path=/; Domain=.3lift.com
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

Content-Length
0
Connection
keep-alive
Cache-Control
public, max-age=900
Date
Tue, 26 Nov 2019 15:09:53 GMT
Last-Modified
Tue, 26 Nov 2019 15:09:53 GMT
Location
https://eb2.3lift.com/sync?
X-Rev
6432f44
X-Served-By
impression-bus2.us_east.prod
X-Cache
Hit from cloudfront
Via
1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
wfGEgSXOM6w5k_TMBlHUB7PaDjMM_CYRoghvcxDhQpPIXXiASv2gdg==
Age
605
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame CFB9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.17 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-17.deploy.static.akamaitechnologies.com
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Server
nginx/1.9.13
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Wed, 25 Nov 2020 15:19:59 GMT
Date
Tue, 26 Nov 2019 15:19:59 GMT
Connection
keep-alive
check.html
biddr.brealtime.com/ Frame 6F41 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Accept-Encoding
gzip, deflate, br
Cookie
__cfduid=d843c9aec30d88e0658046390b340fef21574781599
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

Date
Tue, 26 Nov 2019 15:19:59 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
+i8PioR06DTXMjXZ4PV4MKhmtlG+ZYMi6U6gYzo+4TXr/ACDMK2pBRhK611jbDVa9PGZSNAXUvc=
x-amz-request-id
EE4C1A3D47967E3E
x-amz-meta-origin-date-iso8601
2019-05-30T19:14:20.000Z
Last-Modified
Thu, 30 May 2019 19:21:30 GMT
Cache-Control
max-age=60
CF-Cache-Status
HIT
Age
3992
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
53bcd807fdc6d709-FRA
Content-Encoding
gzip
sync
eb2.3lift.com/ Frame B898
Redirect Chain
  • https://ib.3lift.com/sync?
  • https://eb2.3lift.com/sync?
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.62.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-194-62-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
cookie
sync=CgoIoQEQ2IGxwuotCgoI4gEQjoGxwuotCgoI4wEQ2IGxwuotCgoI5gEQjoGxwuotCgkICRCOgbHC6i0KCgipARCOgbHC6i0KCQgLEI6BscLqLQoKCM4BEI6BscLqLQoKCI4BEI6BscLqLQoJCHMQ2IGxwuotCgoI1gEQ2IGxwuotCgkIORCOgbHC6i0KCQg6EI6BscLqLQoJCBsQ2IGxwuotCgoIvQEQ2IGxwuotCgoI3gEQ2IGxwuotCgkIHxCOgbHC6i0KCQhfENiBscLqLQoKCP8BENiBscLqLQoJCD8Q2IGxwuot; tluid=17388790808339462647
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
date
Tue, 26 Nov 2019 15:20:00 GMT
content-type
text/html; charset=utf-8
content-length
570
set-cookie
sync=CgoIgAIQxISxwuotCgoIwgEQxISxwuotCgkICRCOgbHC6i0KCQgLEI6BscLqLQoKCM4BEI6BscLqLQoKCI4BEI6BscLqLQoJCA4QxISxwuotCgkIFBDEhLHC6i0KCgjWARDYgbHC6i0KCgiaARDEhLHC6i0KCQgaEMSEscLqLQoJCBsQ2IGxwuotCgoI3gEQ2IGxwuotCgkIHxCOgbHC6i0KCQhfENiBscLqLQoKCN8BEMSEscLqLQoKCKEBENiBscLqLQoKCOIBEI6BscLqLQoKCOMBENiBscLqLQoKCOYBEI6BscLqLQoKCKkBEI6BscLqLQoJCHMQ2IGxwuotCgkIORCOgbHC6i0KCQg6EI6BscLqLQoKCPsBEMSEscLqLQoKCPwBEMSEscLqLQoKCL0BENiBscLqLQoKCP4BEMSEscLqLQoKCP8BENiBscLqLQoJCD8Q2IGxwuot; Max-Age=7776000; Expires=Mon, 24 Feb 2020 15:20:00 GMT; Path=/sync; Domain=.3lift.com tluid=17388790808339462647; Max-Age=7776000; Expires=Mon, 24 Feb 2020 15:20:00 GMT; Path=/; Domain=.3lift.com
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

Content-Length
0
Connection
keep-alive
Cache-Control
public, max-age=900
Date
Tue, 26 Nov 2019 15:09:53 GMT
Last-Modified
Tue, 26 Nov 2019 15:09:53 GMT
Location
https://eb2.3lift.com/sync?
X-Rev
6432f44
X-Served-By
impression-bus2.us_east.prod
X-Cache
Hit from cloudfront
Via
1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
85aL1vQNC2rQAe2Vn71bEBV9o9TXgMGBeLBaAYJ8XwsZ5W29mt_QGA==
Age
606
Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 8619 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.32 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-32.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Accept-Encoding
gzip, deflate, br
Cookie
KTPCACOOKIE=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

Last-Modified
Tue, 12 Nov 2019 06:59:02 GMT
ETag
"13006b6-97cd-59720c88c16d1"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
Set-Cookie
KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14515
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=21634
Expires
Tue, 26 Nov 2019 21:20:34 GMT
Date
Tue, 26 Nov 2019 15:20:00 GMT
Connection
keep-alive
Vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame 806E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
cookie
__cfduid=d00d33652ce207098b94acddefb42e6b21574781599
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
date
Tue, 26 Nov 2019 15:20:00 GMT
content-type
text/html
cf-ray
53bcd8094da9c295-FRA
cf-cache-status
DYNAMIC
cache-control
s-maxage=1209600, max-age=14400
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
content-encoding
br
usync.html
eus.rubiconproject.com/ Frame 492E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-55-184.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 14 Nov 2019 18:59:50 GMT
Content-Encoding
gzip
Content-Length
7459
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=26369
Expires
Tue, 26 Nov 2019 22:39:29 GMT
Date
Tue, 26 Nov 2019 15:20:00 GMT
Connection
keep-alive
Vary
Accept-Encoding
iframe
mantodea.mantisadnetwork.com/prebid/ Frame 2C02 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-60&buster=1574781593993&secure=true&version=9&mobile=false&uuid=393ecb8b-ee41-42d4-a9ba-33fdc65f8e5a&title=Silly%20Phishing%20Spotlight%3A%20Login%20to%20Unblock%20Microsoft%20Excel&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.165.42 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-72-165-42.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

:method
GET
:authority
mantodea.mantisadnetwork.com
:scheme
https
:path
/prebid/iframe?tz=-60&buster=1574781593993&secure=true&version=9&mobile=false&uuid=393ecb8b-ee41-42d4-a9ba-33fdc65f8e5a&title=Silly%20Phishing%20Spotlight%3A%20Login%20to%20Unblock%20Microsoft%20Excel&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-excel%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
date
Tue, 26 Nov 2019 15:20:00 GMT
content-type
text/html; charset=utf-8
content-length
332
x-powered-by
Express
vary
Origin
access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
etag
"-816291178"
connectmyusers.php
cdn.connectad.io/ Frame 6C2B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:9274 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
cookie
__cfduid=d3229194e04a5cdbf9df1488157722f241574781599
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
date
Tue, 26 Nov 2019 15:20:00 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=28800
cf-cache-status
HIT
age
4335
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
53bcd8095f155976-VIE
content-encoding
gzip
index.html
cdn.districtm.io/ids/ Frame DCEC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
cookie
__cfduid=d00d33652ce207098b94acddefb42e6b21574781599
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
date
Tue, 26 Nov 2019 15:20:00 GMT
content-type
text/html
cf-ray
53bcd8095dccc295-FRA
cf-cache-status
DYNAMIC
cache-control
s-maxage=1209600, max-age=14400
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
content-encoding
br
pd
eu-u.openx.net/w/1.0/ Frame B2CE
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
0
0
index.html
cdn.districtm.io/ids/ Frame B4F3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
cookie
__cfduid=d00d33652ce207098b94acddefb42e6b21574781599
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
date
Tue, 26 Nov 2019 15:20:00 GMT
content-type
text/html
cf-ray
53bcd8095dddc295-FRA
cf-cache-status
DYNAMIC
cache-control
s-maxage=1209600, max-age=14400
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
content-encoding
br
Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 543A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.32 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-32.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Accept-Encoding
gzip, deflate, br
Cookie
KTPCACOOKIE=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

Last-Modified
Tue, 12 Nov 2019 06:59:02 GMT
ETag
"13006b6-97cd-59720c88c16d1"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
Set-Cookie
KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14515
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=21634
Expires
Tue, 26 Nov 2019 21:20:34 GMT
Date
Tue, 26 Nov 2019 15:20:00 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame D3DD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.17 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-17.deploy.static.akamaitechnologies.com
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Server
nginx/1.9.13
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Wed, 25 Nov 2020 15:20:00 GMT
Date
Tue, 26 Nov 2019 15:20:00 GMT
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame 0559
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
cookie
i=086a9db4-2e38-08ee-12b6-b94a9a644905|1574781600; pd=v2|1574781600|mOsLgqgikin0fcmWiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
vary
Accept
set-cookie
i=086a9db4-2e38-08ee-12b6-b94a9a644905|1574781600; Version=1; Expires=Wed, 25-Nov-2020 15:20:00 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1574781600|rskimWfcvmsHqGgqmuiynIsLomgemOgunsn0oagi; Version=1; Expires=Wed, 11-Dec-2019 15:20:00 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.167.2
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2019 15:20:00 GMT
content-type
text/html
content-length
825
via
1.1 google
alt-svc
clear

Redirect headers

status
302
set-cookie
i=34a0218d-2f1b-0ee2-2ca4-06a79edcdbad|1574781600; Version=1; Expires=Wed, 25-Nov-2020 15:20:00 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server
OXGW/16.167.2
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
date
Tue, 26 Nov 2019 15:20:00 GMT
content-length
0
via
1.1 google
alt-svc
clear
pd
eu-u.openx.net/w/1.0/ Frame 5494
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
cookie
i=086a9db4-2e38-08ee-12b6-b94a9a644905|1574781600; pd=v2|1574781600|mOsLgqgikin0fcmWiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
vary
Accept
set-cookie
i=086a9db4-2e38-08ee-12b6-b94a9a644905|1574781600; Version=1; Expires=Wed, 25-Nov-2020 15:20:00 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1574781600|rskimWfcvmsHqGgqmuiynIsLomgemOgunsn0oagi; Version=1; Expires=Wed, 11-Dec-2019 15:20:00 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.167.2
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2019 15:20:00 GMT
content-type
text/html
content-length
825
via
1.1 google
alt-svc
clear

Redirect headers

status
302
set-cookie
i=086a9db4-2e38-08ee-12b6-b94a9a644905|1574781600; Version=1; Expires=Wed, 25-Nov-2020 15:20:00 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server
OXGW/16.167.2
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
date
Tue, 26 Nov 2019 15:20:00 GMT
content-length
0
via
1.1 google
alt-svc
clear
connectmyusers.php
cdn.connectad.io/ Frame 85C8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:9274 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.connectad.io
:scheme
https
:path
/connectmyusers.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
cookie
__cfduid=d3229194e04a5cdbf9df1488157722f241574781599
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
date
Tue, 26 Nov 2019 15:20:00 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=28800
cf-cache-status
HIT
age
4335
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
53bcd8097f245976-VIE
content-encoding
gzip
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 8ACD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.225.17 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a72-247-225-17.deploy.static.akamaitechnologies.com
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Server
nginx/1.9.13
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Wed, 25 Nov 2020 15:20:00 GMT
Date
Tue, 26 Nov 2019 15:20:00 GMT
Connection
keep-alive
pd
eu-u.openx.net/w/1.0/ Frame 3BCB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.167.2 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
cookie
i=086a9db4-2e38-08ee-12b6-b94a9a644905|1574781600
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
vary
Accept
set-cookie
i=086a9db4-2e38-08ee-12b6-b94a9a644905|1574781600; Version=1; Expires=Wed, 25-Nov-2020 15:20:00 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1574781600|mOsLgqgikin0fcmWiygu; Version=1; Expires=Wed, 11-Dec-2019 15:20:00 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server
OXGW/16.167.2
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 26 Nov 2019 15:20:00 GMT
content-type
text/html
content-length
862
via
1.1 google
alt-svc
clear
sync
eb2.3lift.com/ Frame 2B34
Redirect Chain
  • https://ib.3lift.com/sync?
  • https://eb2.3lift.com/sync?
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-2.36.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.62.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-194-62-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
cookie
sync=CgoIoQEQ2IGxwuotCgoI4gEQjoGxwuotCgoI4wEQ2IGxwuotCgoI5gEQjoGxwuotCgkICRCOgbHC6i0KCgipARCOgbHC6i0KCQgLEI6BscLqLQoKCM4BEI6BscLqLQoKCI4BEI6BscLqLQoJCHMQ2IGxwuotCgoI1gEQ2IGxwuotCgkIORCOgbHC6i0KCQg6EI6BscLqLQoJCBsQ2IGxwuotCgoIvQEQ2IGxwuotCgoI3gEQ2IGxwuotCgkIHxCOgbHC6i0KCQhfENiBscLqLQoKCP8BENiBscLqLQoJCD8Q2IGxwuot; tluid=17388790808339462647
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
date
Tue, 26 Nov 2019 15:20:00 GMT
content-type
text/html; charset=utf-8
content-length
570
set-cookie
sync=CgoIgAIQ5YSxwuotCgoIwgEQ5YSxwuotCgkICRCOgbHC6i0KCQgLEI6BscLqLQoKCM4BEI6BscLqLQoKCI4BEI6BscLqLQoJCA4Q5YSxwuotCgkIFBDlhLHC6i0KCgjWARDYgbHC6i0KCgiaARDlhLHC6i0KCQgaEOWEscLqLQoJCBsQ2IGxwuotCgoI3gEQ2IGxwuotCgkIHxCOgbHC6i0KCQhfENiBscLqLQoKCN8BEOWEscLqLQoKCKEBENiBscLqLQoKCOIBEI6BscLqLQoKCOMBENiBscLqLQoKCOYBEI6BscLqLQoKCKkBEI6BscLqLQoJCHMQ2IGxwuotCgkIORCOgbHC6i0KCQg6EI6BscLqLQoKCPsBEOWEscLqLQoKCPwBEOWEscLqLQoKCL0BENiBscLqLQoKCP4BEOWEscLqLQoKCP8BENiBscLqLQoJCD8Q2IGxwuot; Max-Age=7776000; Expires=Mon, 24 Feb 2020 15:20:00 GMT; Path=/sync; Domain=.3lift.com tluid=17388790808339462647; Max-Age=7776000; Expires=Mon, 24 Feb 2020 15:20:00 GMT; Path=/; Domain=.3lift.com
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

Content-Length
0
Connection
keep-alive
Cache-Control
public, max-age=900
Date
Tue, 26 Nov 2019 15:09:53 GMT
Last-Modified
Tue, 26 Nov 2019 15:09:53 GMT
Location
https://eb2.3lift.com/sync?
X-Rev
6432f44
X-Served-By
impression-bus2.us_east.prod
X-Cache
Hit from cloudfront
Via
1.1 e5b747ffd1713cb17ddd7d55234a3301.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
3TIOQsNrFycasx-2fWET09ZvmMvSD5RLDM8wZGCOdQaCLmOvAReZqw==
Age
606
sync
pixel.advertising.com/ups/56465/ 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.98.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-98-228.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Tue, 26 Nov 2019 15:20:00 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
aol-match.dotomi.com/match/bounce/ 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1A32240a0c-1060-11ea-9ded-12dbe8ba47fa&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1430 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Tue, 26 Nov 2019 15:20:00 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.102.50 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-48-102-50.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:20:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
200
cache-control
private,no-cache, must-revalidate
content-type
image/gif
content-length
70
sync
pixel.advertising.com/ups/55965/
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
  • https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&gdpr_consent=&uid=alS0h2sCsdNyAejRawP9hTwJ49ByBeDaalP5bxrk
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&gdpr_consent=&uid=alS0h2sCsdNyAejRawP9hTwJ49ByBeDaalP5bxrk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.98.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-98-228.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Tue, 26 Nov 2019 15:20:00 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Pragma
no-cache
Date
Tue, 26 Nov 2019 15:20:00 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Location
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&gdpr_consent=&uid=alS0h2sCsdNyAejRawP9hTwJ49ByBeDaalP5bxrk
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 04 Aug 1978 12:00:00 GMT
bridge3.353.0_en.html
imasdk.googleapis.com/js/core/ Frame 8173 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.353.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
196419
date
Fri, 22 Nov 2019 15:28:56 GMT
expires
Sat, 21 Nov 2020 15:28:56 GMT
last-modified
Wed, 20 Nov 2019 19:30:13 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
345064
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
client.js
s0.2mdn.net/instream/video/ Frame E0F8 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10523
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:20:00 GMT
integrator.js
adservice.google.com/adsid/ Frame E0F8 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
i
vid-io.springserve.com/vd/ Frame F723 		0
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io.springserve.com/vd/i?suuid=57371591&ps_id=514171&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.219.23 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-200-219-23.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Tue, 26 Nov 2019 15:20:01 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
514171
vid.springserve.com/vast/ Frame C779 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.245.241.249 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-245-241-249.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
935a2df0388ae7226ffe9f5c22097de90c3752c6db85d366389e1a01f3b91bde

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

Date
Tue, 26 Nov 2019 15:20:01 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
910
tracking.png
trk.connatix.com/ Frame C779 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:1635,c_mt:%22application%2Fjavascript%22,c_rs:%221%22},{id:15447,c_wt:844,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:580,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=bd15e06c46a2e62e044e1574781601258&c_pl=SLEROxj0csrgRkI4F3oTnlWP1SIhNA9hK_I_5DK_ayqRfLH1XAK8CxdKD-dlFVRh9EjY8vbTtQeR84PgJwV429P7rAz2Y3Byj8oiy0bNRKUtjvKhHX8jh-0Ox8ohburUiMrwoHixGwC0qj8L0wCJ-ovlJ7gsaUnu313RrhbTWEyfSrg9ojFFphEaO-IpS4pFTA5IGdZRgYIs1aaBrSTroAhLLB35EEeO8pnLa3tdHEQ&c_v=1822_0_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsilly-phishing-spotlight-login-to-unblock-microsoft-e&xplt=true&spp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.1.10 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-211-1-10.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 26 Nov 2019 15:20:01 GMT
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
0
vpaid_855affef.js
vpaid.springserve.com/production/ Frame B0E3 		420 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_855affef.js
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
AmazonS3 /
Resource Hash
8a41e097be4591fa4f13e6eea4fddaa0dabfb232193ce6885653f244f2dc7a3a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:20:01 GMT
content-encoding
gzip
last-modified
Fri, 22 Nov 2019 18:17:07 GMT
server
AmazonS3
x-amz-request-id
5AD82A02192E0B0E
etag
"b03e75f0c79cce2a5b914f3297f941d3"
x-hw
1574781601.dop123.fr8.t,1574781601.cds054.fr8.hc,1574781601.cds010.fr8.c
content-type
application/javascript
status
200
cache-control
max-age=2294850
accept-ranges
bytes
access-control-allow-origin
*
content-length
95929
x-amz-id-2
w7aOYBQiB1wbaziIFJipv3PYfz6eZFn23etM0yKArksBc48Q6cMciAzrDP2XXTobyJ/blkuhfMo=
oath-viewability-sdk.js
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame B0E3 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 03:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475201
status
200
content-length
7868
strict-transport-security
max-age=15552000
x-amz-request-id
316821272E7A90D7
x-amz-id-2
QiyDMbk2Iv868i8GdJwru1Y+Y6r6BEIAXzkIgAn2JbztekbUHjob6TxFAO7l9novcHEx19x9Jqs=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Jan 2018 04:39:44 GMT
server
ATS
etag
"f89c71522a28b573b7e8c681892779ce-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
accept-ranges
bytes
content-type
application/javascript
/
ima3vpaid.appspot.com/ Frame B0E3 		1 KB
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ima3vpaid.appspot.com/?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781601304%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781601304&type=js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
b7a694e249a645129d52996e2822e6472ad5919b474964895dd33b25c0c62d59

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 26 Nov 2019 15:20:01 GMT
content-encoding
gzip
server
Google Frontend
status
200
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
x-cloud-trace-context
2ad8da8bfbeed89e529c08fd0d475846
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
565
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame 5A3C 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781601304%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781601304&type=js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
529c00446502c1e3f4c46ed903dcd0a20d3f10a1ca22c7b790d448e6d8cb6902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 20 Nov 2019 19:35:27 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14224
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:35:02 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 5A3C 		273 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781601304%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781601304&type=js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94888
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:20:02 GMT
bridge3.353.0_en.html
imasdk.googleapis.com/js/core/ Frame C5D8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.353.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
196419
date
Fri, 22 Nov 2019 15:28:56 GMT
expires
Sat, 21 Nov 2020 15:28:56 GMT
last-modified
Wed, 20 Nov 2019 19:30:13 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
345066
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
client.js
s0.2mdn.net/instream/video/ Frame 5A3C 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10523
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:20:02 GMT
integrator.js
adservice.google.com/adsid/ Frame 5A3C 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
dc_oe=ChMIopCuzJaI5gIV8sW7CB3J4Q8uEAAYACD-jf46QhMIsa_Py5aI5gIV1bVRCh3ZSQHz;met=1;&timestamp=1574781602467;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=6;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
ade.googlesyndication.com/ddm/activity/ Frame F682 		42 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIopCuzJaI5gIV8sW7CB3J4Q8uEAAYACD-jf46QhMIsa_Py5aI5gIV1bVRCh3ZSQHz;met=1;&timestamp=1574781602467;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=6;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Nov 2019 15:20:02 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bc2
bc-rtb-dub.springserve.com/ Frame B0E3 		2 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc-rtb-dub.springserve.com/bc2?r=f193f3dd-2bbe-4cf2-bef4-de524822a3e7-s.514171-d.528021-dc.73342&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.175.165 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-252-175-165.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Nov 2019 15:20:02 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
i
vid-io.springserve.com/vd/ Frame B0E3 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io.springserve.com/vd/i?suuid=f193f3dd&ps_id=514171&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.219.23 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-200-219-23.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Tue, 26 Nov 2019 15:20:03 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
i
vid-io.springserve.com/vd/ Frame B0E3 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io.springserve.com/vd/i?suuid=f193f3dd&ps_id=514171&batch=2
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.219.23 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-200-219-23.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Tue, 26 Nov 2019 15:20:03 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
514171
vid.springserve.com/vast/ Frame C779 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.245.241.249 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-245-241-249.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
da3c5fc5e59d2a359058a9cd16950020a8e18d6026a404ad480255c5e6d7fa23

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

Date
Tue, 26 Nov 2019 15:20:03 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
913
vpaid_855affef.js
vpaid.springserve.com/production/ Frame 543C 		420 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_855affef.js
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
AmazonS3 /
Resource Hash
8a41e097be4591fa4f13e6eea4fddaa0dabfb232193ce6885653f244f2dc7a3a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:20:03 GMT
content-encoding
gzip
last-modified
Fri, 22 Nov 2019 18:17:07 GMT
server
AmazonS3
x-amz-request-id
5AD82A02192E0B0E
etag
"b03e75f0c79cce2a5b914f3297f941d3"
x-hw
1574781603.dop123.fr8.t,1574781603.cds054.fr8.hc,1574781603.cds010.fr8.c
content-type
application/javascript
status
200
cache-control
max-age=2294848
accept-ranges
bytes
access-control-allow-origin
*
content-length
95929
x-amz-id-2
w7aOYBQiB1wbaziIFJipv3PYfz6eZFn23etM0yKArksBc48Q6cMciAzrDP2XXTobyJ/blkuhfMo=
oath-viewability-sdk.js
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 543C 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 03:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475203
status
200
content-length
7868
strict-transport-security
max-age=15552000
x-amz-request-id
316821272E7A90D7
x-amz-id-2
QiyDMbk2Iv868i8GdJwru1Y+Y6r6BEIAXzkIgAn2JbztekbUHjob6TxFAO7l9novcHEx19x9Jqs=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Jan 2018 04:39:44 GMT
server
ATS
etag
"f89c71522a28b573b7e8c681892779ce-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
accept-ranges
bytes
content-type
application/javascript
/
ima3vpaid.appspot.com/ Frame 543C 		1 KB
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ima3vpaid.appspot.com/?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781603025%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781603025&type=js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
90542e08ac58d029d95bb00fd38b92f3a7702584562892f7427ccc3f3d97a3ae

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 26 Nov 2019 15:20:03 GMT
content-encoding
gzip
server
Google Frontend
status
200
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
x-cloud-trace-context
7352eaab1c1ad1171eaa3175be0ff274
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
565
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame 58AE 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781603025%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781603025&type=js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
529c00446502c1e3f4c46ed903dcd0a20d3f10a1ca22c7b790d448e6d8cb6902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 20 Nov 2019 19:35:27 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14224
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:35:03 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 58AE 		273 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781603025%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781603025&type=js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94888
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:20:03 GMT
bridge3.353.0_en.html
imasdk.googleapis.com/js/core/ Frame FA0C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.353.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
196419
date
Fri, 22 Nov 2019 15:28:56 GMT
expires
Sat, 21 Nov 2020 15:28:56 GMT
last-modified
Wed, 20 Nov 2019 19:30:13 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
345067
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
client.js
s0.2mdn.net/instream/video/ Frame 58AE 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10523
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:20:03 GMT
integrator.js
adservice.google.com/adsid/ Frame 58AE 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
bc2
bc-rtb-dub.springserve.com/ Frame 543C 		2 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bc-rtb-dub.springserve.com/bc2?r=32f071eb-f67d-4968-9077-cb5e89be7a2a-s.514171-d.528021-dc.73342&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.175.165 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-252-175-165.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 26 Nov 2019 15:20:03 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
i
vid-io.springserve.com/vd/ Frame 543C 		0
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io.springserve.com/vd/i?suuid=32f071eb&ps_id=514171&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.219.23 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-200-219-23.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Date
Tue, 26 Nov 2019 15:20:03 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
514171
vid.springserve.com/vast/ Frame C779 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.245.241.249 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-245-241-249.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d6c211b1870e04cb869334d89751c44cbf7c6c96023522ff40f08ef1587da3f0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

Date
Tue, 26 Nov 2019 15:20:03 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
910
vpaid_855affef.js
vpaid.springserve.com/production/ Frame 8774 		420 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_855affef.js
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1822/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
hwcdn.net
Software
AmazonS3 /
Resource Hash
8a41e097be4591fa4f13e6eea4fddaa0dabfb232193ce6885653f244f2dc7a3a

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:20:03 GMT
content-encoding
gzip
last-modified
Fri, 22 Nov 2019 18:17:07 GMT
server
AmazonS3
x-amz-request-id
5AD82A02192E0B0E
etag
"b03e75f0c79cce2a5b914f3297f941d3"
x-hw
1574781603.dop123.fr8.t,1574781603.cds054.fr8.hc,1574781603.cds010.fr8.c
content-type
application/javascript
status
200
cache-control
max-age=2294848
accept-ranges
bytes
access-control-allow-origin
*
content-length
95929
x-amz-id-2
w7aOYBQiB1wbaziIFJipv3PYfz6eZFn23etM0yKArksBc48Q6cMciAzrDP2XXTobyJ/blkuhfMo=
oath-viewability-sdk.js
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 8774 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),
Reverse DNS
Software
ATS /
Resource Hash
ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 03:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475203
status
200
content-length
7868
strict-transport-security
max-age=15552000
x-amz-request-id
316821272E7A90D7
x-amz-id-2
QiyDMbk2Iv868i8GdJwru1Y+Y6r6BEIAXzkIgAn2JbztekbUHjob6TxFAO7l9novcHEx19x9Jqs=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Jan 2018 04:39:44 GMT
server
ATS
etag
"f89c71522a28b573b7e8c681892779ce-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=1209600
accept-ranges
bytes
content-type
application/javascript
/
ima3vpaid.appspot.com/ Frame 8774 		1 KB
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ima3vpaid.appspot.com/?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781603587%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781603587&type=js
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_855affef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
49ecc9809430b11a3a30136faf6ece755c62f2e78b6e66c2de5208ac802f83a1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Origin
https://www.bleepingcomputer.com

Response headers

date
Tue, 26 Nov 2019 15:20:03 GMT
content-encoding
gzip
server
Google Frontend
status
200
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
x-cloud-trace-context
158de98ae078937c8309672c03aaae8c
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
565
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame D631 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781603587%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781603587&type=js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
529c00446502c1e3f4c46ed903dcd0a20d3f10a1ca22c7b790d448e6d8cb6902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 20 Nov 2019 19:35:27 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14224
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:35:03 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame D631 		273 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adTagUrl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F21769024953%2Fadx_video%2Fbleepingcomputer%26description_url%3Dbleepingcomputer.com%252F%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26correlator%3D1574781603587%26vpmute%3D0%26vpa%3D0%26vad_format%3Dlinear%26url%3Dbleepingcomputer.com%252F%26vpos%3Dpreroll%26ord%3D1574781603587&type=js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
94888
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:20:03 GMT
bridge3.353.0_en.html
imasdk.googleapis.com/js/core/ Frame 263E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.353.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
196419
date
Fri, 22 Nov 2019 15:28:56 GMT
expires
Sat, 21 Nov 2020 15:28:56 GMT
last-modified
Wed, 20 Nov 2019 19:30:13 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
345067
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
client.js
s0.2mdn.net/instream/video/ Frame D631 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10523
x-xss-protection
0
expires
Tue, 26 Nov 2019 15:20:03 GMT
integrator.js
adservice.google.com/adsid/ Frame D631 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 Nov 2019 15:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBw3skBUP3AH-L9cXrB-UI4&google_cver=1
Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPPjdcOQuaCkaslC3-JeBaQ&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
Domain
eu-u.openx.net
URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| freestar object| apd_options function| gtag object| dataLayer object| elem object| scpt function| __cmp object| google_tag_manager string| GoogleAnalyticsObject function| ga object| cnxUmm object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars undefined| _ object| fsdata function| load_script object| googletag object| fsprebid function| Blazy object| fixto function| validate_comment_box_not_empty function| cz_strip_tags function| cz_br2nl function| editForm string| loginhash boolean| main_nav_hide_flag number| scrollTop string| main_nav_hide_timer function| call_main_nav_hide number| cz_header_pos number| prevScrollTop object| jQuery111106795535117302101 object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| cnxPageGuid number| spp object| cnxJSONP_ff21f83237bd842cdb9f1574781590565 function| loadDeferredStyles function| raf function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_share object| addthis_config function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| _typeof function| ownKeys function| _objectSpread function| _defineProperty object| _0x3e65 function| _0x231c object| BT object| BT_PAGEVIEW_MAP object| blockthrough object| BT_RETRY object| BT_REDIRECT_RULES object| closure_memoize_cache_ function| __cmpui function| fsprebidChunk object| __core-js_shared__ function| JSEncrypt boolean| __@@##MUH object| oattr function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| apstag boolean| google_noFetch string| btID object| _atw boolean| apstagLOADED string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks object| cnxJSONP_32e076e2ece141ec532a1574781591943 function| btjsonpcallback1574781592329 object| cnxJSONP_426a8cafea32a12665051574781592103 object| closure_lm_115014 string| mantis_uuid object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| MoatSuperV26 object| closure_lm_170038 object| Adform object| a object| closure_lm_472379 object| closure_lm_653832 object| closure_lm_953965 object| closure_lm_667600 object| closure_lm_409456 function| cnxAddEventListener

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUkoejEztL5Am7AtRiZ64-KgWrPhjSJvtXoFPC7AYMghuCVR5E2k3mhJFC33
.bleepingcomputer.com/ Name: __beaconTrackerID
Value: l063d555e

8 Console Messages

Source Level URL
Text
console-api warning URL: https://quantcast.mgr.consensu.org/cmp.js(Line 1)
Message:
Dependency check failed for Publisher Purpose Legitimate Interest IDs: Publisher Purpose Legitimate Interest IDs must be an array containing only purpose IDs contained in the Publisher Purpose IDs array, the following purpose IDs will be ignored: 1, 4, 5
console-api log URL: https://freestar-io.videoplayerhub.com/gallery.js(Line 19)
Message:
Video gallery initializing
console-api warning URL: https://static.quantcast.mgr.consensu.org/v27/cmpui-popup.js(Line 1)
Message:
Unable to get NonIab Vendor list.
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js(Line 1)
Message:
Exception in queued GPT command TypeError: Cannot read property 'getItem' of null
console-api info URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js(Line 411)
Message:
Powered by AMP ⚡ HTML – Version 1911070201440 https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
console-api info URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js(Line 411)
Message:
Powered by AMP ⚡ HTML – Version 1911070201440 https://www.bleepingcomputer.com/news/security/silly-phishing-spotlight-login-to-unblock-microsoft-excel/
console-api warning URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js(Line 19)
Message:
[amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pagead/adview?ai=CvyMomULdXfvsCYSVgAe2pYHgC-PP9Z5ahPiO2aoKv-EeEAEgx4P8AWCVAqAB0vjL4gPIAQHgAgCoAwGqBMMCT9CGCQ70zWnRYJ5b2gOBA_JF46wwf-Xutriyg0wThjxwTULlhESw2QdypSvg1OuCEhOtQALkWptvQIn41C53e5Mygc9Vdhy9c-L3LoPP6aZ1Kuef5zV_iyODrp9wSTuMX9MUbM7V3VKRP2TIuK_-QUJ0Y2l9cvimMYDdUmZ1onk_XNcecCDQUrduj9Ovpohc-WmYqux8Pt-w9sUycHjRriyqyay4j7_lMW5-bWwMrfqE6xOr2R1tY1gZx7rqYePhoGQgbG6he3fn1Bx4fsR0btjoI-La9Q2H0qzVWd47LniC5YQpRVJmH85VwYp4d-5PjDBP2CBJsCO_G6wumtR3QzzCbFMFW-XyD4lnUws33BwBMSZ8L1MpT4YUzf0QQdY_vBPlGjNK-ItNznqInjIn2L6zrDX14R3IJQ7xN7xOHJswqgrABLyM-PyGAuAEAYAHgYjWQ6gHjs4bqAfVyRuoB5PYG6gHugaoB9nLG6gHz8wbqAemvhuoB-zVG9gHAfIHBBDWiw3SCAkIgOGAEBABGB2ACgHYEwM&sigh=uj7nHlTsDg0&vt=1
console-api warning URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js(Line 19)
Message:
[amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pagead/adview?ai=C76t1mULdXfnoCYSVgAe2pYHgC8iOlJpa797agNsKyrqM8b4BEAEg2tfFOWCVAqABk7SQ4wPIAQapAhFjhk5ReLI-4AIAqAMBqgTCAk_Q284ANBKN14EXcjjJ92_zSSmDbqY9VqBKoZZL98F7r8vCRUNmpKmofzmEpu8j866jvkc4G6-yZlHx67Jjr6gCJ1JUPrXlj0iue8cdmWePeqYEHhmt149flLFoUyEu0xhp8y5dolWIqBHLx3knUAtyG1MLRm4h4uglqzNd9NH-NDdsmJiYUsWN7gL89Py_Ws0yVt9cxpACkBidPMCSVMDCQr0SRmsblzTAs5H0uhTx0OhW2-2Lpq6BcpSNrougqkKKgDAEOArPQpnl6KWnsDFUoBh5CfhqexkpDxdT-jMFOgKyslZKeIjd6dmeiwmYZzsGZ81x8MB9Lk69eGcgHqytrTkuOR9lHcwDVqHyHQ6lE4GBPdOPjVgKubh43DTv8QrzIhI0Gj9Fj_YigRJIOhqgig0ExpAC4VkI2lVcHNpn4kvABO3IqqW3AuAEAaAGN4AH1cvvHKgHjs4bqAfVyRuoB5PYG6gHugaoB9nLG6gHz8wbqAemvhuoB-zVG9gHAfIHBBDfrA_SCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTE3NDIyNDk2MDMyODkwODOACgPYEwOIFAQ&sigh=UYr6xCJxlHQ&vt=1&template_id=492

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
a3226.casalemedia.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.zanox.com
ad4m.at
ad4mat.net
ade.googlesyndication.com
ads.pubmatic.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
aktrack.pubmatic.com
aol-match.dotomi.com
api.quantcast.mgr.consensu.org
as-sec.casalemedia.com
audit.quantcast.mgr.consensu.org
bc-rtb-dub.springserve.com
beacon-eu2.rubiconproject.com
biddr.brealtime.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.pub.network
cdn-ssl.vidible.tv
cdn.ampproject.org
cdn.connatix.com
cdn.connectad.io
cdn.districtm.io
cdn.doubleverify.com
cdn3.doubleverify.com
cdns.connatix.com
ck.connatix.com
cluster-na.cdnjquery.com
cm.g.doubleclick.net
connatix-d.openx.net
core.connatix.com
cse.google.com
d.pub.network
dmx.districtm.io
eb2.3lift.com
ecdn.analysis.fi
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.facebook.com
hal9000.redintelligence.net
hal900021.redintelligence.net
hb.emxdgt.com
hbopenbid.pubmatic.com
i.connatix.com
i.connectad.io
ib.3lift.com
ib.adnxs.com
ima3vpaid.appspot.com
imasdk.googleapis.com
mantodea.mantisadnetwork.com
match.adsrvr.org
mathid.mathtag.com
pagead2.googlesyndication.com
pb.media01.eu
pixel.advertising.com
pixel.mathtag.com
pixel.quantserve.com
quantcast.mgr.consensu.org
rtb.connatix.com
s0.2mdn.net
s1.adform.net
s7.addthis.com
s9.addthis.com
securepubads.g.doubleclick.net
static.quantcast.mgr.consensu.org
tags.mathtag.com
tlx.3lift.com
tpc.googlesyndication.com
tps.doubleverify.com
tps20221.doubleverify.com
track.adform.net
trk.connatix.com
us-u.openx.net
v1.addthisedge.com
vendorlist.consensu.org
vid-io.springserve.com
vid.springserve.com
vpaid.springserve.com
web.hb.ad.cpe.dotomi.com
www.awin1.com
www.bleepingcomputer.com
www.bleepstatic.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.reddit.com
www.vehiculum.de
z.moatads.com
cm.g.doubleclick.net
eu-u.openx.net
us-u.openx.net
104.16.190.66
104.16.68.69
104.17.120.107
104.20.60.209
104.26.12.6
13.224.196.112
13.224.196.65
13.224.196.91
13.225.78.44
13.225.78.84
13.225.86.250
136.243.54.211
138.201.84.253
146.148.127.183
151.101.114.217
151.101.13.140
151.101.14.217
152.199.22.24
172.217.16.162
172.217.22.98
172.217.23.134
178.79.175.86
18.194.62.191
18.196.104.43
18.200.219.23
185.29.133.224
185.29.133.33
185.64.189.112
185.80.38.195
195.216.249.67
2.18.233.180
2.18.233.201
2.21.36.164
213.254.244.16
213.254.244.18
23.37.55.184
23.62.137.117
2600:9000:2043:d800:1:af78:4c0:93a1
2600:9000:2156:4800:9:46dc:4700:93a1
2600:9000:21f3:800:9:46dc:4700:93a1
2606:4700:10::6814:9174
2606:4700:10::6814:9274
2606:4700:20::681a:18b
2606:4700:30::681b:b368
2a00:1288:f03d:1fa::2000
2a00:1450:4001:800::2002
2a00:1450:4001:800::2006
2a00:1450:4001:800::200a
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2014
2a00:1450:4001:814::2002
2a00:1450:4001:815::2001
2a00:1450:4001:816::2002
2a00:1450:4001:816::200a
2a00:1450:4001:817::2002
2a00:1450:4001:818::2004
2a00:1450:4001:81b::2008
2a00:1450:4001:81f::2003
2a00:1450:4001:824::200e
2a02:fa8:8806:13::1430
2a02:fa8:8806:16::1460
2a03:2880:f01c:800e:face:b00c:0:2
3.122.1.70
3.211.1.10
34.206.108.72
34.245.241.249
34.252.175.165
34.95.120.147
35.156.206.192
35.156.98.228
35.188.71.214
35.190.94.1
35.226.36.58
37.157.2.247
37.157.4.23
37.157.6.245
37.252.173.22
52.214.34.242
52.48.102.50
52.72.165.42
54.164.73.180
54.236.131.34
69.16.175.42
69.173.144.140
69.173.144.152
72.247.225.17
72.247.225.32
72.247.225.98
72.247.226.173
72.247.226.64
85.10.231.199
91.228.74.245
03b07f320a1692a2d507465027fffaa6560d19d248c33bb6a5f2c97b75680c1d
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04e275c09f247f945daba3af97a258b96f820061a6699ef0a280696ad91102b8
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08123daa43836577b0d5f4ed597d5be71da6a8e67d7ac40d3c705499246a1646
0bd7a9131b6eb7b7a245c266da71593e9e46c23a2e59483cd96f7b906fb9cfa9
0bfc0b3c10e61b72ae2840e06203795fdbbcd9c71d319373139ee59a8f0290d2
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e0f8d99bded628c036cbbe528726ac88dcc4ab85597e36bb926c2f61488a48e
0e831a01c9f9d2ec878d197cefe82aaad1e748af4c0b852f4f19d4a0566c8ae4
0e946b0ee0337cf23c845f67a238e1fefd5f1e014fdbd8ea27870172fcedd40f
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
1022f23a95a6bf4f7fdbea9dd91e0e85a9c0a437c460ee27e43a81e65522f1a7
11c3c61a1229467b401c579d42cdb5cf2e161c570a2533384669ca703a2ef3a4
12757aacd8065f1dae7232eee05d72060f2f8de1547afe1136b9d774b262e902
1412d7245072504d1975da264074e475485b5bab1edab58938a536542a4f3dd5
166d1031506210d3723ed28f498fcc4739516be7f5ce2d98ce219f3aa43f2166
18522624c3465128e0d871a716cd3315955ffefc6a0acb9eb16dd06c09450dae
18a85343466642ec57a184aaf7ddf7b1ff8939198bdbbb6d22ee91f00bb16812
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
19e1dbba639ba68ceb71cdada9621e11d0aec6edba410971f1937d6cc4935b32
1aff0b32a17911d706614827315e3d38bebe9f86f340d54ec9b9ca9c7306ac53
1baf016718320e8a4b278d8c53ec77df2fb1efd07c866d6be510add91d6f1d1d
1c3850c30b0caf90190a6959e82a1c4ffa3b6eb5d8ff5d2d733e23fd4e77db6e
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
20d2cb2691e261ada55a9c4d60c663479277d651d9b8d6d768ede5870c3b5993
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b
2363cbdace3d4db7b0ee2f0fcf42a722658814affea6c100f3679f7c21ff9e11
23f5a3eca6fec1f8380dd45a87da65ee9ab4c93d4602403dc26b18e2afeb201f
249193c3827d0fb6e4646050b7491f0955be7f7194a496c3e894d71119740a67
2518f67334194509d1c64f68ef973e15db3bd6bd47a0471923ffa25989fd697f
256b50a209001533a8a275b36caa7a9fe3c273f26304a421d91c5ae3394d6c49
273d06631db81b611e909c7124f43d5578960b2270c3cc49d676cce28d1a46c8
288651393313df9a06c79020f0c8c81da40f1fdec7bcadc5a323290c33153dca
29407dab7bfc70257bdb18f8f784b9c0608c69f8290b750618feee47dd1bddcc
2c38c6bd5dce47e84473fcd67e19153d498735d14c8f48596ee00f59d7633ba2
2cbf1729776f2bc7881907cec24496cbd1400eabc4ce25ee34fcf6ac12da1ad0
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3110422f30b8614d3f5af530b0c24ac6c67b7429219795176cbfeb147c92312e
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
322b0c2fa4ec751df4ea5244d4245d6ff9f05735f0d873ee55ab60e50aa5c1dd
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9
33d2b8e46bcf65d2550434523b2166ae01524267009f02197aa54fd9dedb07b7
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3b6a84a416edfb98ed7608dad8cd26ffd7123e54bce2bb13a4a3394e0b948382
3ba6d68a3b877b1f5607cf9600430eb206a22a09f1d32acbe0e51fd64ceb18fa
3c10cb1ddf712f08a5082f5759b9496c250d195a9e6746e2ab0088b52775b21e
3c26cb7b4e0f2c4ced2f63250e4f05f15578b63e4c6476c2b01b62aef8d26bb7
4038fbbb669dd742a325f15d4a130b0a0dfd8d83440673b5ad0175aeb99d27ae
435f3b941790a950ffcbbf77b354611bd92bfce90007a689296a3c65dc16a280
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4417f5df74ddb9f8e4f37efb96e9275072ed0fe7fc59dc422203eb6f18030be2
48bc0aeba2405f90eb991e0e61540c0165e2a99e40dadd594aaad56bcb3bf9bc
48f9e523c2f6b847b2cabf311c8ae090a21acffdc8e838ad990cddd3c8a43741
49ecc9809430b11a3a30136faf6ece755c62f2e78b6e66c2de5208ac802f83a1
4ad7e831f90fbcb22313b27afe3ab546fb79bf3c7b0c39ea73d8ad0ed1ba78b8
4b9881f6614ccb8b86af1d6af4882a4cb23cc577109c6ff9546ef934374a53cc
4cae697d304b6cae1bb457589d549ec39239ca1d1e32bd7201200cb7562eeb32
4e720804ff4314f1a7c70173d456594cc37b97d284072f8763294f5d1fee8d58
4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313
501196b547ac8238761fa5144f51baa4a7c995546f358564e91ea100bd30c805
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51f420ba4c62fe0283fd9c9f553f05154c38a19c9e88f755901b7fa67235667a
529c00446502c1e3f4c46ed903dcd0a20d3f10a1ca22c7b790d448e6d8cb6902
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5798dd3098256f9afde472fbdd2e24ef68ec0e5e3262d0e194ec24ae93b0b1ee
5a185dc6e1bc9d4465e26a1c41df9cbf2fa8982c3c873c7b5c49c9b9dc201e76
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6
5a90232ad413139dc68f4450c60790a23768e401274b54ecc08323b0affd7266
5bf800345f0de8cbd1b266df13222308b4865b24a97576c8afd0c0ed4274bf93
5c67aed7670e5089c27840eb75fc349ac508111708d933388a80253192d079df
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5dd783144574bd34ebe437cdaef2aebfab1803db65134ad55ef8906da78edc7b
5f3a171bdd417038e275b697b801b5c6d3e2a71f792fe02ba379f2558739a239
5f86b19dc3848bfa004bd0d83111e5e7ef15e6e0984c12802e12f1aaa2595846
5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d
5fe405e64b42b49a5813c2c7b8e48ccf290310c5eb351d2b15966856d1a2f06e
6175f1f2e554b22ae23db1515c988e1ec80909097272052dfa938e3641d901ed
61aa815692e9edf603f12550ad0976ccde355df6e118e42f018a691738997d40
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6bfc1fe25171678703ff41c6bc38a275a4b2d50b1c0875a73b57c062e100c22d
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
6ea6d9943fa4e53b8fb94ac625cc55585d53f2f0ab7be659f8243fd7b75771b0
70ac0b55040fc7ec03f8d817383cb6d7ee01acc3582b60f163f35fa9c540e61c
71dae7cc7766c98bdc4b766789af22fe0442d58aced342736f044ec12aaba058
73343d7c5908fe8c352daa089f212c63c5d7b5dd9a67ad3272ac26e24b4246c6
73c14e39ad93de8449f78d536c745222bf8b9a25b47e6d9b7b086e037c811f8c
73e88dfcd0f3a535341fb641c5400fcf772ffe36c628241104f829d3cf48e29b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77fa233d8c9a9df15915f6663b3263d28c2d8dbba9b21ee5a30be6c85d9507eb
7955c0914dee7450ad60cc58dd8240e98537d8ece40b9b68023bd747998974d1
7a12f0eee52a176cb64f3bdb63b2784787e195bf5010155d4f64c298841026a1
7a52d4e3f541e459f9069f6f596242684704eeaca5a95f05285d16e2e609927d
7a53d4df190d658e52a1fbcea3fdda92433c812e35bb7a789876ff1c75ddb4bd
7c20e3e201e3d7c6821e907def1257deb544eb08578c7129b96d53bbf62d34e4
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a
7c5038506dacbcd8a117352de3409a7842ea9ee27c00f8f3d7ac28e469d58b46
7ce260e650fee14d5469f88fc58ab03d183bb6c081c40c2dcb053645085f177b
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39
7d9967dd0e2212cba7ee10ab600d2a93f23e1a64818bdca3bf6e01765e9f1fd4
7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f
7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
806078b99ac2e973dd30e1112251e73c963f67c8015c27af40b73426ebf665f0
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991
82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21
82cd20d35080c5648b43d784ac787314ddd55cf9db6462ee7271d50f324d1fdb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846a89a05b2cc88c9a49778ca03205dd9711fc6a1ca97d3719fa1b966b4ed0d4
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b
85e679f1871bb9aab4087c7aa64555fe123cdb60b009ef4b3c1815b31e1ce21c
866a1264b956a58da8e640a6191453d62f20d8676f63f193d2786318f83f6422
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e
88f480dd44db1bf9c97136c14e99b95082f177acdf97b972d483ecb8bd8bfd26
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a41e097be4591fa4f13e6eea4fddaa0dabfb232193ce6885653f244f2dc7a3a
8a56e644a617b2d1e4e7d808dfc334a7ea8622979f22999dc9eccd21c61958b3
8b2e59bc809fc679c05e1b31583ce011b41ff1362edadd8e61464a034cffe410
8bbb08239fe3caae49948806a937efa2b7f89ea87f05fc5e7868fe64a2cd64a1
8bbc6b45b69f6e51a25a0444d4d9dd0bfa24ad608ec5cb2addcdfe6239c72e28
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90542e08ac58d029d95bb00fd38b92f3a7702584562892f7427ccc3f3d97a3ae
9065fec5874826cfa671a456d8d9b9266e650c566877d16562d411f22e08bd1d
91fd13d213ef266cb4fccdda1fdf5deacd3a06a2b0fc92a9239561e55032bf11
9215f51472b2915def2e834f1458c01a6b156a060af1dc72d67a6de562529b9d
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
92951ff2c54ef10555938539aa7b1fb88529604aba3c52bf2dbda653b51e83df
935a2df0388ae7226ffe9f5c22097de90c3752c6db85d366389e1a01f3b91bde
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339
94b564eb561a1831342eadd34c97751a75353a6f4f46920b99072d3918e55923
9725704c43fa763697a109da7a90d7f64d98825280b4f052b9b2eb616ce15b9c
977564dbb279f23ecc8621722b2a65066d85958cf508c30bfb18a4ec9342f046
98f88d642acd9024773bf77b93f9546e3cd6fd8fa3d539d16f7b018e0cb513f2
9abb9e299ab0f7c2c00c20f0d5858358ffa1e7a9f835bab1798c769ff3b22777
9b25663f92420c3fca13e2ac5f616172ab535f9a40a9c2b76201e7cb9d996d3f
9b4afeef55fb756ea98174b77c46fccfa648e9765e97acdae77c47bb662f645c
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9dc6373c8601a2598028a5aed1162aa12427dad572d30889facbd42726ddf247
9e18996c315a3e343350070ad5452b442ed96417cfb3816b7dc8ec863a4b1e6e
9e36e1481ba480e4971fdf3571f6e9bd6af1a8eb24f0e4dcd480892e9027dabe
a00d8ffa45611c04d84361ae0d37d38da8be0e11dfde738f4142a97f32b752eb
a11f6f961dc2120662e3aaa900ca077b0ec2cf313860a28ae7f7a6cc50afbf57
a1ff5fe4ae718314b3589c7afd949e0d021d20f681c8417439c6e96559996595
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a42387959fd00cf838ad744c2e385a7413d71727933da1ed451a4851724ed427
a84d56a27124f013b5124d787dd2a2c2af37f44595ab5cd1d524cd0f9cb7ac19
aa3a249cabad1f76bb1aa4325dee2bd1d9bdd736b6e07349344958162b1a0458
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460
ac19cd27d0df72c5ce07f3bcc9330caa63ce10a0651791a0bb5e2dd0953dcf70
acbe9cdf9d772d65eb2b250cf080d2ccdf56a84f4f0323c27c4969212398b43d
ae6d664511820e43f58c2364d402d7d88d21e490f789d2660d65c1c1b9456ed7
aebd03bb3b7ce36e1a2d313b192072e8ef4fcbcc397a1365c613a02e4b4dc93f
b08fefb255b40cd18b0f7db8ec21c6f0c79d16aa828d7ed9157da12a38538682
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1839488116b4abfd1e3cae794644fb9e5a1f1c9639a1010d2e5017be7a08131
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1
b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad
b3c3cececefdb390f95516a00c97c5beb3ec18f153e72e6b4a39100b0406cf1b
b7a694e249a645129d52996e2822e6472ad5919b474964895dd33b25c0c62d59
b7ed8341c69be138913b8d656f180cd0fa9a43c5579af3dcce968836d2c37e4b
b7f6b8292b0dd3f0b28d4abb927a9188c7483490fecc868765f96419808c0afe
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc0b9a471e25b8fe764d5fd2bf64cfab53e0633961da117c7460f7560cfd69a6
bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e
c3034d0370c5faa09e7a8d7b0c48925afa0371cf17e4827dde23059f56019dae
c3cd2ba844c17ac117988136c03c23ffc741f87851a38e02aa0eed47897ab729
c4405054dff1040cf4914e27f544f02dc63fec0e12695ea76b7ce98b8605a7b1
c6992139579970191b8ccdc3a4737451fff363b6e6eb8c80685ab2695e503e4f
c8444ac3b0379ce828317141c6128d128bcd5418ad3e4e9bd1be1ecadccc1095
c86030d5bc831b022c436556681fafb5e98c647d3df39333bd5cccb478db090b
c9e727b37a735a7983ea8bdad06a38b246261c239bb80b86cc0ff3663c910adb
ca4f0a5d8c912140811de513da53c06da21a5c60ad8c0331cc41bfc094d080db
cdfcbd26b58ca5277b266b7696abaf66b640db2fa853240817266ef07f99f724
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d
d229886fc63edf6b95865ad6a9e90b589ca7585d2203bc61b69f73f61f746830
d24aa150c8e684dc61526472cb0f821d6fe952ec5b0713ee4d6fa7697d27d608
d44b93a0af159f0d547d7ec89e9227a5667ce1171bc630e6fbf79dae0e596e2d
d483fbfc12cb1c539c26c9bb0c64ee971bbaaff41e5afba77caf5f2c80d429cb
d60eed120f3d03e477e8d7a5281069d4a31b32e5abecf1c8318dcd360ddeba3e
d6391d747f867408f4a197c27abbd9b1cba213a5455f808a83e28cc02b7010ae
d6c211b1870e04cb869334d89751c44cbf7c6c96023522ff40f08ef1587da3f0
d7350344f13299c5afa6659905e3333c67ff3c0e427694fee3b877ab9bbf5bce
d83452998b9ea08e11d7aa2890d6df04397a0709fb15555c9f6c8ae1a03d4835
d9b1994b724c80fe16153005ecb0d6e7644d8466088af4f96fb76d3230415125
da3c5fc5e59d2a359058a9cd16950020a8e18d6026a404ad480255c5e6d7fa23
da445026801d9f140fa8a646834ff3a1a0ffbf55b8c6d76d193b02279d1bd013
dac702bbb288a8038c909915b51f4423c7c52826395f824682a0218935f240b1
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
ddbb0c0602f72da31f211dbfdef948d03ddfb077f1e08d8ea27278ba12e4edc2
def709ba515a22127c4da36701315c859ff8a1445c2aaae4b899432df9e38041
e007b54bc657b5d1c5be45950c6905b1354526a02ed811d86225d58e639a942e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
e4ad56bd91f08203b208a3db86c463c7952fad443a239de6454c73b7ce669657
e5217e9f4eabe859d6c69662fc025af50029c4b371dc2aea3f9c19a4d1a600a1
e551f32a07496f7eaf97cb41190c0fb4c99a8e162f49677361e1aa9fd66fb39d
e58542cacf97175fab0a0e3d7a8252b93bc57652dc2520650388317cefd5f726
e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85
e93d7c0e002dc1de88fdc23226c0c61e5cd2b5e672c5337d4b5d73b8db3a3717
eb3986a9d06585054dc84ba96f83b685c5a67527f4cdd2cdb4dfc75d49f5759f
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
ed659a77fdd28a80a4c84933f79862ea9921cbe5ef5f1cba94ba4ee8e719b203
ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe95cb2cc312e0132b0ce914c642ecee0534223df3f1d47579cdabe6cc070cd
f0529cc7165f04b9d0d90eba1650ab32f1b8ffc911dc3c5b45b959b4784abaa5
f118bd1c464439f4795dfcee905e400ca35fde3eb1d6f0ddb6c6ff88ac6e0103
f14661cb98a5e994c67e46c794be967115e8450cb91e02e6a416950c92dd0c3b
f227d60ead1b174874c6f16071e0cedb6001bdb73679c1627457851ff877319e
f3b1cbcae30c3333030ae6e8aaab4f25aef478a5428f29510ee632c750f5decf
f6b7ba3cc9a8177d62950984426ff73450f229d389c449b0631392be2f5b5b61
f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3
fbc9d2cd46d0907850eb41c367778541b469ada82a65d7698ea256ca25bcd3ca
fe41724c33b76fe8d8c5a8841d4286991a555d81f0a1bc6bb0dbed3b4f6192c4
feb00c371b08777227888978a718fb8cec317184cbdbd263c1fd58cc73919137
ff1e65d5292ac70fa0ceaf87d04313c975d6299e212e0274d3d0362b218ccab8