www.bleepingcomputer.com Open in urlscan Pro
104.20.59.209 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://protect-us.mimecast.com/s/qbeKCgJyxgH8nxgMsZ5zbl?domain=bleepingcomputer.com
Effective URL:
https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Submission: On February 03 via api (February 3rd 2020, 6:52:19 pm UTC) from US

Summary HTTP 568 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 61 IPs in 7 countries across 40 domains to perform 568 HTTP transactions. The main IP is 104.20.59.209, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bleepingcomputer.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on May 12th 2018. Valid for: 2 years.

This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	205.139.111.113 205.139.111.113	30031 (MIMECAST-) (MIMECAST-)
1	104.20.59.209 104.20.59.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
35	104.26.12.6 104.26.12.6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
4 5	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
4	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:20:... 2606:4700:20::681a:18b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	212.71.236.117 212.71.236.117	63949 (LINODE-AP...) (LINODE-AP Linode)
8	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:5800:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.14.217 151.101.14.217	54113 (FASTLY) (FASTLY)
1	172.217.22.70 172.217.22.70	15169 (GOOGLE) (GOOGLE)
2	2600:9000:214... 2600:9000:214f:a00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
3	35.188.71.214 35.188.71.214	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.214.2 143.204.214.2	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:a800:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	95.100.197.246 95.100.197.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.88.18.195 54.88.18.195	14618 (AMAZON-AES) (AMAZON-AES)
10	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE)
1	13.35.253.57 13.35.253.57	16509 (AMAZON-02) (AMAZON-02)
6	143.204.213.153 143.204.213.153	16509 (AMAZON-02) (AMAZON-02)
5	35.226.134.247 35.226.134.247	15169 (GOOGLE) (GOOGLE)
4	35.157.40.44 35.157.40.44	16509 (AMAZON-02) (AMAZON-02)
9	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
68	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
25	52.29.78.64 52.29.78.64	16509 (AMAZON-02) (AMAZON-02)
9	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
4	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
10 26	152.199.21.89 152.199.21.89	15133 (EDGECAST) (EDGECAST)
34	2a02:fa8:8806... 2a02:fa8:8806:16::1460	41041 (VCLK-EU-) (VCLK-EU-)
3	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
1	52.45.66.51 52.45.66.51	14618 (AMAZON-AES) (AMAZON-AES)
2	13.35.253.87 13.35.253.87	16509 (AMAZON-02) (AMAZON-02)
30	34.247.198.69 34.247.198.69	16509 (AMAZON-02) (AMAZON-02)
9	3.213.93.144 3.213.93.144	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.214.119 143.204.214.119	16509 (AMAZON-02) (AMAZON-02)
1	52.1.207.152 52.1.207.152	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
2	151.101.113.140 151.101.113.140	54113 (FASTLY) (FASTLY)
30	69.16.175.10 69.16.175.10	20446 (HIGHWINDS3) (HIGHWINDS3)
39	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
30	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
30	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
29	34.252.47.177 34.252.47.177	16509 (AMAZON-02) (AMAZON-02)
4	35.226.36.58 35.226.36.58	15169 (GOOGLE) (GOOGLE)
29	52.211.26.131 52.211.26.131	16509 (AMAZON-02) (AMAZON-02)
7	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
4	35.157.209.134 35.157.209.134	16509 (AMAZON-02) (AMAZON-02)
4	95.100.196.237 95.100.196.237	16625 (AKAMAI-AS) (AKAMAI-AS)
4	23.210.249.92 23.210.249.92	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.37.55.184 23.37.55.184	16625 (AKAMAI-AS) (AKAMAI-AS)
568	61

2 205.139.111.113 (United States) 2 redirects

ASN30031 (MIMECAST-, US)

protect-us.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.59.209 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bleepingcomputer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 104.26.12.6 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bleepstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdns.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s9.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:18b (United States)

ASN13335 (CLOUDFLARENET, US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.71.236.117 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-212-71-236-117.london.nodebalancer.linode.com

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:5800:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

ck.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f70.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:a00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.188.71.214 (United States)

ASN15169 (GOOGLE, US)
PTR: 214.71.188.35.bc.googleusercontent.com

d.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.2 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-2.fra53.r.cloudfront.net

freestar-io.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:a800:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.197.246 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-197-246.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.88.18.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-18-195.compute-1.amazonaws.com

core.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.57 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-57.fra6.r.cloudfront.net

api.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.213.153 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-213-153.fra53.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.226.134.247 (United States)

ASN15169 (GOOGLE, US)
PTR: 247.134.226.35.bc.googleusercontent.com

prebid.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.157.40.44 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-40-44.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

68 37.252.172.250 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 52.29.78.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 152.199.21.89 (United States) 10 redirects

ASN15133 (EDGECAST, US)

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a02:fa8:8806:16::1460 (Sweden)

ASN41041 (VCLK-EU-, SE)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.66.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-66-51.compute-1.amazonaws.com

rtb.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.253.87 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-87.fra6.r.cloudfront.net

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 34.247.198.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com

vid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.213.93.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-93-144.compute-1.amazonaws.com

trk.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.119 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-119.fra53.r.cloudfront.net

audit.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.1.207.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-207-152.compute-1.amazonaws.com

cluster-na.cdnjquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 69.16.175.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)

cdn-ssl.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 34.252.47.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com

bc-rtb-dub.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.226.36.58 (United States)

ASN15169 (GOOGLE, US)
PTR: 58.36.226.35.bc.googleusercontent.com

c.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 52.211.26.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com

vid-io.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.95.120.147 (United States)

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

freestar-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.157.209.134 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-209-134.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.100.196.237 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-196-237.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.249.92 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-92.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.55.184 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-55-184.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
118	springserve.com vid.springserve.com vpaid.springserve.com bc-rtb-dub.springserve.com vid-io.springserve.com	3 MB
72	adnxs.com ib.adnxs.com acdn.adnxs.com	68 KB
35	bleepstatic.com www.bleepstatic.com	259 KB
34	dotomi.com web.hb.ad.cpe.dotomi.com	12 KB
30	sonobi.com apex.go.sonobi.com	18 KB
30	vidible.tv cdn-ssl.vidible.tv	233 KB
27	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	296 KB
26	advertising.com 10 redirects adserver-us.adtech.advertising.com	9 KB
25	sharethrough.com btlr.sharethrough.com	3 KB
21	connatix.com cdn.connatix.com cdns.connatix.com ck.connatix.com core.connatix.com rtb.connatix.com i.connatix.com trk.connatix.com	549 KB
16	ampproject.org cdn.ampproject.org	317 KB
16	doubleclick.net googleads.g.doubleclick.net ad.doubleclick.net securepubads.g.doubleclick.net	107 KB
14	pub.network a.pub.network d.pub.network prebid.pub.network c.pub.network	227 KB
10	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com	66 KB
9	districtm.io dmx.districtm.io cdn.districtm.io	859 B
8	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	13 KB
8	3lift.com tlx.3lift.com eb2.3lift.com	2 KB
8	gstatic.com fonts.gstatic.com	87 KB
7	openx.net freestar-d.openx.net Failed eu-u.openx.net u.openx.net	1 KB
7	google.com 4 redirects www.google.com cse.google.com adservice.google.com	2 KB
6	amazon-adsystem.com c.amazon-adsystem.com	30 KB
6	consensu.org quantcast.mgr.consensu.org static.quantcast.mgr.consensu.org vendorlist.consensu.org api.quantcast.mgr.consensu.org audit.quantcast.mgr.consensu.org	139 KB
5	googleapis.com fonts.googleapis.com	3 KB
4	casalemedia.com as-sec.casalemedia.com	4 KB
3	fastly.net confiant-integrations.global.ssl.fastly.net	78 KB
3	googletagservices.com www.googletagservices.com	71 KB
3	addthis.com s9.addthis.com s7.addthis.com	189 KB
2	reddit.com www.reddit.com	958 B
2	facebook.com graph.facebook.com	1023 B
2	ad-delivery.net ad-delivery.net	1 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	mimecast.com 2 redirects protect-us.mimecast.com	1 KB
1	cdnjquery.com cluster-na.cdnjquery.com	359 B
1	addthisedge.com v1.addthisedge.com	855 B
1	moatads.com z.moatads.com	1 KB
1	videoplayerhub.com freestar-io.videoplayerhub.com	24 KB
1	google.de adservice.google.de	171 B
1	analysis.fi ecdn.analysis.fi	2 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
1	bleepingcomputer.com www.bleepingcomputer.com	15 KB
568	40

	Domain	Requested by
68	ib.adnxs.com	a.pub.network vpaid.springserve.com
35	www.bleepstatic.com	www.bleepingcomputer.com cdn.connatix.com www.bleepstatic.com
34	web.hb.ad.cpe.dotomi.com	a.pub.network vpaid.springserve.com
30	apex.go.sonobi.com	vpaid.springserve.com
30	cdn-ssl.vidible.tv	vpaid.springserve.com
30	vpaid.springserve.com	cdns.connatix.com
30	vid.springserve.com	cdns.connatix.com
29	vid-io.springserve.com	vpaid.springserve.com
29	bc-rtb-dub.springserve.com	vpaid.springserve.com
26	adserver-us.adtech.advertising.com	10 redirects www.bleepingcomputer.com a.pub.network
25	btlr.sharethrough.com	a.pub.network
23	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.bleepingcomputer.com confiant-integrations.global.ssl.fastly.net cdn.ampproject.org
16	cdn.ampproject.org	securepubads.g.doubleclick.net confiant-integrations.global.ssl.fastly.net
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.bleepingcomputer.com
9	trk.connatix.com	www.bleepingcomputer.com
9	fastlane.rubiconproject.com	a.pub.network
8	fonts.gstatic.com	www.bleepingcomputer.com www.bleepstatic.com cdn.ampproject.org
7	i.connatix.com	www.bleepingcomputer.com
6	c.amazon-adsystem.com	a.pub.network c.amazon-adsystem.com
5	dmx.districtm.io	a.pub.network
5	prebid.pub.network	a.pub.network
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	www.google.com	4 redirects www.bleepingcomputer.com
5	fonts.googleapis.com	www.bleepingcomputer.com confiant-integrations.global.ssl.fastly.net
4	ads.pubmatic.com	a.pub.network
4	cdn.districtm.io	a.pub.network
4	acdn.adnxs.com	a.pub.network
4	eb2.3lift.com	a.pub.network
4	c.pub.network	a.pub.network
4	as-sec.casalemedia.com	a.pub.network
4	hbopenbid.pubmatic.com	a.pub.network
4	tlx.3lift.com	a.pub.network
4	pagead2.googlesyndication.com	www.bleepingcomputer.com pagead2.googlesyndication.com
3	eu-u.openx.net	a.pub.network
3	confiant-integrations.global.ssl.fastly.net	a.pub.network confiant-integrations.global.ssl.fastly.net
3	freestar-d.openx.net	a.pub.network
3	www.googletagservices.com	a.pub.network pagead2.googlesyndication.com www.bleepingcomputer.com
3	d.pub.network	a.pub.network
2	www.reddit.com	s9.addthis.com
2	graph.facebook.com	s9.addthis.com
2	ad-delivery.net	freestar-io.videoplayerhub.com www.bleepingcomputer.com
2	s7.addthis.com	s9.addthis.com
2	static.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
2	www.google-analytics.com	www.googletagmanager.com www.bleepingcomputer.com
2	a.pub.network	www.bleepingcomputer.com a.pub.network
2	protect-us.mimecast.com	2 redirects
1	u.openx.net	a.pub.network
1	eus.rubiconproject.com	a.pub.network
1	cluster-na.cdnjquery.com	freestar-io.videoplayerhub.com
1	audit.quantcast.mgr.consensu.org	static.quantcast.mgr.consensu.org
1	rtb.connatix.com	cdns.connatix.com
1	api.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	core.connatix.com	cdns.connatix.com
1	v1.addthisedge.com	s9.addthis.com
1	z.moatads.com	s9.addthis.com
1	vendorlist.consensu.org	quantcast.mgr.consensu.org
1	freestar-io.videoplayerhub.com	a.pub.network
1	ad.doubleclick.net	www.bleepingcomputer.com
1	ck.connatix.com	cdns.connatix.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	quantcast.mgr.consensu.org	www.bleepstatic.com
1	cdns.connatix.com	cdn.connatix.com
1	ecdn.analysis.fi	www.bleepingcomputer.com
1	s9.addthis.com	www.bleepingcomputer.com
1	cse.google.com	www.bleepingcomputer.com
1	www.googletagmanager.com	www.bleepingcomputer.com
1	cdn.connatix.com	www.bleepingcomputer.com
1	www.bleepingcomputer.com
568	69

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
deals.bleepingcomputer.com
www.proofpoint.com
connatix.com

Subject Issuer	Validity	Valid
bleepingcomputer.com COMODO RSA Domain Validation Secure Server CA	`2018-05-12` - `2020-05-17`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-11` - `2020-10-09`	a year	crt.sh
j3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-01-30` - `2021-01-14`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2020-09-04`	a year	crt.sh
*.analysis.fi Sectigo RSA Domain Validation Secure Server CA	`2019-06-13` - `2020-06-12`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2019-05-06` - `2020-06-06`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.pub.network Go Daddy Secure Certificate Authority - G2	`2019-02-09` - `2020-05-16`	a year	crt.sh
*.videoplayerhub.com Amazon	`2019-07-18` - `2020-08-18`	a year	crt.sh
vendorlist.consensu.org Amazon	`2019-03-06` - `2020-04-06`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.connatix.com Amazon	`2019-10-19` - `2020-11-19`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh
districtm.io CloudFlare Inc ECC CA-2	`2019-03-26` - `2020-03-26`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.sharethrough.com Amazon	`2019-10-07` - `2020-11-07`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
*.adtech.advertising.com DigiCert SHA2 High Assurance Server CA	`2018-05-22` - `2020-05-26`	2 years	crt.sh
ad.cpe.dotomi.com GlobalSign Organization Validation CA - SHA256 - G2	`2018-05-25` - `2020-05-25`	2 years	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-12-18` - `2020-12-18`	a year	crt.sh
ad-delivery.net Amazon	`2019-03-07` - `2020-04-07`	a year	crt.sh
*.springserve.com Amazon	`2020-01-21` - `2021-02-21`	a year	crt.sh
*.assetbucket.net Amazon	`2019-09-11` - `2020-10-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2018-08-17` - `2020-09-02`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
cdn-ycs.vidible.tv DigiCert SHA2 High Assurance Server CA	`2020-01-30` - `2020-07-28`	6 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2019-02-01` - `2021-02-04`	2 years	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
www.google.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh

This page contains 60 frames:

Primary Page: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Frame ID: 90B6581A6CB680E96A067425621C8399
Requests: 212 HTTP requests in this frame

Frame: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Frame ID: 47F8475C44F0C9E223F2D4F71F5542E2
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200131/r20190131/zrt_lookup.html
Frame ID: 17FFE8C9AD994604E6E60B1007CC8A17
Requests: 1 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v28/cmp-3pc-check.html
Frame ID: 58F718399B80DA2F3BB8B8F69DF5D20A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1580577649&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1580755918378&bpp=6&bdt=294&fdt=119&idt=119&shv=r20200131&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=197018818604&frm=20&pv=2&ga_vid=441282633.1580755919&ga_sid=1580755919&ga_hid=1313324114&ga_fc=0&iag=0&icsg=598134369558528&dssz=50&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304&oid=3&pvsid=4310104344317423&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=630
Frame ID: 8EF67445334C744D044BE869862A98F4
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 71C44716108CA2C6350824F8F5D2DB1E
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 827601F98842B636700757CDEBB17ED3
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js
Frame ID: E49928856A5CCEAFAE9BD36E1EE45B02
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js
Frame ID: 0C45383E3FC69B546F80AA3E4442573E
Requests: 22 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlhXBrBiRyyElygq_EHotuy0kxln2k7aIV5aq4D01aoMBPcz5eKuu0di9oKwac8imSNSrtbMT9SKtfgOSsvjyI2UdQwEwKoOQn4inXnyzKN5udIymK4_I7A7OjChDHV-olG8LOUzBPD4lLFdJfB0yNs-CsvU94wmkcNweUP6tDHGlyIz7x39cxdNi9pf6cTKDMVFTRjh1hGABajA47igX2CiJr9o1oTt0xpFr5aa3JiWgsy6839XtX2QDHuP4uN9X7SQfW0DIzHPMBxXREjT1cpGoKlDYPgEM8&sig=Cg0ArKJSzCwBjZnKUZbSEAE&urlfix=1&adurl=
Frame ID: 9C9EB32065C88679EEF778B5426EAEA3
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js
Frame ID: 57134BF0B6297C389898DE703FDAF563
Requests: 20 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: F1D54027D5815898DFEB55A871E8D087
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 39BBCF1D118E183A3122CE39B2AF82A2
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 6197970DF2943596C08A57C3D88DB618
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 3D0C74EC6830D601DE99A93C9C9F6417
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: FE57B8363854A5C8CC3B3577BB645577
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 09D2DAB0288DB2EC73B08A455BBCE567
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 78B78B562B924F8FF55DB3B15DFDAE48
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 11485CA4FDE5896F432B8584EB6286B4
Requests: 8 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 52EE8F9117CEA5BC5B39339FF3B1A866
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Frame ID: 7D77963EA190A76F938588B2BB8F9C1A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 983EC5E55522749CD55F6AC8DFC11FA1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 29F50843C33CD8CD6BBE39CBDBB82EB7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: AD3343E5C36A649CD25986D5E321E8BB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 8CDDDCB370D44AD4E454F84C6F039B9D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 8AF09E3B09CB2FCFB34840C93BB6E221
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 8324BA02A5845E0609E0361878A95374
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7BC292723DE0BC35AA04DC835B0DFF34
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2800C81C17B2A19445B4C9F5F660A2FE
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 82CBF96986CBF6DF0B887C156EF1C3AA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 91607C58C4F12B821F64CB010D107EFA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: C9EF32D468E1EF8D60516609B916E6DC
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Frame ID: BF7232A5C9384910014AFE484DDE9D42
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 40C6EDBEE144D17637B1FBC7BAC5D8A1
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Frame ID: DB032D4FA17B6CF54D4915FF8AA51F3D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 2833FB63F29991EC9020E9D093B717C6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D14DF22A7B04753F3C2B78A7598C151B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: DA666E5951CBC2E3AE920CA36215768D
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 0F9848D7D67D04A6AE329BC5A4ABC86F
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Frame ID: D9D838AAD5EF720FA8C2FA0E3A8B2C3D
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 0316012FEA8B028F3D9C06C1D2986B89
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: E5AAF6E447C2A56C1924E7CEDC34693F
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: F1C381F1AF244620E07701B6F6B54C8E
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 38FC757793125E8C1443C4DECCD957DD
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 6C9954A7F2635BE45A927B332F9235F6
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 8FDD0A15C37C52BA3530A3F64781DEE6
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: C318A711986E6E126B6BD818759782C8
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: EF73FFF77FC4007CEED2EDA672631664
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 8E91C6E71E0334DCD2C364D36DCAD286
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 2C829EE145E603BD6D3ABD62B35C2BD9
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 5DA67F9E92A3A1BEE62F05353063DA65
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 3E70F302F5AD35B45EDF11C3A585A66E
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 066168EE34DBB5A3350DF2C232710BC1
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 84D5F9019AB761573DD26A79413674FF
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: A3B9C6F1BDA55FFABE5CF58B8FE602D5
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: E75BCD0657572D252085AEBBB60187CD
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 655F4759A8AECD5CDC67495CEE384BF0
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 357E597FA91638200FBB2AC9FC6673BD
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: A883912055AE6C67CDB295B40DDC6E3C
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 66E8762ABFABAB95178F6AC16875BCF5
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://protect-us.mimecast.com/s/qbeKCgJyxgH8nxgMsZ5zbl?domain=bleepingcomputer.com HTTP 307
https://protect-us.mimecast.com/redirect/eNpVUstu2zAQ_BWBZ1Ei9bBlneIk7anNIU1uAgSa2tisHiTIVQSjyL93pRgIAgjUYjg... HTTP 307
https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

568
Requests

97 %
HTTPS

31 %
IPv6

40
Domains

69
Subdomains

61
IPs

7
Countries

5753 kB
Transfer

20254 kB
Size

5
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/BleepingComputer

Search URL Search Domain Scan URL

URL: https://twitter.com/BleepinComputer

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BleepingComputer

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/
Title: Deals

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/deals/elearning?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: eLearning

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/deals/certifications?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: IT Certification Courses

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/deals/gear-gadgets?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: Gear + Gadgets

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/collections/tag-cyber-security?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: Security

Search URL Search Domain Scan URL

URL: https://twitter.com/MsftSecIntel
Title: Microsoft Security Intelligence

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/threat-insight/post/threat-actor-profile-ta505-dridex-globeimposter
Title: 1

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/threat-insight/post/leaked-ammyy-admin-source-code-turned-malware
Title: 2

Search URL Search Domain Scan URL

URL: https://connatix.com/
Title: .st0{fill:#FFFFFF;}.st1{fill:#0099FF;}

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/threat-insight/post/trat-new-modular-rat-appears-multiple-email-campaigns
Title: RATs

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/threat-insight/post/new-modular-downloaders-fingerprint-systems-prepare-more-part-1-marap
Title: malware downloaders

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/threat-insight/post/ta505-abusing-settingcontent-ms-within-pdf-files-distribute-flawedammyy-rat
Title: 1

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/threat-insight/post/ta505-targets-us-retail-industry-personalized-attachments
Title: 2

Search URL Search Domain Scan URL

URL: https://twitter.com/kafeine
Title: Kafeine at ProofPoint

Search URL Search Domain Scan URL

URL: https://www.proofpoint.com/us/threat-insight/post/servhelper-and-flawedgrace-new-malware-introduced-ta505
Title: FlawedGrace

Search URL Search Domain Scan URL

URL: https://twitter.com/MsftSecIntel/status/1222995270587150337
Title: here

Search URL Search Domain Scan URL

URL: https://twitter.com/MsftSecIntel/status/1222995271530864640
Title: here

Search URL Search Domain Scan URL

URL: https://twitter.com/serghei

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://protect-us.mimecast.com/s/qbeKCgJyxgH8nxgMsZ5zbl?domain=bleepingcomputer.com HTTP 307
https://protect-us.mimecast.com/redirect/eNpVUstu2zAQ_BWBZ1Ei9bBlneIk7anNIU1uAgSa2tisHiTIVQSjyL93pRgIAgjUYjgz2NnlP-a1Q1YzZ62fVHKepw6cGgZzp-0U5gHVhEnf-0TbkcVssJrVImYeNBiHaEZgtSwrsS92WbkTYr0jvyxmEExHRVEdqrI6iH3McMQn25GACbEjM-OolEWVyF2ekAn9K4LdpsuLmM1-IMYF0YW6SZt0WZbkNAA4M52pHzcjbI016QRLaNIAevYGr006Gu1tsG_IO0DQGDgxOKpSlHxUw6I8cIWodB-4eiMbHi7WIz95UH2TUhewTuXcag7tHIRspZTte0cnz9qH1z9HKYtjnrWZyAR9ss2IRj6j5BSO56LYl0V-2HI6RUNjXyKClF7tHy6g-9fnXwRoUtsRvP4c0DdymDpPGF6oOewmdWcdmvfbRjycjZ3WDXq7JuVzSEZai1YBb5Qwn_4S4WXTPz4do8_q_sfxJXpUZrjWUfQTTn5W_hqJPI7WUGzb129LD4K0t2zs4z-6O6-l HTTP 307
https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 302
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request Chain 104

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=14058cbedbfee68b;misc=1580755918923; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14058cbedbfee68b;misc=1580755918923

Request Chain 105

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=14163fe21592e06d;misc=1580755918923; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14163fe21592e06d;misc=1580755918923

Request Chain 107

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=14303ad63f99a8cf;misc=1580755918923; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14303ad63f99a8cf;misc=1580755918923

Request Chain 109

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1458b35aecffacf1;misc=1580755918923; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1458b35aecffacf1;misc=1580755918923

Request Chain 110

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1460e0ed0d4bd21e;misc=1580755918923; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1460e0ed0d4bd21e;misc=1580755918923

Request Chain 114

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1509796e3cb0f526;misc=1580755918923; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1509796e3cb0f526;misc=1580755918923

Request Chain 115

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=151c9587d69ab123;misc=1580755918923; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=151c9587d69ab123;misc=1580755918923

Request Chain 189

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=198d2a120160957c;misc=1580755921873; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1A4388e718-46b6-11ea-a2d6-121e68b36cc0;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=198d2a120160957c;misc=1580755921873

Request Chain 190

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=19931700bb7f07f;misc=1580755921873; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1A4389b5b2-46b6-11ea-a4e4-12dc2d808526;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=19931700bb7f07f;misc=1580755921873

Request Chain 191

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=200e9621e156688a;misc=1580755921873; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A4389bfb2-46b6-11ea-9d15-1273d078354a;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=200e9621e156688a;misc=1580755921873

Request Chain 246

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 247

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 249

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

568 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Redirect Chain

https://protect-us.mimecast.com/s/qbeKCgJyxgH8nxgMsZ5zbl?domain=bleepingcomputer.com
https://protect-us.mimecast.com/redirect/eNpVUstu2zAQ_BWBZ1Ei9bBlneIk7anNIU1uAgSa2tisHiTIVQSjyL93pRgIAgjUYjgz2NnlP-a1Q1YzZ62fVHKepw6cGgZzp-0U5gHVhEnf-0TbkcVssJrVImYeNBiHaEZgtSwrsS92WbkTYr0jvyxmEExH...
https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

67 KB
15 KB

682ms
628ms

Document
text/html

104.20.59.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.59.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57cbd4e42c31b91a389b1a40d7ee3da0eb267af8ba8cfb5e8f34f12925743963

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.bleepingcomputer.com
:scheme: https
:path: /news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
date: Mon, 03 Feb 2020 18:51:58 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d1e0dbf720007ce689808c007d0b86fb21580755917; expires=Wed, 04-Mar-20 18:51:57 GMT; path=/; domain=.bleepingcomputer.com; HttpOnly; SameSite=Lax; Secure session_id=29d7e3f2337f3c995ae440a56f822680; path=/; domain=.bleepingcomputer.com; httponly;Secure lav=7673; expires=Wed, 04-Mar-2020 18:51:57 GMT; Max-Age=2592000; path=/;Secure
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
last-modified: Sat, 01 Feb 2020 17:20:49 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 55f699642de4ce1f-LHR
content-encoding: br

Redirect headers

Location: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Cache-control: no-store
Pragma: no-cache
X-Robots-Tag: noindex, nofollow
Content-Length: 0
Date: Mon, 03 Feb 2020 13:51:57 -0500
Connection: Keep-Alive

GET
H2 200 css
fonts.googleapis.com/ 14 KB
905 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6265788182730e69c40e24d29a7ef28046a82c2f25620bae0999ba621effad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 03 Feb 2020 18:51:58 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 03 Feb 2020 18:51:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 03 Feb 2020 18:51:58 GMT

GET
H2 200 bootstrap.css
www.bleepstatic.com/css/redesign/ 111 KB
17 KB 127ms
77ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/bootstrap.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 6063
cf-polished: origSize=137522
status: 200
cf-bgj: minify
last-modified: Fri, 23 Sep 2016 14:33:06 GMT
server: cloudflare
etag: W/"2184297232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 55f699686a08e688-LHR
expires: Sat, 23 Mar 2019 05:29:58 GMT

GET
H2 200 main.css
www.bleepstatic.com/css/redesign/ 51 KB
9 KB 81ms
32ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9e727b37a735a7983ea8bdad06a38b246261c239bb80b86cc0ff3663c910adb

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 568226
cf-polished: origSize=60842
status: 200
cf-bgj: minify
last-modified: Thu, 16 Aug 2018 15:28:40 GMT
server: cloudflare
etag: W/"4249134023"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 55f699686a0be688-LHR
expires: Tue, 12 Nov 2019 07:00:33 GMT

GET
H2 200 home.css
www.bleepstatic.com/css/redesign/ 12 KB
3 KB 103ms
54ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/home.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 5853
cf-polished: origSize=14998
status: 200
cf-bgj: minify
last-modified: Sat, 24 Mar 2018 16:18:00 GMT
server: cloudflare
etag: W/"2402535603"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 55f699686a0de688-LHR
expires: Thu, 28 Mar 2019 00:17:49 GMT

GET
H2 200 news.css
www.bleepstatic.com/css/redesign/ 27 KB
5 KB 80ms
31ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/news.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d44b93a0af159f0d547d7ec89e9227a5667ce1171bc630e6fbf79dae0e596e2d

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 4955
cf-polished: origSize=32905
status: 200
cf-bgj: minify
last-modified: Tue, 26 Nov 2019 02:56:16 GMT
server: cloudflare
etag: W/"400467278"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 55f699686a10e688-LHR
expires: Tue, 31 Dec 2019 03:31:34 GMT

GET
H2 200 jquery-1.11.1.min.js Show response
www.bleepstatic.com/js/redesign/ 94 KB
32 KB 105ms
56ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/jquery-1.11.1.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Apr 2015 12:36:44 GMT
server: cloudflare
age: 6516
etag: W/"3647451394"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=3024000
cf-ray: 55f699686a11e688-LHR
access-control-allow-origin: *
expires: Tue, 07 Jan 2020 05:59:39 GMT

GET
H2 200 news.js Show response
www.bleepstatic.com/js/redesign/ 183 B
533 B 80ms
31ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/news.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 4988
cf-polished: origSize=247
status: 200
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 15:41:46 GMT
server: cloudflare
etag: W/"4218930423"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 55f699686a12e688-LHR
expires: Thu, 19 Dec 2019 04:54:08 GMT

GET
H2 200 connatix.renderer.infeed.min.js Show response
cdn.connatix.com/min/ 957 B
1 KB 135ms
40ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ff71b2aecc5b02b6c38f7e1340770f51d853df99281640581c4552b215c1985b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
via: 1.1 varnish
server: Varnish
age: 0
x-cache: HIT
content-type: application/javascript
status: 200
x-referer-host: bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-cache-hits: 0
accept-ranges: bytes
x-timer: S1580755918.196810,VS0,VE0
content-length: 957
retry-after: 0
x-served-by: cache-hhn4074-HHN

GET
H2 200 qc-consent.js Show response
www.bleepstatic.com/js/qc-consent/ 3 KB
1 KB 54ms
54ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b6a84a416edfb98ed7608dad8cd26ffd7123e54bce2bb13a4a3394e0b948382

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 6119
cf-polished: origSize=3848
status: 200
cf-bgj: minify
last-modified: Thu, 07 Feb 2019 13:49:44 GMT
server: cloudflare
etag: W/"3981350888"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 55f69968aa9ae688-LHR
expires: Thu, 07 Nov 2019 07:15:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-91740-1

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37cd8a7ca7f3c71f17f8744852f97c5a6bc9defdd52c22178ab4c704dcb72378

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=300; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28425
x-xss-protection: 0
last-modified: Mon, 03 Feb 2020 18:30:46 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Feb 2020 18:51:58 GMT

GET
H2 200 logo.png
www.bleepstatic.com/images/site/ 1 KB
1 KB 32ms
31ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/logo.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
cf-cache-status: HIT
age: 221591
cf-polished: origFmt=png, origSize=1882
status: 200
content-disposition: inline; filename="logo.webp"
cf-bgj: imgq:85
content-length: 1152
last-modified: Sat, 04 Mar 2017 04:12:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 55f699690c2ce688-LHR
expires: Mon, 02 Mar 2020 05:18:47 GMT

GET
H2

200

brand Show response
cse.google.com/coop/cse/
Redirect Chain

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en

3 KB
2 KB

93ms
6ms

Script
text/javascript

2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

pfe /

Resource Hash

4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: pfe
age: 31
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1181
x-xss-protection: 0
expires: Mon, 03 Feb 2020 19:21:27 GMT

Redirect headers

date: Mon, 03 Feb 2020 18:51:58 GMT
x-content-type-options: nosniff
server: sffe
location: https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 266
x-xss-protection: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 105 KB
37 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16d93f8991abc2b531c7c1f5e54bf6f8b941ee9595ebcf61370ee0b9d1047fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37759
x-xss-protection: 0
server: cafe
etag: 16823016256562014463
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 03 Feb 2020 18:51:58 GMT

GET
H2 200 twitter.png
www.bleepstatic.com/images/site/login/ 282 B
485 B 30ms
29ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/login/twitter.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
cf-cache-status: HIT
age: 331807
cf-polished: origFmt=png, origSize=475
status: 200
content-disposition: inline; filename="twitter.webp"
cf-bgj: imgq:85
content-length: 282
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 55f699690c2de688-LHR
expires: Sat, 29 Feb 2020 22:41:51 GMT

GET
H2 200 bootstrap.js Show response
www.bleepstatic.com/js/redesign/ 44 KB
10 KB 33ms
32ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/bootstrap.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 6063
cf-polished: origSize=65813
status: 200
cf-bgj: minify
last-modified: Thu, 23 Apr 2015 12:36:43 GMT
server: cloudflare
etag: W/"3930092018"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 55f699690c2fe688-LHR
expires: Tue, 26 Mar 2019 04:15:43 GMT

GET
H2 200 blazy.min.js Show response
www.bleepstatic.com/js/blazy/ 5 KB
2 KB 31ms
30ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/blazy/blazy.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Aug 2018 21:06:19 GMT
server: cloudflare
age: 6027
etag: W/"753357888"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=3024000
cf-ray: 55f699690c28e688-LHR
access-control-allow-origin: *
expires: Wed, 01 Jan 2020 06:03:54 GMT

GET
H2 200 bleep.js Show response
www.bleepstatic.com/js/redesign/ 3 KB
1 KB 31ms
30ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/bleep.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 6063
cf-polished: origSize=3600
status: 200
cf-bgj: minify
last-modified: Mon, 01 Oct 2018 12:47:57 GMT
server: cloudflare
etag: W/"2696894447"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 55f699690c32e688-LHR
expires: Wed, 01 Jan 2020 06:03:55 GMT

GET
H2 200 jquery.fancybox.js Show response
www.bleepstatic.com/js/redesign/fancybox/ 31 KB
9 KB 49ms
49ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 568204
cf-polished: origSize=48706
status: 200
cf-bgj: minify
last-modified: Wed, 14 Oct 2015 20:25:51 GMT
server: cloudflare
etag: W/"327140449"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 55f699690c34e688-LHR
expires: Tue, 03 Mar 2020 05:01:54 GMT

GET
H2 200 fixto.min.js Show response
www.bleepstatic.com/js/fixto/ 8 KB
3 KB 36ms
34ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 13 Jun 2015 21:34:42 GMT
server: cloudflare
age: 4692
etag: W/"1740214911"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=3024000
cf-ray: 55f699690c2be688-LHR
access-control-allow-origin: *
expires: Thu, 19 Dec 2019 04:53:37 GMT

GET
H2 200 addthis_widget.js Show response
s9.addthis.com/js/300/ 349 KB
113 KB 257ms
176ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s9.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 21 Jan 2020 20:57:37 GMT
server: nginx/1.15.8
etag: "5e2765c1-57446"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Mon, 03 Feb 2020 18:51:58 GMT
x-host: s9.addthis.com
content-length: 114924

GET
H2 200 pubfig.min.js Show response
a.pub.network/bleepingcomputer-com/ 441 KB
117 KB 239ms
203ms Script
application/javascript 2606:4700:20::681a:18b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e862f9054c5c3227ef21f89903cabef9ab111a1bc9ad139211865097eaaeea3b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
status: 200
x-guploader-uploadid: AEnB2UqnFzBwZ_Wb_XvprM78Oem5qrndVS469tm-67FXbJqtb9j95KJQe8oeJAGm_XCaUpoIk2aun03r-qTa97gbSF2KMb965Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Fri, 31 Jan 2020 22:29:53 GMT
server: cloudflare
etag: W/"9f999092d4aff69ca36da0f609e11c21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=C8tM6Q==, md5=n5mQktSv9pyjbaD2CeEcIQ==
content-type: application/javascript
x-goog-generation: 1580509793522946
cache-control: public, max-age=1800
x-goog-stored-content-length: 451579
cf-ray: 55f699693d7e96f2-FRA
expires: Mon, 03 Feb 2020 18:52:58 GMT

GET
H/1.1 200
OK fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
2 KB 96ms
24ms Script
application/javascript 212.71.236.117
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.71.236.117 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-212-71-236-117.london.nodebalancer.linode.com
Software: nginx/1.12.2 /
Resource Hash: affd87461f2babd57a2f7aec75e9193e8e71a377e8249a02c95a5f43326e289e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 18:57:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jul 2015 00:00:00 GMT
Server: nginx/1.12.2
ETag: "55a5a280-560"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: close
Content-Length: 1376
Expires: Mon, 03 Feb 2020 19:57:49 GMT

GET
H2 200 login_bg.png
www.bleepstatic.com/images/site/ 126 B
376 B 28ms
28ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/login_bg.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
cf-cache-status: HIT
age: 330094
cf-polished: origFmt=png, origSize=187
status: 200
content-disposition: inline; filename="login_bg.webp"
cf-bgj: imgq:85
content-length: 126
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 55f699691c42e688-LHR
expires: Sat, 29 Feb 2020 23:10:24 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin: https://www.bleepingcomputer.com

Response headers

date: Sat, 01 Feb 2020 11:35:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 198986
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Sun, 31 Jan 2021 11:35:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin: https://www.bleepingcomputer.com

Response headers

date: Fri, 31 Jan 2020 00:50:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 324099
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 0
expires: Sat, 30 Jan 2021 00:50:19 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 nav_bg.png
www.bleepstatic.com/images/site/ 72 B
234 B 33ms
33ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/nav_bg.png
Requested by: Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
cf-cache-status: HIT
age: 331097
cf-polished: origFmt=png, origSize=83
status: 200
content-disposition: inline; filename="nav_bg.webp"
cf-bgj: imgq:85
content-length: 72
last-modified: Sat, 04 Mar 2017 07:57:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 55f699692c89e688-LHR
expires: Sat, 29 Feb 2020 22:53:41 GMT

GET
H2 200 connatix.renderer.infeed.min_dc.js Show response
cdns.connatix.com/p/1882/min/ Frame 47F8 722 KB
189 KB 39ms
37ms Script
application/x-javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Requested by: Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3273b2097367a935a67aae72700bf31790831e30e37ff27150460fbd54975e73

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: gzip
age: 3256
x-cache: HIT, HIT
status: 200
content-length: 192765
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-dca17738-DCA, cache-hhn4074-HHN
last-modified: Mon, 03 Feb 2020 17:55:13 GMT
x-timer: S1580755918.270816,VS0,VE0
etag: "0bbe930b32c2989c3868db6cd5f9f159"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 2144

GET
H2 200 cmp.js Show response
quantcast.mgr.consensu.org/ 222 KB
60 KB 80ms
9ms Script
text/javascript 2600:9000:2057:5800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/cmp.js
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:5800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ef52af34aeee37e2e6433fdec511d86fe9f9ab816d0c6fc3b2fc5e419c438c2

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:46:32 GMT
content-encoding: gzip
last-modified: Mon, 06 Jan 2020 20:13:43 GMT
server: AmazonS3
age: 1684
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: CU5-AWs7Uy_2MMWmitpybOinqeTNXVV4k5XTD8U8fP_9HKuQPcXANQ==
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)

GET
H2 200 20x20-printer.png
www.bleepstatic.com/images/site/ 422 B
590 B 32ms
31ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/20x20-printer.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
cf-cache-status: HIT
age: 331951
cf-polished: origFmt=png, origSize=824
status: 200
content-disposition: inline; filename="20x20-printer.webp"
cf-bgj: imgq:85
content-length: 422
last-modified: Sat, 03 Oct 2015 03:18:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 55f699694cede688-LHR
expires: Sat, 29 Feb 2020 22:39:27 GMT

GET
H2 200 calendar.png
www.bleepstatic.com/images/site/ 86 B
397 B 31ms
30ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/calendar.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
cf-cache-status: HIT
age: 108675
cf-polished: origFmt=png, origSize=129
status: 200
content-disposition: inline; filename="calendar.webp"
cf-bgj: imgq:85
content-length: 86
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 55f699694cf1e688-LHR
expires: Tue, 03 Mar 2020 12:40:43 GMT

GET
H2 200 clock.png
www.bleepstatic.com/images/site/ 252 B
566 B 35ms
34ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/clock.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
cf-cache-status: HIT
age: 75747
cf-polished: origFmt=png, origSize=1316
status: 200
content-disposition: inline; filename="clock.webp"
cf-bgj: imgq:85
content-length: 252
last-modified: Fri, 29 May 2015 07:08:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 55f699694cf5e688-LHR
expires: Tue, 03 Mar 2020 21:49:31 GMT

GET
H2 200 comment-light.png
www.bleepstatic.com/images/site/ 96 B
290 B 31ms
30ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/comment-light.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
cf-cache-status: HIT
age: 329544
cf-polished: origFmt=png, origSize=1034
status: 200
content-disposition: inline; filename="comment-light.webp"
cf-bgj: imgq:85
content-length: 96
last-modified: Fri, 29 May 2015 07:08:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 55f699694cf8e688-LHR
expires: Sat, 29 Feb 2020 23:19:33 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin: https://www.bleepingcomputer.com

Response headers

date: Fri, 17 Jan 2020 17:12:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 1474782
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11180
x-xss-protection: 0
expires: Sat, 16 Jan 2021 17:12:16 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin: https://www.bleepingcomputer.com

Response headers

date: Fri, 17 Jan 2020 17:18:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 1474383
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11056
x-xss-protection: 0
expires: Sat, 16 Jan 2021 17:18:55 GMT

GET
H2 200 32x32-printer.png
www.bleepstatic.com/images/site/ 256 B
520 B 29ms
29ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/32x32-printer.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
cf-cache-status: HIT
age: 330667
cf-polished: origFmt=png, origSize=618
status: 200
content-disposition: inline; filename="32x32-printer.webp"
cf-bgj: imgq:85
content-length: 256
last-modified: Fri, 02 Oct 2015 21:57:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 55f699694d00e688-LHR
expires: Sat, 29 Feb 2020 23:00:51 GMT

GET
H2 200 71f54ec34151fbdfe89e478d7b6e5ddf.jpg
www.bleepstatic.com/author/photos/ 5 KB
5 KB 32ms
32ms Image
image/jpeg 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/author/photos/71f54ec34151fbdfe89e478d7b6e5ddf.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a6bfabe65ca353e4359be32e10d40b8b514590b536dd93499bc1067e4bf6329

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
cf-cache-status: HIT
age: 5910
cf-polished: origSize=6170, status=webp_bigger
status: 200
cf-bgj: imgq:85
content-length: 4965
last-modified: Wed, 02 Jan 2019 02:04:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 55f699694d05e688-LHR
expires: Fri, 13 Sep 2019 08:00:58 GMT

GET
H2 200 before-bg.png
www.bleepstatic.com/images/site/ 116 B
300 B 36ms
36ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/before-bg.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee9b2fe75e3a5637b840957e2f9aefedb394224a1846a731ad7ead76abf91d58

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
cf-cache-status: HIT
age: 329362
cf-polished: origFmt=png, origSize=1026
status: 200
content-disposition: inline; filename="before-bg.webp"
cf-bgj: imgq:85
content-length: 116
last-modified: Fri, 29 May 2015 07:08:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 55f699694d0ce688-LHR
expires: Sat, 29 Feb 2020 23:22:35 GMT

GET
H2 200 news-icon-01.png
www.bleepstatic.com/images/site/ 240 B
407 B 31ms
31ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/news-icon-01.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1af15b17fd7099b2d3a81a8b3aeffd94b26d2c1a58489c3903e11ec5a4896d3

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
cf-cache-status: HIT
age: 329362
cf-polished: origFmt=png, origSize=1204
status: 200
content-disposition: inline; filename="news-icon-01.webp"
cf-bgj: imgq:85
content-length: 240
last-modified: Fri, 29 May 2015 07:09:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 55f699694d10e688-LHR
expires: Sat, 29 Feb 2020 23:22:36 GMT

GET
H2 200 link-icon.png
www.bleepstatic.com/images/site/comments/ 494 B
660 B 29ms
28ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/comments/link-icon.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef3d32ea9a9fa05f8170d164890b55e15ce39157bb9ae7e96b047c1996d22a8b

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
cf-cache-status: HIT
age: 322621
cf-polished: origFmt=png, origSize=787
status: 200
content-disposition: inline; filename="link-icon.webp"
cf-bgj: imgq:85
content-length: 494
last-modified: Fri, 25 Sep 2015 17:29:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 55f699694d13e688-LHR
expires: Sun, 01 Mar 2020 01:14:57 GMT

GET
H2 200 h4-bg.png
www.bleepstatic.com/images/site/ 38 B
308 B 26ms
25ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/h4-bg.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
cf-cache-status: HIT
age: 331807
cf-polished: origFmt=png, origSize=72
status: 200
content-disposition: inline; filename="h4-bg.webp"
cf-bgj: imgq:85
content-length: 38
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 55f699697dc0e688-LHR
expires: Sat, 29 Feb 2020 22:41:51 GMT

GET
H2 200 news_email_icon.png
www.bleepstatic.com/images/site/ 126 B
498 B 25ms
25ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/news_email_icon.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a

Request headers

Referer: https://www.bleepstatic.com/css/redesign/home.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
cf-cache-status: HIT
age: 1013254
cf-polished: origFmt=png, origSize=1105
status: 200
content-disposition: inline; filename="news_email_icon.webp"
cf-bgj: imgq:85
content-length: 126
last-modified: Fri, 29 May 2015 07:10:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 55f699697dc1e688-LHR
expires: Sat, 22 Feb 2020 01:24:24 GMT

GET
H2 200 news_footer_icon.png
www.bleepstatic.com/images/site/ 110 B
257 B 28ms
27ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/news_footer_icon.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
cf-cache-status: HIT
age: 332279
cf-polished: origFmt=png, origSize=186
status: 200
content-disposition: inline; filename="news_footer_icon.webp"
cf-bgj: imgq:85
content-length: 110
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 55f699699e1ee688-LHR
expires: Sat, 29 Feb 2020 22:33:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 01:10:36 GMT
server: Golfe2
age: 1105
date: Mon, 03 Feb 2020 18:33:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17926
expires: Mon, 03 Feb 2020 20:33:33 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bleepingcomputer.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200131/r20190131/ 221 KB
83 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200131/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e690f18638c83525e33be4e49f8deeff36facbb6625f1cc60db0fc4aad7c2f25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84597
x-xss-protection: 0
server: cafe
etag: 18144207304837346261
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Feb 2020 18:51:58 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200131/r20190131/ Frame 17FF 0
0 6ms
5ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200131/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200131/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Fri, 31 Jan 2020 07:27:31 GMT
expires: Fri, 14 Feb 2020 07:27:31 GMT
content-type: text/html; charset=UTF-8
etag: 4350393549794053402
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6578
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 300267
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 Microsoft_Security_Intelligence.jpg
www.bleepstatic.com/content/hl-images/2019/11/07/ 64 KB
64 KB 31ms
31ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2019/11/07/Microsoft_Security_Intelligence.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb1007124f3d39e54bf351f37bb6f6239ade907a384964fe51bf14e12dfebb10

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
cf-cache-status: HIT
age: 1631212
cf-polished: qual=85, origFmt=jpeg, origSize=105218
status: 200
content-disposition: inline; filename="Microsoft_Security_Intelligence.webp"
cf-bgj: imgq:85
content-length: 65124
last-modified: Thu, 07 Nov 2019 21:47:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 55f6996a0fa8e688-LHR
expires: Fri, 14 Feb 2020 21:45:06 GMT

GET
H2 200 292x176_Coronavirus-Phishing_(2).jpg
www.bleepstatic.com/content/hl-images/2020/01/31/thumb/ 9 KB
9 KB 28ms
27ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2020/01/31/thumb/292x176_Coronavirus-Phishing_(2).jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e0211d5dea8bb654f84e725029eb04d5da912943af3fc207f7fd3b89fff44cf

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
cf-cache-status: HIT
age: 83900
cf-polished: qual=85, origFmt=jpeg, origSize=9568
status: 200
content-disposition: inline; filename="292x176_Coronavirus-Phishing_(2).webp"
cf-bgj: imgq:85
content-length: 8954
last-modified: Fri, 31 Jan 2020 23:11:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 55f6996a0fabe688-LHR
expires: Tue, 03 Mar 2020 19:33:37 GMT

GET
H2 200 292x176_spamhaus-phishing.jpg
www.bleepstatic.com/content/posts/2020/02/01/thumb/ 4 KB
4 KB 43ms
43ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/posts/2020/02/01/thumb/292x176_spamhaus-phishing.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b80abddb430ca9804d794bff7ab297089d2744b5ad364d2e6b0fcfd5bb8ccf5

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
cf-cache-status: HIT
age: 49911
cf-polished: qual=85, origFmt=jpeg, origSize=4712
status: 200
content-disposition: inline; filename="292x176_spamhaus-phishing.webp"
cf-bgj: imgq:85
content-length: 3744
last-modified: Sat, 01 Feb 2020 19:15:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 55f6996a0fb0e688-LHR
expires: Wed, 04 Mar 2020 05:00:07 GMT

GET
H2 200 jquery.fancybox.css
www.bleepstatic.com/js/redesign/fancybox/ 4 KB
1 KB 42ms
41ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 568203
cf-polished: origSize=4895
status: 200
cf-bgj: minify
last-modified: Wed, 14 Oct 2015 20:25:51 GMT
server: cloudflare
etag: W/"9108074"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 55f6996a0fb1e688-LHR
expires: Tue, 03 Mar 2020 05:01:55 GMT

GET
H2 200 font-awesome.css
www.bleepstatic.com/css/redesign/ 22 KB
5 KB 41ms
40ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/font-awesome.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 6171
cf-polished: origSize=26776
status: 200
cf-bgj: minify
last-modified: Tue, 03 May 2016 04:39:29 GMT
server: cloudflare
etag: W/"1700274315"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 55f6996a0fb3e688-LHR
expires: Thu, 07 Nov 2019 07:15:15 GMT

GET
H2 200 g Show response
ck.connatix.com/ 46 B
235 B 136ms
42ms Script
text/plain 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ck.connatix.com/g?callback=cnxJSONP_88cf080724d8d1eca5bb1580755918412
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 1efd7c56b531aabe0d2787b3e6434c4e83a138669a018df4fd544cd326486c34

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
via: 1.1 varnish
server: Varnish
age: 0
x-cache: HIT
status: 200
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-cache-hits: 0
accept-ranges: bytes
x-timer: S1580755919.523905,VS0,VE0
content-length: 46
retry-after: 0
x-served-by: cache-fra19166-FRA

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
455 B 103ms
34ms Image
image/x-icon 172.217.22.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f70.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 16:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8308
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 04 Feb 2020 16:33:30 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
103 B 14ms
14ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=1313324114&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&ul=en-us&de=UTF-8&dt=Microsoft%20Detects%20New%20TA505%20Malware%20Attacks%20After%20Short%20Break&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1673127820&gjid=1235039176&cid=80869316.1580755918&tid=UA-91740-1&_gid=1673321732.1580755918&_r=1&gtm=2ou1m0&z=441879302

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:51:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v28/ Frame 58F7 0
0 24ms
7ms Document
text/html 2600:9000:214f:a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v28/cmp-3pc-check.html
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: static.quantcast.mgr.consensu.org
:scheme: https
:path: /v28/cmp-3pc-check.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

status: 200
content-type: text/html
content-length: 583
last-modified: Mon, 06 Jan 2020 20:13:38 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Feb 2020 18:40:36 GMT
etag: "2382c3f01978a379e8fa8bc1a3bec605"
x-cache: Hit from cloudfront
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: B-a2Guepv7w9jjtmYClh8Vpm4xKIpsemfdMDo5I7P6eziEezoOJaag==
age: 1227

GET
H2 200 fontawesome-webfont.woff
www.bleepstatic.com/fonts/ 64 KB
64 KB 83ms
36ms Font
application/octet-stream 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepstatic.com/css/redesign/font-awesome.css
Origin: https://www.bleepingcomputer.com

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
cf-cache-status: HIT
last-modified: Thu, 23 Apr 2015 09:36:00 GMT
server: cloudflare
age: 5738
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
status: 200
accept-ranges: bytes
cf-ray: 55f6996aedb2ce4b-LHR
access-control-allow-origin: *
content-length: 65452

GET
H2 200 cmpui-popup.js Show response
static.quantcast.mgr.consensu.org/v28/ 229 KB
61 KB 8ms
7ms Script
text/javascript 2600:9000:214f:a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v28/cmpui-popup.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01c00d59c63921b2fe1e39ba741be020fd873448b7cd65507dd4caa7a557dfa9

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:47:55 GMT
content-encoding: gzip
last-modified: Mon, 06 Jan 2020 20:13:37 GMT
server: AmazonS3
age: 1114
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: auErGuW7FhiB6ivGARuFcDnA5aJfk0Qr5mLz9MI5ev9_NxWtgxoKSA==
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)

GET
H/1.1 200
OK cookie Show response
d.pub.network/ 36 B
472 B 480ms
115ms XHR
text/plain 35.188.71.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/cookie
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.71.188.35.bc.googleusercontent.com
Software: /
Resource Hash: f3c44f7e5e11084c0eca72906cc890b4202ac991c79bcbc3f31402d8b48cfcf1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:51:58 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 53 KB
16 KB 29ms
16ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92f68a8a0dc71834a9a64f183b40161f5aac79db51614ccd49a2406a222bc68b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "418 / 200 of 1000 / last-modified: 1580752542"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16144
x-xss-protection: 0
expires: Mon, 03 Feb 2020 18:51:58 GMT

GET
H/1.1 200
OK gallery.js Show response
freestar-io.videoplayerhub.com/ 92 KB
24 KB 180ms
44ms Script
application/javascript 143.204.214.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://freestar-io.videoplayerhub.com/gallery.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-2.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b2a0f1f28e439d402ee9cfc13203db8667a0c5dcfe53176268c0962f9ad82fe

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-version-id: 0hP8SMpyd5MlS6JgumuG_5Tka5wTbKi1
Content-Encoding: gzip
Last-Modified: Mon, 03 Feb 2020 17:45:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
Date: Mon, 03 Feb 2020 18:51:58 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 73f3a23156999272233949c078c30859.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: pjGSXPd3TgMhloPlq44Bsmeed7VgrRnJnotQAig_UJWBWR3eE8e7uA==

GET
H2 200 prebid-analytics-3.4.0.js Show response
a.pub.network/core/ 337 KB
103 KB 150ms
150ms Script
text/html 2606:4700:20::681a:18b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d9f4ce8e7af5088fb1f0c20f81143ec037d471f018cb3560548ba643aa85499

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: br
cf-cache-status: BYPASS
status: 200
x-guploader-uploadid: AEnB2UoQ4I9yNKhJOqQ4JG40TnqDC8ZqtciB5EzAfdIp2IFi0j6GuvWUbZPR4bpJwTs5xa46kNRsvzgVplPDStOmnyq3uAx4Xg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
last-modified: Tue, 28 Jan 2020 16:40:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=HV5fWw==, md5=shrW9zmrRoSRzYuht8+68w==
content-type: text/html
x-goog-generation: 1580229624254087
cache-control: private
x-goog-stored-content-length: 345065
cf-ray: 55f6996b380496f2-FRA
expires: Tue, 02 Feb 2021 18:51:58 GMT

GET
H/1.1 200
OK location Show response
d.pub.network/ 49 B
496 B 472ms
116ms XHR
application/json 35.188.71.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/location
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.71.188.35.bc.googleusercontent.com
Software: /
Resource Hash: 50bd812525c0b8bd3d27581e8a46a0f1d0281bcdfdaae770eb8e3e3677e7e5cd

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:51:59 GMT
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding: chunked
Content-Type: application/json

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 93 KB
17 KB 29ms
13ms XHR
application/json 2600:9000:214f:a800:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:a800:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 65e6427f490a96c4a8b363d5f70ce70cc29164e2753d3843d38be63ac5235c0a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

date: Thu, 30 Jan 2020 16:11:09 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 355250
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 30 Jan 2020 16:00:30 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: _S6gJy.jMlUF8_y25uPP970yGsIjDDI2
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf567.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA53-C1
content-type: application/json; charset=utf-8
x-amz-cf-id: Uua9mLox1HCb148Nlbpz-viLmPr7siiDFwnlPJ6ZUarCcQSUPUxuJw==

GET
H/1.1 200
OK moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 84ms
28ms Script
application/x-javascript 95.100.197.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 18:51:58 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Nov 2019 20:13:52 GMT
Server: AmazonS3
x-amz-request-id: D4240DA2AA46DA12
ETag: "f14b4e1f799b14f798a195f43cf58376"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=32112
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 948
x-amz-id-2: Fr7GkCibvNM2X1qKF6ZxSEYmqLUvxOjmKIPUt5OHHnaxUA9JpjKDPQYHIpQ1Y0JKoSZGAdm2N8k=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/ 2 KB
855 B 145ms
144ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/_ate.track.config_resp
Requested by: Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d23d10111755a12c87198df1c71cce449de31eca9643030c6327a2157f9bd86

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: gzip
etag: -1659864586--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=39, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 678

GET
H2 200 pls Show response
core.connatix.com/ Frame 47F8 6 KB
3 KB 322ms
109ms Script
text/plain 54.88.18.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://core.connatix.com/pls?callback=jQuery32106858919465954239_1580755918409&token=83c6e833-8c07-474c-b10f-079d46320a80&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&c_v=1882_1_0_0_0&page_guid=5c5b8929a26be617e8241580755918674&spp=1&_=1580755918410
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.18.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-18-195.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: ec9b07d5c356ecb069035639c098bb093a59449ca3a712a6cb337836e7d714c5

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: gzip
server: nginx/1.15.9 (Ubuntu)
access-control-allow-origin: *

GET
H2 200 pubads_impl_2020012701.js Show response
securepubads.g.doubleclick.net/gpt/ 167 KB
61 KB 127ms
43ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

d1c7f856b2634d01853b4e1496651fb5a7cd9c95ad90f6dfc8959e415268c240

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Jan 2020 14:06:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62184
x-xss-protection: 0
expires: Mon, 03 Feb 2020 18:51:58 GMT

GET
H2 404 CookieAccess Show response
api.quantcast.mgr.consensu.org/ 30 B
595 B 243ms
155ms XHR
application/json 13.35.253.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.quantcast.mgr.consensu.org/CookieAccess
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-57.fra6.r.cloudfront.net
Software: /
Resource Hash: 5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

date: Mon, 03 Feb 2020 18:51:58 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amzn-requestid: 90a76dfa-5c33-4420-974f-1a09743e4bc2
x-cache: Error from cloudfront
status: 404
x-amz-apigw-id: HVXIVFvgIAMFWbA=
content-length: 50
access-control-allow-origin: https://www.bleepingcomputer.com
x-amzn-trace-id: Root=1-5e386bce-93a6f70c0e040534aa118f80;Sampled=0
vary: Origin
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
x-amz-cf-id: Gxy5sbQMD6Oeg_LcoCAtCurGWazbJKsUi3ZMcLtv0LdVDQhfU30-iw==

GET
H2 200 layers.ab5cd98fe1b9a38a4a9f.js Show response
s7.addthis.com/static/ 263 KB
76 KB 41ms
36ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Mon, 03 Feb 2020 18:51:58 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77528

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 87 KB
25 KB 196ms
73ms Script
application/javascript 143.204.213.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.213.153 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-213-153.fra53.r.cloudfront.net
Software: Server /
Resource Hash: 59b3d33f2fd94ea19425841c32e2fbfdfb82f3a8d7afabff60fc62737e918ac0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:27:28 GMT
content-encoding: gzip
server: Server
age: 1470
etag: bdd7a7c8657eec84539eff429805b578
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: bXykLK4wUSoIpZHnnIvx3O_wLFMiC7ph746dTSJwfdexjrUQL5V04g==
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)

POST
H/1.1 200
OK cookie_sync Show response
prebid.pub.network/ 187 B
404 B 488ms
115ms XHR
application/json 35.226.134.247
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.pub.network/cookie_sync
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.226.134.247 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 247.134.226.35.bc.googleusercontent.com
Software: /
Resource Hash: 0f26954e59757f573c709bcabe82328c10ea5f250fe6a48082eaea2e116bbb8f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
Content-Type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 123
Expires: 0

POST
H/1.1 200
OK auction Show response
prebid.pub.network/openrtb2/ 147 B
433 B 547ms
173ms XHR
application/json 35.226.134.247
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.pub.network/openrtb2/auction
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.226.134.247 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 247.134.226.35.bc.googleusercontent.com
Software: /
Resource Hash: 609459a6a1f7293661ad7d407b5522fb2211ef2accf747503c29bcf4f9d2e7ef

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
Content-Type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 152
Expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
483 B 671ms
584ms XHR
application/json 35.157.40.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=3.4.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&tmax=1200

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.40.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-40-44.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:51:59 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
447 B 122ms
60ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 03 Feb 2020 18:51:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 55f6996dabede5e8-LHR
access-control-allow-headers: origin, content-type

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
39 B 132ms
70ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 03 Feb 2020 18:51:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 55f6996dabefe5e8-LHR
access-control-allow-headers: origin, content-type

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 728 B
1 KB 171ms
102ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

da4733da023951de3691cf82030db2cfc45dacb09f735567ad4b7fc0bf5f4e89

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:01 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.253:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9d94a0b6-de98-45c5-90a9-4503410bdfaf
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 153ms
69ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=53e49ec5a05bb8e&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:51:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 160ms
77ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=wDH8n844o8J5LF7qDwHQ7sj5&bidId=5481c7e75818a38&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:51:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 174ms
91ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&bidId=5565d27c0116d8e&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:51:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 149ms
66ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=560888c9d93a412&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:51:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 177ms
94ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=wDH8n844o8J5LF7qDwHQ7sj5&bidId=57d1808b79b4101&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:51:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 176ms
93ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&bidId=58376713dcde7b9&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:51:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 174ms
92ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=DSthphoQqH66AkQXPDoXn74b&bidId=59bf2f4ab39142d&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:51:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 177ms
95ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Y2PwNBba8FyKXESSc72DFF25&bidId=60520731b49e59a&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:51:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 176ms
94ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&bidId=6118c6c7ebdd94d&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:51:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 173ms
91ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=DSthphoQqH66AkQXPDoXn74b&bidId=62c5ed231e59e04&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:51:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 152ms
71ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Y2PwNBba8FyKXESSc72DFF25&bidId=63c6da4037e394c&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:51:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 161ms
79ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&bidId=6416aef02b33255&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:51:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 126ms
44ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=65c684562de11c1&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:51:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 143ms
62ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Ggh1aXSgpQAvBpkxoyAsBJPd&bidId=66b24510c4dfbdc&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:51:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 174ms
93ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=DSthphoQqH66AkQXPDoXn74b&bidId=67fc2c6711da376&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:51:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 176ms
95ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Y2PwNBba8FyKXESSc72DFF25&bidId=682df82ec722fc3&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:51:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 143ms
63ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&bidId=6982018ca7ab5b2&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:51:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 11 KB
8 KB 320ms
189ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&tk_flint=pbjs_lite_v3.4.0&x_source.tid=ecf7750c-4570-431a-88a0-bb6f2d057f54&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6645245902057262
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 334333b4898686ffe1b613764c506f10d1d6c0e96f25972ef4e1471d4f73cf66

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:51:59 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=384
Content-Length: 6184
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 11 KB
8 KB 359ms
224ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&tk_flint=pbjs_lite_v3.4.0&x_source.tid=279bae4a-2022-497e-b3af-75cbdbeae35e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.016572633284407612
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: b120b96c3b7dc8f3c5535263f471b596012ffc565e1e9db36ff87dd81f20c9b4

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:51:59 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=309
Content-Length: 6183
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 11 KB
8 KB 305ms
166ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&tk_flint=pbjs_lite_v3.4.0&x_source.tid=d38ea8f8-217a-4cb5-99ae-fc7adcf15188&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7341330152996834
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: b5793cdeaa96960277998a57b22428aa38bab7897877626efe8491ffafef954e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:51:59 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=303
Content-Length: 6151
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 11 KB
8 KB 287ms
148ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&tk_flint=pbjs_lite_v3.4.0&x_source.tid=da160e62-3590-4b11-bb54-e0926d2555dd&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5696199155008592
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 0c5889d72d723466b235c959a5cbe3ca215ce5ac630ddcc69194f7e6a812f164

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:51:59 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=387
Content-Length: 6183
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 11 KB
8 KB 512ms
224ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&tk_flint=pbjs_lite_v3.4.0&x_source.tid=51852c79-2b48-4b24-8354-901d85b20acc&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.06491389625556954
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 161dfdf807ac9a78d58914e749ca5ce81c0753326f7df90970cef2c2b27f79ba

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:51:59 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=436
Content-Length: 6138
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 11 KB
8 KB 485ms
180ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&tk_flint=pbjs_lite_v3.4.0&x_source.tid=b51a4ec4-7c02-4491-9a1a-06031890eb0e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5923256980864169
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 607925ab8d33c36088098c4a47782c520d1fbb59245c946a13b21a41e42403f8

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:51:59 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=244
Content-Length: 6181
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 716 B
1 KB 129ms
61ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

bf20ecb036b80d6a81fa50404450290977c41d5d5469efb0b1d5ce4b8bc10fab

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:01 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.113:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c05ce4b8-a67a-4fad-8db7-987a981a0da2
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 7 KB
7 KB 211ms
150ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 61c53dd1cb4eca011e50099a396f2c295467567da20a0c2ba1bd785d8132a9e8

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
x-openrtb-version: 2.3
access-control-allow-credentials: true
date: Mon, 03 Feb 2020 18:51:59 GMT
content-type: application/json

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
998 B 288ms
210ms XHR
application/json 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%22987b1172c0bde95%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2299774734d3a2b83%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22100b7030776aa8ea%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221019a1b82b4bfa23%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221028ffc2f45c9785%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22103c3f8c7ac3ec11%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2210466973c5527e51%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2210527170904f140a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22106701e80633d2bf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2210719bf789d6db4c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221082398e69472557%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22109f218ab907e51%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2211098a74c924ed2d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221111426a4fd32ed%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 21ea4c803a880cb155e7a41f4806c66ae13e47697604741ea9ae4629256965b5

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:51:59 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Mon, 03 Feb 2020 18:51:59 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14058cbedbfee68b;misc=1580755918923 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=14058cbedbfee68b;misc=1580755918923;
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14058cbedbfee68b;misc=1580755918923

0
-1 B

1208ms
110ms

XHR

152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14058cbedbfee68b;misc=1580755918923
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:00 GMT
server: nginx
access-control-allow-origin: https://www.bleepingcomputer.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14058cbedbfee68b;misc=1580755918923
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:00 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14058cbedbfee68b;misc=1580755918923
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14163fe21592e06d;misc=1580755918923 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=14163fe21592e06d;misc=1580755918923;
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14163fe21592e06d;misc=1580755918923

0
-1 B

1212ms
114ms

XHR

152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14163fe21592e06d;misc=1580755918923
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:00 GMT
server: nginx
access-control-allow-origin: https://www.bleepingcomputer.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14163fe21592e06d;misc=1580755918923
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:00 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14163fe21592e06d;misc=1580755918923
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET ADTECH;v=2;cmd=bid;cors=yes;alias=1429c9e7b4f57545;misc=1580755918923;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ 0
0

GET
H2

302

ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14303ad63f99a8cf;misc=1580755918923 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=14303ad63f99a8cf;misc=1580755918923;
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14303ad63f99a8cf;misc=1580755918923

0
-1 B

1203ms
105ms

XHR

152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14303ad63f99a8cf;misc=1580755918923
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:00 GMT
server: nginx
access-control-allow-origin: https://www.bleepingcomputer.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14303ad63f99a8cf;misc=1580755918923
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:00 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14303ad63f99a8cf;misc=1580755918923
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET ADTECH;v=2;cmd=bid;cors=yes;alias=144ef65dce0ad179;misc=1580755918923;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ 0
0

GET
H2

302

ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1458b35aecffacf1;misc=1580755918923 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1458b35aecffacf1;misc=1580755918923;
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1458b35aecffacf1;misc=1580755918923

0
-1 B

1203ms
106ms

XHR

152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1458b35aecffacf1;misc=1580755918923
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:00 GMT
server: nginx
access-control-allow-origin: https://www.bleepingcomputer.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1458b35aecffacf1;misc=1580755918923
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:00 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1458b35aecffacf1;misc=1580755918923
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1460e0ed0d4bd21e;misc=1580755918923 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1460e0ed0d4bd21e;misc=1580755918923;
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1460e0ed0d4bd21e;misc=1580755918923

0
-1 B

1202ms
106ms

XHR

152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1460e0ed0d4bd21e;misc=1580755918923
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:00 GMT
server: nginx
access-control-allow-origin: https://www.bleepingcomputer.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1460e0ed0d4bd21e;misc=1580755918923
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:00 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1460e0ed0d4bd21e;misc=1580755918923
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET ADTECH;v=2;cmd=bid;cors=yes;alias=147dda570b13c986;misc=1580755918923;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=148980a5a9743262;misc=1580755918923;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=149ea1b295f68431;misc=1580755918923;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ 0
0

GET
H2

302

ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1509796e3cb0f526;misc=1580755918923 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1509796e3cb0f526;misc=1580755918923;
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1509796e3cb0f526;misc=1580755918923

0
-1 B

1206ms
110ms

XHR

152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1509796e3cb0f526;misc=1580755918923
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:00 GMT
server: nginx
access-control-allow-origin: https://www.bleepingcomputer.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1509796e3cb0f526;misc=1580755918923
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:00 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1509796e3cb0f526;misc=1580755918923
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=151c9587d69ab123;misc=1580755918923 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=151c9587d69ab123;misc=1580755918923;
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=151c9587d69ab123;misc=1580755918923

0
-1 B

1205ms
110ms

XHR

152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=151c9587d69ab123;misc=1580755918923
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:00 GMT
server: nginx
access-control-allow-origin: https://www.bleepingcomputer.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=151c9587d69ab123;misc=1580755918923
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:00 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=151c9587d69ab123;misc=1580755918923
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET ADTECH;v=2;cmd=bid;cors=yes;alias=152913fe39fe2a4d;misc=1580755918923;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ 0
0

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 532 B
723 B 40ms
14ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: c841942e68758e8657b77836d05dd53abca7af201209ae98df4ae3446ad06257

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:51:58 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 532
expires: 0

GET arj
freestar-d.openx.net/w/1.0/ 0
0

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/d5CEaYYEzMwqV3dGpQ3IFjCM27s/gpt_and_prebid/ 170 KB
36 KB 1170ms
53ms Script
text/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/d5CEaYYEzMwqV3dGpQ3IFjCM27s/gpt_and_prebid/config.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7b0f8b6aaaf95652ad550739ac8e7e97d59c8633412290547fb807487a81b73

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 18:52:00 GMT
Content-Encoding: gzip
Age: 1555
X-Cache: HIT
Connection: keep-alive
Content-Length: 35850
x-amz-id-2: qVFu8LWzbDm2Oa0eoxWtsVdqviX0OnzGRoPOUcjz+xDPaHjhDit2LKNSvpb2gCI7LnMCwzASnyk=
X-Served-By: cache-hhn4054-HHN
Last-Modified: Mon, 03 Feb 2020 18:17:00 GMT
Server: AmazonS3
X-Timer: S1580755920.076653,VS0,VE0
ETag: "9973d77149b65fcc9efd172545d40a46"
x-amz-request-id: E8F6CA1D2E22B8B4
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 88

GET
H/1.1 200
OK v2 Show response
d.pub.network/floors/ 2 KB
2 KB 208ms
117ms XHR
application/json 35.188.71.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/floors/v2?key=535desktop
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.71.188.35.bc.googleusercontent.com
Software: /
Resource Hash: 6be98913504e67a45275ad901ee77ce807e3feb3946ba25ecec7576702267cd9

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:51:59 GMT
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding: chunked
Content-Type: application/json

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8EF6 0
0 65ms
65ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1580577649&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1580755918378&bpp=6&bdt=294&fdt=119&idt=119&shv=r20200131&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=197018818604&frm=20&pv=2&ga_vid=441282633.1580755919&ga_sid=1580755919&ga_hid=1313324114&ga_fc=0&iag=0&icsg=598134369558528&dssz=50&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304&oid=3&pvsid=4310104344317423&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=630

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200131/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1580577649&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1580755918378&bpp=6&bdt=294&fdt=119&idt=119&shv=r20200131&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=197018818604&frm=20&pv=2&ga_vid=441282633.1580755919&ga_sid=1580755919&ga_hid=1313324114&ga_fc=0&iag=0&icsg=598134369558528&dssz=50&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065304&oid=3&pvsid=4310104344317423&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=630
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 03 Feb 2020 18:51:59 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 03-Feb-2020 19:06:59 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Mon, 03 Feb 2020 18:51:59 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200131/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

060cdd9e9505aabff86edab8e74ad408f4f643f81e9287e4bb6126dcf83eb876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580473671631125"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28006
x-xss-protection: 0
expires: Mon, 03 Feb 2020 18:51:59 GMT

GET
DATA 200
OK truncated
/ 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK g Show response
rtb.connatix.com/ 91 B
293 B 418ms
103ms Script
text/plain 52.45.66.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.connatix.com/g?c_pw=834&c_ph=469&c_tk=414C33DE-F293-46CF-ABF8-135274D262E2&c_bu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&c_ivt=0&connatix_sess=LsQnVzyTYZdmv708EzaIXlnr4OWwm0vE_nl5D0POR2PgbOte6iDU4pMLbHel09vyFDJdWQiZKo0ieIWsKKvDQT_YlCFu5IZhvh8dUnDNVnUj8G8NC4zgKMZlRqIPHfBF5c4Byyc-Z_Ode3Fo5yreaeUjP8itdU2ocZgWZ_PlI1KdMlsos-fOBU_125LKN0gl&notServed=false&xplr=false&c_s=false&c_pl=W6UwCaIyrnWnOF1A9Q-b1OiAbnZ0aRL0idvwkcl4LdWtCMOeOL0Xn63QkMwyfM4nUn1f8Nm_AI0lZB5MhoUJ2JYA_bVeN5ELeCl0R6YAgMP4vFvEJuvC7Oh8IWVUuuPd-QxDProVkuHdhYEFT0hDGVMu8thITKaHscvRsKi3K-apkE3OENP5ecVL2I5OZWUsrLQpMXu7ZSpDk6Z0h7m3tuF30qZJtr1OZtUP3gpXfmJbXm3vop8scwayc6EiTZzTmY6_HviXe0bBShP3-o_hvw&gdpr=1&is_ccpa_b=false&med_id=639404&req_no=0&v=1&c_pt=1&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-sho&c_v=1882_1_0_0_0&spp=1&callback=cnxJSONP_be6adfcf10ccbd5bbda71580755919049
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.66.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-66-51.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: 83629ee4253b5e8e53b5633fe03e7a421bb9ec5a6e38fc0f18fe9c4c197a1ab8

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Feb 2020 18:51:59 GMT
Content-Encoding: gzip
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 105

GET
H2 200 381.jpg
i.connatix.com/s3/connatix-uploads/af391ba1-47b0-4ff1-87cb-08a6df11845f/ 76 KB
76 KB 49ms
47ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/af391ba1-47b0-4ff1-87cb-08a6df11845f/381.jpg?mode=stretch&connatiximg=true&scale=both&height=469&width=834
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dfe59cdcc0dc18e5dbae92ed9508bb5b57d6944dbdb25e3e0c256491cc450c49

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 62562
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 2, 22
accept-ranges: bytes
x-timer: S1580755919.067095,VS0,VE0
access-control-allow-origin: *
content-length: 77565
x-served-by: cache-sjc10047-SJC, cache-hhn4074-HHN

GET
H2 200 1.jpg
i.connatix.com/s3/connatix-uploads/c82f45a4-5105-45d1-aee9-d91e1ab1d1ea/ 97 KB
97 KB 43ms
42ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/c82f45a4-5105-45d1-aee9-d91e1ab1d1ea/1.jpg?mode=crop&width=1001&height=563
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c49b60c1e4b12c26a8ca26a4f921c751101effb434e42fdb5e585cf591b88e01

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 62563
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 1, 2
accept-ranges: bytes
x-timer: S1580755919.066868,VS0,VE0
access-control-allow-origin: *
content-length: 98845
x-served-by: cache-sjc10028-SJC, cache-hhn4074-HHN

GET
H2 200 1.jpg
i.connatix.com/s3/connatix-uploads/6545a11b-d91f-4400-b5df-a44eb9d85100/ 20 KB
20 KB 43ms
42ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/6545a11b-d91f-4400-b5df-a44eb9d85100/1.jpg?mode=crop&width=1001&height=563
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4975d58a5aed094680122b519c44c892c91ae9d9b0e33cd2b7b777fff6f9b806

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 62562
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 2, 2
accept-ranges: bytes
x-timer: S1580755919.067110,VS0,VE0
access-control-allow-origin: *
content-length: 20277
x-served-by: cache-sjc10035-SJC, cache-hhn4074-HHN

GET
H2 200 1.jpg
i.connatix.com/s3/connatix-uploads/fbe9d20d-d894-4578-9b13-d12a38b3d21d/ 25 KB
25 KB 59ms
58ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/fbe9d20d-d894-4578-9b13-d12a38b3d21d/1.jpg?mode=crop&width=1001&height=563
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 35a41ffc650013a5d32ac841b8be273b7a85a38681119143f3009b0104768b53

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 149195
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 1, 2
accept-ranges: bytes
x-timer: S1580755919.068047,VS0,VE0
access-control-allow-origin: *
content-length: 25535
x-served-by: cache-sjc10042-SJC, cache-hhn4074-HHN

GET
H2 200 1.jpg
i.connatix.com/s3/connatix-uploads/fe18d32f-6dfc-414e-92a5-7c7a5522643e/ 61 KB
61 KB 43ms
42ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/fe18d32f-6dfc-414e-92a5-7c7a5522643e/1.jpg?mode=crop&width=1001&height=563
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2b9639929d5fe08539490bbe05b2e2d348c6924b1329d48b26dddfbb8a678fde

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 149195
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 1, 2
accept-ranges: bytes
x-timer: S1580755919.067110,VS0,VE0
access-control-allow-origin: *
content-length: 62586
x-served-by: cache-sjc10021-SJC, cache-hhn4074-HHN

GET
H2 200 1.jpg
i.connatix.com/s3/connatix-uploads/101f649a-2f67-4bad-bf5c-dbd77f479758/ 52 KB
52 KB 65ms
64ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/101f649a-2f67-4bad-bf5c-dbd77f479758/1.jpg?mode=crop&width=1001&height=563
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c2b3b8e710bb657c06e9d5c969939dae7a40371f5d3210c6390e5161bfea44b6

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 235823
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 1, 2
accept-ranges: bytes
x-timer: S1580755919.068065,VS0,VE0
access-control-allow-origin: *
content-length: 53244
x-served-by: cache-sjc10040-SJC, cache-hhn4074-HHN

GET
H2 200 bleeping-computerlogo-lg.png
www.bleepstatic.com/logos/ 7 KB
7 KB 31ms
31ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/logos/bleeping-computerlogo-lg.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a56e644a617b2d1e4e7d808dfc334a7ea8622979f22999dc9eccd21c61958b3

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:59 GMT
cf-cache-status: HIT
age: 1015342
cf-polished: origFmt=png, origSize=15281
status: 200
content-disposition: inline; filename="bleeping-computerlogo-lg.webp"
cf-bgj: imgq:85
content-length: 7156
last-modified: Wed, 07 Jan 2015 22:52:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 55f6996e2b4ee688-LHR
expires: Sat, 22 Feb 2020 00:49:37 GMT

GET
H2 200 0_th_1.jpg
i.connatix.com/s3/connatix-videos/af391ba1-47b0-4ff1-87cb-08a6df11845f/ Frame 47F8 23 KB
23 KB 38ms
38ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-videos/af391ba1-47b0-4ff1-87cb-08a6df11845f/0_th_1.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c3034d0370c5faa09e7a8d7b0c48925afa0371cf17e4827dde23059f56019dae

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 13806137
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 1, 2
accept-ranges: bytes
x-timer: S1580755919.116286,VS0,VE0
access-control-allow-origin: *
content-length: 23507
x-served-by: cache-sjc3139-SJC, cache-hhn4074-HHN

GET
H2 200 beacon.js Show response
ad-delivery.net/ 1 KB
986 B 131ms
40ms Script
application/x-javascript 13.35.253.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-delivery.net/beacon.js
Requested by: Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-87.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 31 Jan 2017 15:06:54 GMT
server: AmazonS3
age: 1858
date: Mon, 03 Feb 2020 18:21:13 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: ozHbSafK3x_PQ-mLukGgkSVoFmcFaykhb78u1ejkS52Sjj4EAv4xrw==
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 914ms
227ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2439e13f23fd3513bb4ef8d4b8886d7169c35d8f77764857c6ffa4476f36b6f5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:51:59 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 908

GET
H/1.1 200
OK r
trk.connatix.com/ Frame 47F8 0
162 B 394ms
97ms Image
text/plain 3.213.93.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/r?connatix_sess=LsQnVzyTYZdmv708EzaIXlnr4OWwm0vE_nl5D0POR2PgbOte6iDU4pMLbHel09vyFDJdWQiZKo0ieIWsKKvDQT_YlCFu5IZhvh8dUnDNVnUj8G8NC4zgKMZlRqIPHfBF5c4Byyc-Z_Ode3Fo5yreaeUjP8itdU2ocZgWZ_PlI1KdMlsos-fOBU_125LKN0gl&videoID=639404&c_pl=W6UwCaIyrnWnOF1A9Q-b1OiAbnZ0aRL0idvwkcl4LdWtCMOeOL0Xn63QkMwyfM4nUn1f8Nm_AI0lZB5MhoUJ2JYA_bVeN5ELeCl0R6YAgMP4vFvEJuvC7Oh8IWVUuuPd-QxDProVkuHdhYEFT0hDGVMu8thITKaHscvRsKi3K-apkE3OENP5ecVL2I5OZWUsrLQpMXu7ZSpDk6Z0h7m3tuF30qZJtr1OZtUP3gpXfmJbXm3vop8scwayc6EiTZzTmY6_HviXe0bBShP3-o_hvw&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-sho&c_v=1882_1_0_0_0&spp=1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.93.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-93-144.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Feb 2020 18:51:59 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
377 B 75ms
75ms XHR
text/javascript 143.204.213.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&pid=E2u7FRqzotUPW&cb=0&ws=1600x1200&v=7.46.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_1%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%22%7D%5D&cfgv=0&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprc=null&gdprl=%7B%22status%22%3A%22cmp-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.213.153 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-213-153.fra53.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

date: Mon, 03 Feb 2020 18:51:59 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA53-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: w5XcpJH9R8auwWbP-fO5rFIeLoygM-2p-LVmRQYGoVsbj9c-JObI6w==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 214ms
133ms XHR
application/javascript 143.204.213.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.213.153 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-213-153.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

date: Mon, 03 Feb 2020 18:52:00 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2020 04:09:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
status: 200
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: public, max-age=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 9cVtWjJBWUII4jxYdLN7N2Tdvn_cbFJ_smm4LE_FcsqG6znA8db--g==
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)

GET
H2 200 / Show response
audit.quantcast.mgr.consensu.org/ 80 B
487 B 378ms
44ms XHR
text/html 143.204.214.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit.quantcast.mgr.consensu.org/?log=;1580755919209;BleepingComputer.com;https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F;;;;;p,off,false,,1,en,28,186,true,false,false;displayConsentUi:mandatory,
Requested by: Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v28/cmpui-popup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-119.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

date: Mon, 03 Feb 2020 12:13:47 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
vary: Origin
age: 23893
x-cache: Hit from cloudfront
status: 200
content-length: 80
last-modified: Mon, 11 Jun 2018 22:07:34 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: Zz_kJ7tJAHMrnVN6SGZCngrpmjWqEezqwEUKwsy_KNvIQfsVe3KGEA==

GET
H/1.1 200
OK jquery.color-2.1.2.min.js Show response
cluster-na.cdnjquery.com/color/ 95 B
359 B 479ms
166ms Script
text/javascript 52.1.207.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cluster-na.cdnjquery.com/color/jquery.color-2.1.2.min.js?integrity=btjsonpcallback1580755919527&checksum=%7B%22cbc%22%3A0%2C%22st%22%3A2%2C%22au%22%3A%5B%5D%2C%22hau%22%3A%5B%5D%2C%22ref%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F%22%2C%22aa%22%3A3%2C%22pgid%22%3A%2241c533b9-46b6-11ea-910d-68e2e87d242f%22%2C%22v%22%3A1%2C%22format%22%3A%22jsonp%22%7D&o=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&csVersion=1.21.31&clearThroughOptions=undefined

Requested by

Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.1.207.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-207-152.compute-1.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

e2e25d3b5d2ed72689112be4f7a566a7d2dbffc28c509d4bfdb81605afbff6cd

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 18:51:59 GMT
Content-Encoding: gzip
Server: nginx/1.12.1
ETag: W/"5f-X0dB4wJIWzOx5ea1UEe0iaku4jg"
X-Frame-Options: DENY
Content-Type: text/javascript; charset=utf-8
Charset: utf8
Connection: keep-alive
Content-Length: 87

GET
H2 200 px.gif
ad-delivery.net/ 43 B
385 B 39ms
39ms Image
image/gif 13.35.253.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.1310884158803396
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-87.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2017 18:59:05 GMT
server: AmazonS3
age: 73750
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
x-cache: Hit from cloudfront
content-type: image/gif
status: 200
date: Mon, 03 Feb 2020 11:59:19 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 43
x-amz-cf-id: 3lNT6PFUE10BqcGnKfjolwGv6qjkQQGznm4kyGRCbdvn-RRlxtTJoQ==

GET
H2 200 48.008759e9efe1c1b693dd.js Show response
s7.addthis.com/static/ 281 B
486 B 46ms
46ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/48.008759e9efe1c1b693dd.js

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-119"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Mon, 03 Feb 2020 18:51:59 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 246

GET
H2 200 / Show response
graph.facebook.com/ 309 B
418 B 65ms
53ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_ehmw0

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bb330af7727353ce81576a3b251445f2aacca1fa9d3fc2a581993addac0a2259

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
date: Mon, 03 Feb 2020 18:51:59 GMT, Mon, 03 Feb 2020 18:51:59 GMT
x-fb-rev: 1001668132
alt-svc: h3-24=":443"; ma=3600
content-length: 215
pragma: no-cache
x-fb-debug: l7gbnrkIt6kX5yl/lyAzC/5xl0U8hCb346kHj28vAEEMRNkbX6nxGx+jYqjpOMOqmcYbkm5TQVhrgVthJu6yKw==
x-fb-trace-id: Gmp2zoM6kEI
etag: "00a45165f8e996a93922105b4562d3860f831dcb"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: ALKNRTXSfHV4tZgotaScVOv
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.12
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 info.json Show response
www.reddit.com/api/ 126 B
699 B 241ms
165ms Script
application/javascript 151.101.113.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&jsonp=_ate.cbs.rcb_1cz90

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

7b7913bb1cd795008d5d324c61cb3cd49e473919c52ffa8c575cf445559c70e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:59 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
status: 200
x-cache-hits: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 126
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4061-HHN
x-moose: majestic
server: snooserv
x-timer: S1580755920.784430,VS0,VE129
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
expires: -1

GET
H2 200 / Show response
graph.facebook.com/ 149 B
605 B 54ms
42ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_9gd30

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67780bbf59e0d2c0aeb5bd001c65026fcfdb4f9c603ab4179f55bead75d36219

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
date: Mon, 03 Feb 2020 18:51:59 GMT, Mon, 03 Feb 2020 18:51:59 GMT
x-fb-rev: 1001668132
alt-svc: h3-24=":443"; ma=3600
content-length: 149
pragma: no-cache
x-fb-debug: NEWdCnzWQU8jJRKAk3kKpAoljj+KKZvpakDLEzSi/2KD99BxtwyWngoG1tC2LeXy/5eoagIUnIuSdNS205WT+Q==
x-fb-trace-id: BMgSAHH7N9o
etag: "f88ce99a8c0a1d071736d2763a220a203a57900f"
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AORPJr3A6V8X1Nmx8YIlyxb
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.12
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 info.json Show response
www.reddit.com/api/ 126 B
259 B 257ms
181ms Script
application/javascript 151.101.113.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&jsonp=_ate.cbs.rcb_5qoy0

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

3ad93ac2156560b8da0dd71e9817a8f4bc29f1c9eb50598f8aa9dd9f7d0b238e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:51:59 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
status: 200
x-cache-hits: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 126
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4061-HHN
x-moose: majestic
server: snooserv
x-timer: S1580755920.784439,VS0,VE144
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
expires: -1

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 71C4 421 KB
94 KB 105ms
38ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:00 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755920.dop101.lo4.t,1580755920.cds250.lo4.hn,1580755920.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902504
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 144 KB
20 KB 1712ms
1711ms XHR
text/plain 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4310104344317423&correlator=2728725232100946&output=ldjh&impl=fifs&adsid=NT&eid=21065399%2C21065304&vrg=2020012701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200203&iu_parts=15184186%2Cbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_300x250_300x600_160x600_Right_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_1x1%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%2C1x1%2C300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2%26freestar_path%3D%252Fnews%252Fsecurity%252Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%252F%26freestar_domain%3Dbleepingcomputer.com%26fs_safeframe%3Dfalse%26custom_bidder_size%3Drubicon_728x90%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D156b1d44e673e2b6%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%26freestar_path%3D%252Fnews%252Fsecurity%252Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%252F%26freestar_domain%3Dbleepingcomputer.com%26fs_safeframe%3Dfalse%26custom_bidder_size%3Drubicon_728x90%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D15738d17f579ce0c%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%26freestar_path%3D%252Fnews%252Fsecurity%252Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%252F%26freestar_domain%3Dbleepingcomputer.com%26fs_safeframe%3Dfalse%26custom_bidder_size%3Drubicon_300x600%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.00%26hb_adid%3D15522cb08f70a41d%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%26freestar_path%3D%252Fnews%252Fsecurity%252Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%252F%26freestar_domain%3Dbleepingcomputer.com%26fs_safeframe%3Dfalse%26custom_bidder_size%3Drubicon_300x250%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.02%26hb_adid%3D154f9ce169c10894%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%26freestar_path%3D%252Fnews%252Fsecurity%252Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%252F%26freestar_domain%3Dbleepingcomputer.com%26fs_safeframe%3Dfalse%26custom_bidder_size%3Drubicon_728x90%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D159059145e569233%26hb_bidder%3Drubicon%7C%7Camznbid%3D2%26amznp%3D2%26freestar_path%3D%252Fnews%252Fsecurity%252Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%252F%26freestar_domain%3Dbleepingcomputer.com%26fs_safeframe%3Dfalse%26custom_bidder_size%3Drubicon_300x250%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_adid%3D158cff4d08de34a6%26hb_bidder%3Drubicon&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1580577649&dt=1580755920119&dlt=1580755918083&idt=793&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C436%2C1082%2C1082%2C268%2C800%2C1082&adys=146%2C6532%2C327%2C1136%2C4824%2C7038%2C1661&adks=960084856%2C976516616%2C771041174%2C2389526111%2C4047242158%2C2635258439%2C523518761&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&dssz=57&icsg=2392537478209536&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x120%7C1200x90%7C306x250%7C306x250%7C834x90%7C1600x7039%7C306x250&msz=1170x90%7C1170x90%7C306x250%7C306x250%7C834x90%7C1600x1%7C306x250&ga_vid=441282633.1580755919&ga_sid=1580755919&ga_hid=1313324114&fws=4%2C4%2C4%2C4%2C4%2C4%2C516&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

1baa095d22bb56595d01129827366f2e5024528610788a5ebc46610a082c7e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

date: Mon, 03 Feb 2020 18:52:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19878
x-xss-protection: 0
google-lineitem-id: -1,-2,-1,-2,-2,4893662829,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,-1,-2,-2,138254592126,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020012701.js Show response
securepubads.g.doubleclick.net/gpt/ 66 KB
24 KB 51ms
51ms Script
text/javascript 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020012701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

sffe /

Resource Hash

42473182b7be1e9059b11448b00e33e0197994dd8e542fb7b58706408e02f2b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Jan 2020 14:06:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24916
x-xss-protection: 0
expires: Mon, 03 Feb 2020 18:52:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

GET ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14303ad63f99a8cf;misc=1580755918923
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ 0
0

GET ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1458b35aecffacf1;misc=1580755918923
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ 0
0

GET ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1460e0ed0d4bd21e;misc=1580755918923
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ 0
0

GET ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=151c9587d69ab123;misc=1580755918923
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ 0
0

GET ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14058cbedbfee68b;misc=1580755918923
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ 0
0

GET ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1509796e3cb0f526;misc=1580755918923
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ 0
0

GET ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14163fe21592e06d;misc=1580755918923
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ 0
0

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gpt/202001101133/ 86 KB
30 KB 48ms
48ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/d5CEaYYEzMwqV3dGpQ3IFjCM27s/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 764c862d312159b49f8e6fd8b1944c16499713abe7236eb8b6b40f20cf1033fa

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 18:52:00 GMT
Content-Encoding: gzip
Age: 474
X-Cache: HIT
Connection: keep-alive
Content-Length: 30065
x-amz-id-2: FZM0E915ekBIygNZ3cRIS1mabMFfs5N6V5yiSbYUYLio7BweKBS8jebE2h8jYR9zNhFrqItWDFI=
X-Served-By: cache-hhn4054-HHN
Last-Modified: Mon, 13 Jan 2020 19:57:14 GMT
Server: AmazonS3
X-Timer: S1580755920.177672,VS0,VE0
ETag: "62e50166bfcd03e9d6305899d1bf1737"
x-amz-request-id: 7D820617F51D8FB3
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 60627

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/prebid/202001101133/ 33 KB
12 KB 106ms
44ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202001101133/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/d5CEaYYEzMwqV3dGpQ3IFjCM27s/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf1091e08a0a0c7b7e407014d53bda0223573859d06351c958a1174479a77752

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 18:52:00 GMT
Content-Encoding: gzip
Age: 620
X-Cache: HIT
Connection: keep-alive
Content-Length: 12169
x-amz-id-2: jI46x00XqvfSCJVfGjfPs1YzNeGfxg1+r0wXEUI81sw3IhS3HsHHVxKMk+7TNwABtwy3IATlt2M=
X-Served-By: cache-hhn4054-HHN
Last-Modified: Mon, 13 Jan 2020 19:57:17 GMT
Server: AmazonS3
X-Timer: S1580755920.236277,VS0,VE0
ETag: "aecd520c5565494b99212f397ace223e"
x-amz-request-id: 85DA62ABA4843CAA
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 1656

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 71C4 29 KB
8 KB 66ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250503
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 71C4 160 B
1017 B 42ms
42ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b46f9c8e9542caa684ec5f787ef01f0cc4c72f74982086f232806dc441df8dec

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:02 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.186:80
AN-X-Request-Uuid: c001842c-b806-4fac-9d61-0fbe3e44c2e9
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 71C4 150 B
340 B 13ms
12ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 558b994b4af9055eb6d223ed1d01853829ab2169b609712aa6ef704b7a91385b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:00 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 71C4 160 B
1016 B 43ms
43ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

320b1a38eea4864d8c45ef5c7131117abeaa6b38068396aef46d73ad06c5f641

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:02 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.43:80
AN-X-Request-Uuid: 51fd32fc-d399-4c7d-95fd-ecacc4cfc3ee
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 71C4 44 B
667 B 166ms
80ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%226bc2edf5%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=6bc2edf5-66f1-442b-8f57-69baedf0977f&pv=6bc2edf5-66f1-442b-8f57-69baedf0977f&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

84d3411b4fceaf9a92e5aceac6294b8ec69de0eda996d2205972479e05f4c677

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:00 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 71C4 20 B
320 B 199ms
101ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=6bc2edf5-66f1-442b-8f57-69baedf0977f-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:00 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK c Show response
c.pub.network/ 36 B
344 B 499ms
135ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: a0832629b6a7b8575094f627b424367a8a6d543ec8e54062877ea4eca4d6cc07

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:01 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 71C4 0
217 B 129ms
32ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=6bc2edf5&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:00 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 663ms
662ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c0abda667946d8920234d82d73a1463d092ad7f373c2c6a0c052a34b53805ea6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:01 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 910

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 8276 421 KB
94 KB 24ms
23ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:01 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755921.dop101.lo4.t,1580755921.cds250.lo4.hn,1580755921.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902503
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 8276 29 KB
8 KB 21ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250504
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8276 160 B
1017 B 40ms
40ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

df9780134a7c0e3a1c50f835c1fe0ae93445f83441208017dfe8ef15d1334d32

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:03 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.165:80
AN-X-Request-Uuid: 4eed7478-849f-4994-8206-a5ac0a3e5568
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 8276 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 517cb906fbcc0e68c946dd2cd570a2ff937490847bf12abe240480e5c77aafe0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:01 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8276 160 B
1016 B 38ms
38ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a03cc419fc0c4e4dd94a63522e8825b9a0b7fa9d2afb05c6c4db1fe7876abbef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:03 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.10:80
AN-X-Request-Uuid: 3c734b06-68d5-4bf6-a206-2d76c64e30f9
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 8276 44 B
667 B 186ms
186ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%2254e18fd5%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=54e18fd5-2020-4c3e-91ec-d2233eebaf7a&pv=54e18fd5-2020-4c3e-91ec-d2233eebaf7a&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

afbbe3f3ce8f16e852a4db7ad4fcd7292c2e3b4010c0b3b1a35b30821cee24f5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:01 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 8276 20 B
320 B 104ms
103ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=54e18fd5-2020-4c3e-91ec-d2233eebaf7a-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:01 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 8276 0
217 B 33ms
32ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=54e18fd5&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:01 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 455ms
455ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bd21a86e65073eaf7dd05e4c2b9d4de60ce437ba37be3e6eae069708ddcfbc9f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:02 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 921

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012001251659540/ 20 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43869e57b9339b03aecd3da7938097421e238ae9bdfd42a64035cc17c86399e0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 4441
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7150
x-xss-protection: 0
server: sffe
date: Mon, 03 Feb 2020 17:38:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7e98551560828916"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Feb 2021 17:38:00 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012001251659540/ Frame E499 200 KB
55 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

385bf60b00ac86347e623110798bf340dac6a124146c034cf58ff596525f38a3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 8364
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55740
x-xss-protection: 0
server: sffe
date: Mon, 03 Feb 2020 16:32:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "73c5733c238bea88"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Feb 2021 16:32:37 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame E499 15 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-ad-exit-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc0d3b44a4cbe769eca3a48f9470f911bf3f4e65f1650b2eecea7ed2942eada6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 267596
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5593
x-xss-protection: 0
server: sffe
date: Fri, 31 Jan 2020 16:32:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb81b23fc83ce453"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jan 2021 16:32:05 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame E499 91 KB
27 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-analytics-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f825366b29e0c783fd4416f9729fec0e5900cf115de79d2a628fb21d7df7b4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 8453
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28005
x-xss-protection: 0
server: sffe
date: Mon, 03 Feb 2020 16:31:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "72f52e45b57a11ad"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Feb 2021 16:31:08 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame E499 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-fit-text-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e548c1ce78f73067beca7f7e2bb284f7a79a0e537c7ebb48266560290fcfbe66

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 244823
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1396
x-xss-protection: 0
server: sffe
date: Fri, 31 Jan 2020 22:51:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5821fa2b275b35ee"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jan 2021 22:51:38 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame E499 46 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-form-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cda09677337093b10da14ba0ecbed2ea647ecec1f327ff794a046e3a71083fd4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 267561
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14831
x-xss-protection: 0
server: sffe
date: Fri, 31 Jan 2020 16:32:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "95a2cb227bce10b6"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jan 2021 16:32:40 GMT

GET
DATA 200
OK truncated
/ Frame E499 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89d534f9486fafac94e81933b4c52516cdf309377796e5d782a5f721627df669

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
376 B 83ms
83ms XHR
text/javascript 143.204.213.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&pid=eqeAz1nOOt0UU&cb=1&ws=1600x1200&v=7.46.00&t=1000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%5D&cfgv=0&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprc=null&gdprl=%7B%22status%22%3A%22cmp-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.213.153 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-213-153.fra53.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

date: Mon, 03 Feb 2020 18:52:01 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA53-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 5xN40WzrWEvqh2AeiIuCe9rNTHtOsLar4HSUEnAVsS7VQY1iNfiQaQ==

POST
H/1.1 200
OK auction Show response
prebid.pub.network/openrtb2/ 147 B
433 B 206ms
206ms XHR
application/json 35.226.134.247
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.pub.network/openrtb2/auction
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.226.134.247 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 247.134.226.35.bc.googleusercontent.com
Software: /
Resource Hash: 02fab07d57d6ec2279b0a21239e593fe65915ce90c377687cea6cd750fea588d

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
Content-Type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 152
Expires: 0

GET
H2

302

ADTECH;apid=1A4388e718-46b6-11ea-a2d6-121e68b36cc0;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=198d2a120160957c;misc=1580755921873 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=198d2a120160957c;misc=1580755921873;
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1A4388e718-46b6-11ea-a2d6-121e68b36cc0;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=198d2a120160957c;misc=1...

0
-1 B

97ms
96ms

XHR

152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1A4388e718-46b6-11ea-a2d6-121e68b36cc0;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=198d2a120160957c;misc=1580755921873
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:01 GMT
server: nginx
access-control-allow-origin: https://www.bleepingcomputer.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1A4388e718-46b6-11ea-a2d6-121e68b36cc0;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=198d2a120160957c;misc=1580755921873
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:01 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1A4388e718-46b6-11ea-a2d6-121e68b36cc0;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=198d2a120160957c;misc=1580755921873
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;apid=1A4389b5b2-46b6-11ea-a4e4-12dc2d808526;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=19931700bb7f07f;misc=1580755921873 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=19931700bb7f07f;misc=1580755921873;
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1A4389b5b2-46b6-11ea-a4e4-12dc2d808526;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=19931700bb7f07f;misc=15...

0
-1 B

104ms
104ms

XHR

152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1A4389b5b2-46b6-11ea-a4e4-12dc2d808526;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=19931700bb7f07f;misc=1580755921873
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:01 GMT
server: nginx
access-control-allow-origin: https://www.bleepingcomputer.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1A4389b5b2-46b6-11ea-a4e4-12dc2d808526;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=19931700bb7f07f;misc=1580755921873
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:01 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1A4389b5b2-46b6-11ea-a4e4-12dc2d808526;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=19931700bb7f07f;misc=1580755921873
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;apid=1A4389bfb2-46b6-11ea-9d15-1273d078354a;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=200e9621e156688a;misc=1580755921873 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=200e9621e156688a;misc=1580755921873;
https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A4389bfb2-46b6-11ea-9d15-1273d078354a;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=200e9621e156688a;misc=1...

0
-1 B

102ms
102ms

XHR

152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A4389bfb2-46b6-11ea-9d15-1273d078354a;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=200e9621e156688a;misc=1580755921873
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:01 GMT
server: nginx
access-control-allow-origin: https://www.bleepingcomputer.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A4389bfb2-46b6-11ea-9d15-1273d078354a;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=200e9621e156688a;misc=1580755921873
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:01 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A4389bfb2-46b6-11ea-9d15-1273d078354a;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=200e9621e156688a;misc=1580755921873
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 47ms
47ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

3658dc6aa6744d7a5eb57cfcee99a2a26e1887303c27676068f756f8cb87b767

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:03 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.24:80
AN-X-Request-Uuid: f4f58b5f-a9bf-4b8f-a2a6-94b9488c7a04
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 194 B
384 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: c3488b9ee77c39ded916162bd3095b1ec0b8c17ee1b183f98aceb06f31094b03

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:01 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 194
expires: 0

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 26 B
1 KB 178ms
178ms XHR
application/json 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%22173d6e7ce74de0b2%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22174f9adc531a2c1b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22175756576b45ed4d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22176d986eeaa9c36a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7c08b9ee757a1b402b9253021a240ec6b4ec960b048e1c905c31beef75788891

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:02 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 46
Expires: Mon, 03 Feb 2020 18:52:02 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
167 B 77ms
76ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 03 Feb 2020 18:52:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 55f6997fcb02e5e8-LHR
access-control-allow-headers: origin, content-type

GET
H2 200 arj Show response
freestar-d.openx.net/w/1.0/ 175 B
576 B 138ms
138ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=c8ca64c3-badd-465a-83a4-9abb19c33b84&nocache=1580755921876&pubcid=2ce327aa-473a-4d61-8de8-f7d4a9a8b998&schain=1.0%2C1!freestar.io%2C535%2C1%2C%2C%2C&aus=728x90%2C970x90%2C970x250&divIds=bleepingcomputer_728x90_970x90_970x250_320x50_BTF&auid=540959250&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.1 /
Resource Hash: 80c3b3e1fefd8a07231a7c231828c0c52b8a3b86dca55960382a6d3cb4a44fc3

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:02 GMT
content-encoding: gzip
server: OXGW/16.174.1
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 7 KB
7 KB 133ms
133ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 40c366f285e6feedf078b699c41730a4f0de3e711e0cc1813daad214f931616c

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
x-openrtb-version: 2.3
access-control-allow-credentials: true
date: Mon, 03 Feb 2020 18:52:02 GMT
content-type: application/json

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 52ms
52ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=18649792ac81e1f8&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:52:01 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 73ms
72ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=wDH8n844o8J5LF7qDwHQ7sj5&bidId=18706dc6479be60d&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:52:01 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 88ms
88ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&bidId=18839ee82ec97d71&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:52:01 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 73ms
73ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

7e38f36581797057d1a944a6ea4149da11d4844bfd7926f6cd31ec08237ba5bc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:03 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.166:80
AN-X-Request-Uuid: c11bef8f-96c6-4b87-a200-c7b7d45f7b61
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 11 KB
7 KB 156ms
156ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&tk_flint=pbjs_lite_v3.4.0&x_source.tid=c8ca64c3-badd-465a-83a4-9abb19c33b84&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.1517013305703785
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 3ea8fb76a5d21b8addc8b32b5521a9dde1949c365171c75dffa467c0ecaefe87

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:01 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=138
Content-Length: 6182
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
482 B 145ms
145ms XHR
application/json 35.157.40.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=3.4.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&tmax=1200

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.40.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-40-44.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:02 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 16033843172008718920
tpc.googlesyndication.com/simgad/ Frame E499 31 KB
31 KB 7ms
7ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16033843172008718920?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmHvWWx4h7jRhPvXpVNHOrydM0oFA

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21033f49bea1bc18c71d1b314387b3ae04b0d2ecb2613c93342cc2a9b662d255

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sat, 01 Feb 2020 00:03:27 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 May 2019 16:22:06 GMT
server: sffe
age: 240514
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 31796
x-xss-protection: 0
expires: Sun, 31 Jan 2021 00:03:27 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E499 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:33:42 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 69499
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 03 Feb 2020 23:33:42 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E499 295 B
418 B 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 21:53:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 75520
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 03 Feb 2020 21:53:21 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E499 0
0 49ms
49ms Image
text/html 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNGdR0Gs4Xs2SD-SP7_UP5LydkAzApu2qVe-Lge_8CsCNtwEQASDa18U5YLuGgIDQCqABuurNuQPIAQLgAgCoAwHIAwiqBLMCT9ANmVH4PgZRmaWhGQ9pb62yeL5Y_gViWPdUFURwB52CKVMcX3n6zp6BGn8Z5M5zRrQ4yKOKAEaqf5TmtF5uuiP-YktaXhP7Z7lMq9ZHjwt2onmdSopaVj-nuLA7O4nMiIepTYrMjEooMKydqvHWwaraPS88EFkVs6y5j0NnyHQGdiuRnPKAhqUvEqP9w9XTLCpzSUaN7S_MOo3GzANZ9y0lbg1nibl4EEz1cQCKogXi3j9r_14xZBNcdEAI4RA6RIASNZWrWmu8-92xS2X_8UeU0CL6b2s8B1qMK67DAyFlUj911HeiSHPuVIJUq4Py9bmx4zJBIXtEf3tuo1sy5ZodACvZcMG9qQj-MOw7lVPkIpuulHhV4dvbSqcZWOHYWCBKO2wJBzXucTzUtdk0lQFDXMAEka6ChIIC4AQBkgUECAQYAZIFBAgFGASgBgKAB66VskaoB47OG6gH1ckbqAeT2BuoB7oGqAfy2RuoB6a-G6gH7NUb2AcB8gcEEMXuKtIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTc0MjI0OTYwMzI4OTA4M4AKA8gLAdgTDA&sigh=zFwnv3Ctzfw&tpd=AGWhJmu2UgpEeAZt9gTYXIif-Srmbjpsy5sOHIDEaovWO4Sk5Q
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s24-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012001251659540/ Frame 0C45 200 KB
55 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

385bf60b00ac86347e623110798bf340dac6a124146c034cf58ff596525f38a3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 8364
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55740
x-xss-protection: 0
server: sffe
date: Mon, 03 Feb 2020 16:32:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "73c5733c238bea88"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Feb 2021 16:32:37 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame 0C45 15 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-ad-exit-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc0d3b44a4cbe769eca3a48f9470f911bf3f4e65f1650b2eecea7ed2942eada6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 267596
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5593
x-xss-protection: 0
server: sffe
date: Fri, 31 Jan 2020 16:32:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb81b23fc83ce453"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jan 2021 16:32:05 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame 0C45 91 KB
27 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-analytics-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f825366b29e0c783fd4416f9729fec0e5900cf115de79d2a628fb21d7df7b4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 8453
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28005
x-xss-protection: 0
server: sffe
date: Mon, 03 Feb 2020 16:31:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "72f52e45b57a11ad"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Feb 2021 16:31:08 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame 0C45 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-fit-text-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e548c1ce78f73067beca7f7e2bb284f7a79a0e537c7ebb48266560290fcfbe66

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 244823
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1396
x-xss-protection: 0
server: sffe
date: Fri, 31 Jan 2020 22:51:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5821fa2b275b35ee"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jan 2021 22:51:38 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame 0C45 46 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-form-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cda09677337093b10da14ba0ecbed2ea647ecec1f327ff794a046e3a71083fd4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 267561
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14831
x-xss-protection: 0
server: sffe
date: Fri, 31 Jan 2020 16:32:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "95a2cb227bce10b6"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jan 2021 16:32:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0C45 5 KB
685 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

416a2567e590d525f5d97d210c54685405ff750ada45a7ec1f4a737b99eba42d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 03 Feb 2020 18:52:01 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 03 Feb 2020 18:52:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 03 Feb 2020 18:52:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0C45 5 KB
639 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

416a2567e590d525f5d97d210c54685405ff750ada45a7ec1f4a737b99eba42d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 03 Feb 2020 18:52:01 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 03 Feb 2020 18:52:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 03 Feb 2020 18:52:01 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0C45 2 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:33:42 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 69499
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 03 Feb 2020 23:33:42 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0C45 295 B
355 B 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 21:53:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 75520
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 03 Feb 2020 21:53:21 GMT

GET
DATA 200
OK truncated
/ Frame 0C45 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba445e0c7cc23519a04832326ff212421d62129a512c9cbc4793f6126743ed25

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9C9E 0
0 50ms
50ms Fetch
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlhXBrBiRyyElygq_EHotuy0kxln2k7aIV5aq4D01aoMBPcz5eKuu0di9oKwac8imSNSrtbMT9SKtfgOSsvjyI2UdQwEwKoOQn4inXnyzKN5udIymK4_I7A7OjChDHV-olG8LOUzBPD4lLFdJfB0yNs-CsvU94wmkcNweUP6tDHGlyIz7x39cxdNi9pf6cTKDMVFTRjh1hGABajA47igX2CiJr9o1oTt0xpFr5aa3JiWgsy6839XtX2QDHuP4uN9X7SQfW0DIzHPMBxXREjT1cpGoKlDYPgEM8&sig=Cg0ArKJSzCwBjZnKUZbSEAE&urlfix=1&adurl=

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Feb 2020 18:52:01 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C9E 72 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08cb302a491f30074105f1e227bfa91e66f471877fa52bb20ba76df1efb98523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580473671631125"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27723
x-xss-protection: 0
expires: Mon, 03 Feb 2020 18:52:01 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012001251659540/ Frame 5713 200 KB
55 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

385bf60b00ac86347e623110798bf340dac6a124146c034cf58ff596525f38a3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 8364
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55740
x-xss-protection: 0
server: sffe
date: Mon, 03 Feb 2020 16:32:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "73c5733c238bea88"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Feb 2021 16:32:37 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame 5713 15 KB
6 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-ad-exit-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc0d3b44a4cbe769eca3a48f9470f911bf3f4e65f1650b2eecea7ed2942eada6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 267596
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5593
x-xss-protection: 0
server: sffe
date: Fri, 31 Jan 2020 16:32:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb81b23fc83ce453"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jan 2021 16:32:05 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame 5713 91 KB
27 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-analytics-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f825366b29e0c783fd4416f9729fec0e5900cf115de79d2a628fb21d7df7b4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 8453
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28005
x-xss-protection: 0
server: sffe
date: Mon, 03 Feb 2020 16:31:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "72f52e45b57a11ad"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Feb 2021 16:31:08 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame 5713 3 KB
1 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-fit-text-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e548c1ce78f73067beca7f7e2bb284f7a79a0e537c7ebb48266560290fcfbe66

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 244823
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1396
x-xss-protection: 0
server: sffe
date: Fri, 31 Jan 2020 22:51:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5821fa2b275b35ee"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jan 2021 22:51:38 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012001251659540/v0/ Frame 5713 46 KB
15 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001251659540/v0/amp-form-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cda09677337093b10da14ba0ecbed2ea647ecec1f327ff794a046e3a71083fd4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 267561
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14831
x-xss-protection: 0
server: sffe
date: Fri, 31 Jan 2020 16:32:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "95a2cb227bce10b6"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jan 2021 16:32:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5713 5 KB
639 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

416a2567e590d525f5d97d210c54685405ff750ada45a7ec1f4a737b99eba42d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 03 Feb 2020 18:52:01 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 03 Feb 2020 18:52:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 03 Feb 2020 18:52:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5713 5 KB
639 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

416a2567e590d525f5d97d210c54685405ff750ada45a7ec1f4a737b99eba42d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 03 Feb 2020 18:52:01 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 03 Feb 2020 18:52:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 03 Feb 2020 18:52:01 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5713 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:33:42 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 69499
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 03 Feb 2020 23:33:42 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5713 295 B
355 B 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202001101133/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 21:53:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 75520
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 03 Feb 2020 21:53:21 GMT

GET
DATA 200
OK truncated
/ Frame 5713 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae5bb9457cd46a1c06e6a3d23839eb97a533b8edbf3f913a12c9cb5c0073792d

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
376 B 75ms
75ms XHR
text/javascript 143.204.213.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&pid=QJj0nEMr4WkZX&cb=2&ws=1600x1200&v=7.46.00&t=1000&slots=%5B%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%22%7D%5D&cfgv=0&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprc=null&gdprl=%7B%22status%22%3A%22cmp-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.213.153 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-213-153.fra53.r.cloudfront.net
Software: Server /
Resource Hash: 5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

date: Mon, 03 Feb 2020 18:52:01 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA53-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: QjxEAv7FmrbnjVunnD7sJFf3MccHDxKjUdeF0rdn1nVpBe4pY0vWdg==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
376 B 75ms
71ms XHR
text/javascript 143.204.213.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&pid=UTwLpijSp9qIq&cb=3&ws=1600x1200&v=7.46.00&t=1000&slots=%5B%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%5D&cfgv=0&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdpre=1&gdprc=null&gdprl=%7B%22status%22%3A%22cmp-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.213.153 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-213-153.fra53.r.cloudfront.net
Software: Server /
Resource Hash: 1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

date: Mon, 03 Feb 2020 18:52:01 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA53-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: QoZcDlO6DbVScZVIaasNCUgeFs0AhrLY8s7_4dCmOFiFWN2dLFu3wg==

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2225613035339725144/ Frame 0C45 8 KB
8 KB 28ms
27ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2225613035339725144/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIrAIQnQEYASABLQAAAD8wrAI4nQFFAACAPw&rs=AOga4qmYL52MHSGOooQmoPq9f4bJbh8U0A

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6614eac161305e6201210710c158426c3b2ea6a4ef2c7da7fde5d236d10d0639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 03:53:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2019 17:26:36 GMT
server: sffe
age: 313108
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7783
x-xss-protection: 0
expires: Sat, 30 Jan 2021 03:53:33 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13256797330833292739/ Frame 0C45 8 KB
8 KB 26ms
23ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13256797330833292739/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qmAyS_2N6i6WVRJrhVZWLJKSmNoHw

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

623ba67fdee04abb38857d8cb22124da662ae2d95d1ce5033a4df0ddcd444031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 22 Jan 2020 14:26:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 17:36:44 GMT
server: sffe
age: 1052742
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8473
x-xss-protection: 0
expires: Thu, 21 Jan 2021 14:26:19 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0C45 0
0 45ms
43ms Image
text/html 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-MOe0Gs4Xs-SD-SP7_UP5LydkAzx6IK-W7_OqNq5CsGhj5UBEAEg2tfFOWC7hoCA0AqgAY-Us5cDyAEG4AIAqAMByAMKqgS7Ak_QMBcUugDNjI-vb9tWpqJO4J_f6X31-QkF5L0i4XxpWOXoV3QFL3FK1NwabJr2pVI_Da_ofs9KhPE3p2th8oEaig0MO5qJsUsVGtsF82iRvAed-pk-CxLI1cy5EiUTd57LPixVgQTJUN9HUf01NHKj7Dz7prPEMcFf3YuYAGow0DyuGb7rZOC1dzPWnXd8jUBBHa9A1Slmy5PCbvaQL374fPNd8hnuXViwfcbfqRAaJwvy1U7XzRiENYgIn9UCUV_Euxv_6AaPxivXAYdb-znchDS21n3bmcVb65lspIIG6ihkXrgWxJStPYSktoCrjeZUNbPi2TZI-oArGM53ahd5iH0Lg6l2Aj1iNTbM1voiGvakFEddMh_JUUUT84I5LslBt6PadCLfBYKNzXgrBESiUv_FLuo7aTp0r8AEzf-SxaYC4AQBkgUECAQYAZIFBAgFGASgBjeAB9nrzGioB47OG6gH1ckbqAeT2BuoB7oGqAfy2RuoB6a-G6gH7NUb2AcB8gcEENCyGdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTc0MjI0OTYwMzI4OTA4M4AKA8gLAdgTDIgUBQ&sigh=HaDJ9lfWwdQ&template_id=492&tpd=AGWhJms4sLKnHGhXtv7naPsvDnBqmbyiGQ2sIaWXFMAnrL_kxw
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s24-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0C45 0
0 26ms
24ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_YbTKDMvw5nYuzvkctqQk_51oH44yZ7NIGYhZIWgp3CVEpVulNdsxJdhYjnOIoXJKenUsx5DO0Y963SAb956AdqsM3w
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2530596957992239685/ Frame 5713 6 KB
6 KB 25ms
23ms Image
image/jpeg 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2530596957992239685/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqwIQnQEYASABLQAAAD8wrAI4nQFFAACAPw&rs=AOga4qnZeT9gUjio-m8DSaDf295LfTH3tg

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01ab81e1f90cf76c54d5f1e2f7ad0c9fd5216728cbe10739636b9e5d010ac4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sat, 01 Feb 2020 04:17:54 GMT
x-content-type-options: nosniff
last-modified: Fri, 31 May 2019 14:57:34 GMT
server: sffe
age: 225247
content-type: image/jpeg
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 5829
x-xss-protection: 0
expires: Sun, 31 Jan 2021 04:17:54 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15398055848020393131/ Frame 5713 26 KB
26 KB 24ms
22ms Image
image/jpeg 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15398055848020393131/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qli1gUPUJHmeqDnoUrwMM9kOZAx3A

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7f02fd5b7a6baae27068d88b70d5ac6d7e3e43a926ceed4caa78eb27f2bf1a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 29 Jan 2020 21:51:30 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Apr 2019 16:05:15 GMT
server: sffe
age: 421231
content-type: image/jpeg
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 26868
x-xss-protection: 0
expires: Thu, 28 Jan 2021 21:51:30 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5713 0
0 46ms
44ms Image
text/html 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CXacT0Gs4XtKSD-SP7_UP5LydkAzllNCxV-DtirjRCb_hHhABINrXxTlgu4aAgNAKoAHL4uKEA8gBBuACAKgDAcgDCqoExgJP0N4pJo_AxiS4jm-WSsy2DZnA7n9VyApGMVZyK5Qu7rwxBlIRyR4NzZfA33QTOxd1k0xxPEVwL4RIACvyCgovfkKb9zkAiWISu1_aCTOThU3dTyhT-0Sv4QiqztuZ8tArxYafoFGPqRAfkceaMLzB1a__jPtmnvWhTWROr6ksgg9DlfRjjKtVPUovIlUBG4sw-GakIbU3bz-UOCpw5RZOERJ7_QfT82N01mpW0Pm8Z5qJh6WHpmKjuiQFlcfmaa_hRtSoxq9uftNe3HHJTRS_vUIulbVk-Lev68aYs7njs--XaQAl4AickMT3Ml26SQ74eNOjv3wDUNZqRuwRcoixjAnCT4_uO3SMw8oOieOEoUADh8TKxaLTVCeC7L_O3Gb-chjSEFMEGyYUljuEI0Y1hrTwB6-cergtgPEByD2agGyRtHERfMAE8N_O1pIC4AQBkgUECAQYAZIFBAgFGASgBjeAB52dnXuoB47OG6gH1ckbqAeT2BuoB7oGqAfy2RuoB6a-G6gH7NUb2AcB8gcEEPDsFdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTc0MjI0OTYwMzI4OTA4M4AKA8gLAdgTDIgUBA&sigh=mB-7xpFfkds&template_id=492&tpd=AGWhJmvh7C32iU21vKN0B4RtrRzuXyYH9x-SRR7MxKdQp_yT3A
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s24-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 0C45 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin: https://www.bleepingcomputer.com

Response headers

date: Sat, 01 Feb 2020 11:35:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 198989
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Sun, 31 Jan 2021 11:35:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 0C45 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin: https://www.bleepingcomputer.com

Response headers

date: Fri, 17 Jan 2020 17:18:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 1474386
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11056
x-xss-protection: 0
expires: Sat, 16 Jan 2021 17:18:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 5713 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin: https://www.bleepingcomputer.com

Response headers

date: Sat, 01 Feb 2020 11:35:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 198989
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Sun, 31 Jan 2021 11:35:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 5713 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin: https://www.bleepingcomputer.com

Response headers

date: Fri, 17 Jan 2020 17:18:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 1474386
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11056
x-xss-protection: 0
expires: Sat, 16 Jan 2021 17:18:55 GMT

GET
H2 200 ADTECH;apid=1A4388e718-46b6-11ea-a2d6-121e68b36cc0;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=198d2a120160957c;misc=1580755921873 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ 945 B
1 KB 168ms
167ms XHR
application/json 152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;apid=1A4388e718-46b6-11ea-a2d6-121e68b36cc0;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=198d2a120160957c;misc=1580755921873
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: faaebdb790be8e217260b9d5a97292ab3d978a858eb9293c3de66925395d220c

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:02 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1A4389bfb2-46b6-11ea-9d15-1273d078354a;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=200e9621e156688a;misc=1580755921873 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ 945 B
1 KB 231ms
231ms XHR
application/json 152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;apid=1A4389bfb2-46b6-11ea-9d15-1273d078354a;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=200e9621e156688a;misc=1580755921873
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: fe618af6796c4ac1aeb2dc0cfa21dc68aab0cfb9143521158b4cc4c43a1dab4d

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:02 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1A4389b5b2-46b6-11ea-a4e4-12dc2d808526;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=19931700bb7f07f;misc=1580755921873 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ 944 B
1 KB 187ms
186ms XHR
application/json 152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;apid=1A4389b5b2-46b6-11ea-a4e4-12dc2d808526;cfp=1;rndc=1580755921;v=2;cmd=bid;cors=yes;alias=19931700bb7f07f;misc=1580755921873
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 8395babebf84b3112402c2c9d0956ef4c10cfaeb53909fbbb0dc53fdf3956ec2

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:02 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 944
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E499
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
39ms

Image
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Redirect headers

date: Mon, 03 Feb 2020 18:52:02 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 0C45
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
38ms

Image
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Redirect headers

date: Mon, 03 Feb 2020 18:52:02 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 47F8 0
162 B 97ms
97ms Image
text/plain 3.213.93.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:404,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:720,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=c84d1b23467e1ba478ef1580755922080&c_pl=W6UwCaIyrnWnOF1A9Q-b1OiAbnZ0aRL0idvwkcl4LdWtCMOeOL0Xn63QkMwyfM4nUn1f8Nm_AI0lZB5MhoUJ2JYA_bVeN5ELeCl0R6YAgMP4vFvEJuvC7Oh8IWVUuuPd-QxDProVkuHdhYEFT0hDGVMu8thITKaHscvRsKi3K-apkE3OENP5ecVL2I5OZWUsrLQpMXu7ZSpDk6Z0h7m3tuF30qZJtr1OZtUP3gpXfmJbXm3vop8scwayc6EiTZzTmY6_HviXe0bBShP3-o_hvw&c_v=1882_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-sho&xplt=true&spp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.93.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-93-144.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Feb 2020 18:52:02 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5713
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
39ms

Image
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Redirect headers

date: Mon, 03 Feb 2020 18:52:02 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

POST
H/1.1 200
OK c Show response
c.pub.network/ 36 B
344 B 119ms
119ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: a0832629b6a7b8575094f627b424367a8a6d543ec8e54062877ea4eca4d6cc07

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:02 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H2 200 16033843172008718920
tpc.googlesyndication.com/simgad/ Frame E499 31 KB
31 KB 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16033843172008718920?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmHvWWx4h7jRhPvXpVNHOrydM0oFA

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21033f49bea1bc18c71d1b314387b3ae04b0d2ecb2613c93342cc2a9b662d255

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sat, 01 Feb 2020 00:03:27 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 May 2019 16:22:06 GMT
server: sffe
age: 240515
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 31796
x-xss-protection: 0
expires: Sun, 31 Jan 2021 00:03:27 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E499 2 KB
3 KB 8ms
8ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:33:42 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 69500
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 03 Feb 2020 23:33:42 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E499 295 B
363 B 7ms
7ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 21:53:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 75521
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 03 Feb 2020 21:53:21 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2225613035339725144/ Frame 0C45 8 KB
8 KB 9ms
8ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6614eac161305e6201210710c158426c3b2ea6a4ef2c7da7fde5d236d10d0639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 03:53:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2019 17:26:36 GMT
server: sffe
age: 313109
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7783
x-xss-protection: 0
expires: Sat, 30 Jan 2021 03:53:33 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13256797330833292739/ Frame 0C45 8 KB
8 KB 8ms
8ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

623ba67fdee04abb38857d8cb22124da662ae2d95d1ce5033a4df0ddcd444031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 22 Jan 2020 14:26:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 17:36:44 GMT
server: sffe
age: 1052743
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8473
x-xss-protection: 0
expires: Thu, 21 Jan 2021 14:26:19 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0C45 2 KB
3 KB 8ms
8ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:33:42 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 69500
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 03 Feb 2020 23:33:42 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0C45 295 B
359 B 7ms
7ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 21:53:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 75521
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 03 Feb 2020 21:53:21 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2530596957992239685/ Frame 5713 6 KB
6 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01ab81e1f90cf76c54d5f1e2f7ad0c9fd5216728cbe10739636b9e5d010ac4c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sat, 01 Feb 2020 04:17:54 GMT
x-content-type-options: nosniff
last-modified: Fri, 31 May 2019 14:57:34 GMT
server: sffe
age: 225248
content-type: image/jpeg
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 5829
x-xss-protection: 0
expires: Sun, 31 Jan 2021 04:17:54 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15398055848020393131/ Frame 5713 26 KB
26 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7f02fd5b7a6baae27068d88b70d5ac6d7e3e43a926ceed4caa78eb27f2bf1a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 29 Jan 2020 21:51:30 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Apr 2019 16:05:15 GMT
server: sffe
age: 421232
content-type: image/jpeg
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 26868
x-xss-protection: 0
expires: Thu, 28 Jan 2021 21:51:30 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5713 2 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 23:33:42 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 69500
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 03 Feb 2020 23:33:42 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5713 295 B
360 B 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 02 Feb 2020 21:53:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 75521
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 03 Feb 2020 21:53:21 GMT

POST
H/1.1 200
OK auction Show response
prebid.pub.network/openrtb2/ 147 B
434 B 175ms
175ms XHR
application/json 35.226.134.247
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.pub.network/openrtb2/auction
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.226.134.247 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 247.134.226.35.bc.googleusercontent.com
Software: /
Resource Hash: ae059e4888c177d0e9fb349e04cd04ea35213f89a900017dce7b803f3a8ee133

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
Content-Type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 153
Expires: 0

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 194 B
384 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 4d0901164e54448c22125651889d7b5d372f9d503bfda07be57f320a2ca034c7

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:02 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 194
expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 11 KB
7 KB 192ms
191ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&tk_flint=pbjs_lite_v3.4.0&x_source.tid=f0afa97f-482f-4da0-a841-d2f573be631b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8037490570599739
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 1fc93ea0dd05beefd35a6a067c43f101a0734f4533d1e753680dcd886d7f5774

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:02 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=453
Content-Length: 6199
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 26 B
996 B 213ms
212ms XHR
application/json 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%222108764a63815559%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2221188f3122d60344%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22212341dde7714db1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf7816fd5067d7a596b0dd17cd7b101259812ebfa889ac62e8024ccb859a4a75

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:02 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 46
Expires: Mon, 03 Feb 2020 18:52:02 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
482 B 154ms
154ms XHR
application/json 35.157.40.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=3.4.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&tmax=1200

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.40.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-40-44.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:02 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
66 B 138ms
138ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:52:02 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 67ms
66ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=DSthphoQqH66AkQXPDoXn74b&bidId=222ccb9850c8c26e&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:52:02 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 80ms
79ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Y2PwNBba8FyKXESSc72DFF25&bidId=22345ffa267d44a7&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:52:02 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 83ms
82ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&bidId=22444b5179be6e88&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:52:02 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=266e3e7a88a7c125;misc=1580755922185; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ 945 B
1 KB 179ms
179ms XHR
application/json 152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=266e3e7a88a7c125;misc=1580755922185;
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 3478cc707352a2827330f9a2d87ec2b5257679f647db9763345370221ed0e9c5

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:02 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=2677e9f9773caa5b;misc=1580755922185; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ 945 B
1 KB 176ms
176ms XHR
application/json 152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=2677e9f9773caa5b;misc=1580755922185;
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 3993b8c159e31d863bd06e1de86077566c28cb69f557d511be799ea6478ccea5

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:02 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
995 B 39ms
39ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

ae34f9ad856970d9e03522c69aadd3742b9495827dfd739869708c7136ad8d9d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:04 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.44:80
AN-X-Request-Uuid: 83392386-31e3-447f-bf99-bcf1df3cf0a0
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 54ms
54ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

1b81e6df83ca73575d26841a844aca1a5dee46406302a1fdfb4d974a2645c292

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:04 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.228:80
AN-X-Request-Uuid: 052a8ded-b537-4d14-bbad-22cdc30e1dc0
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
167 B 44ms
44ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 03 Feb 2020 18:52:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 55f69981b916e5e8-LHR
access-control-allow-headers: origin, content-type

GET
H2 200 arj Show response
freestar-d.openx.net/w/1.0/ 174 B
371 B 123ms
123ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=f0afa97f-482f-4da0-a841-d2f573be631b&nocache=1580755922187&pubcid=2ce327aa-473a-4d61-8de8-f7d4a9a8b998&schain=1.0%2C1!freestar.io%2C535%2C1%2C%2C%2C&aus=300x250%2C300x600&divIds=bleepingcomputer_300x250_300x600_160x600_Right_2&auid=540959250&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.1 /
Resource Hash: 91f6b63dd0e322460991a767fbef9db1b62c829b7e80eb1debf4a88cc7029efb

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:02 GMT
content-encoding: gzip
server: OXGW/16.174.1
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 357 B
251 B 329ms
329ms XHR
text/plain 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

26274967a7d17242cbc651021ff1318b540fc69a424ec01f25ba1d534a6b79b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

date: Mon, 03 Feb 2020 18:52:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 162
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK auction Show response
prebid.pub.network/openrtb2/ 147 B
434 B 187ms
187ms XHR
application/json 35.226.134.247
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.pub.network/openrtb2/auction
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.226.134.247 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 247.134.226.35.bc.googleusercontent.com
Software: /
Resource Hash: 113769b67c35dd097357b1847eca10cf60a05bb0c6323e9915ce0f4199bcf3af

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
Content-Type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 153
Expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
482 B 152ms
151ms XHR
application/json 35.157.40.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=3.4.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&tmax=1200

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.40.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-40-44.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:02 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=2683c68d31eaceb8;misc=1580755922256; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ 943 B
1 KB 426ms
426ms XHR
application/json 152.199.21.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=2683c68d31eaceb8;misc=1580755922256;
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.89 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: fa0d5dafe7943170020463f14a29668b511dcd7f8e0fbeff7a88f8a8712f43f1

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:02 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 943
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 60ms
60ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

74025a1fcfa46df65e852f34732278be580a3162743e6923d7c1f9c5e73343a9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:04 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.29:80
AN-X-Request-Uuid: 4e153bbd-07c7-4519-974a-6c37094ac759
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
66 B 140ms
140ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:52:02 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 53ms
53ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

f31197f3d33768943e115e18beb58eb689d99db7b9a6509c38d826e2049d9223

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:04 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.45:80
AN-X-Request-Uuid: 857dcf27-69ba-45ae-8eaa-3f525d79d2d4
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 194 B
384 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 8d37890fcb6150bef67a2e23abae8935f5b4937453f2d4ae5a677693fed38622

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:02 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 194
expires: 0

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 45ms
45ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=GrVComq83JzCSLK1pi9waoyR&bidId=2541ad0ff17beac2&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:52:02 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
119 B 85ms
85ms XHR
text/plain 52.29.78.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Ggh1aXSgpQAvBpkxoyAsBJPd&bidId=255036a486d2b97f&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.4.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.78.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-78-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Feb 2020 18:52:02 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
vary: Origin

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 26 B
876 B 253ms
178ms XHR
application/json 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%222565a3f06870b7a4%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22257b43f21dad4871%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 518c3e3856edb5330757186eecc7a57d7e5f90329837648076eb22d364106150

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:02 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 46
Expires: Mon, 03 Feb 2020 18:52:02 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
39 B 49ms
48ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 03 Feb 2020 18:52:02 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 55f699823a6ee5e8-LHR
access-control-allow-headers: origin, content-type

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 11 KB
7 KB 164ms
164ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&tk_flint=pbjs_lite_v3.4.0&x_source.tid=4fa6c7ec-8267-4914-9988-1c391f345f22&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2743134733776791
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: b3954082785b943aabdbdb60222c1e235a0c474792656596547f3c66f4d18e57

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:02 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=497
Content-Length: 6139
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 arj Show response
freestar-d.openx.net/w/1.0/ 175 B
366 B 214ms
214ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=4fa6c7ec-8267-4914-9988-1c391f345f22&nocache=1580755922259&pubcid=2ce327aa-473a-4d61-8de8-f7d4a9a8b998&schain=1.0%2C1!freestar.io%2C535%2C1%2C%2C%2C&aus=728x90&divIds=bleepingcomputer_728x90_320x50_InContent_1&auid=540959250&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.1 /
Resource Hash: 9d736c38177155502957abff98a8fe085ad818b88acd6fa0a17e9e9b0b81460f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:02 GMT
content-encoding: gzip
server: OXGW/16.174.1
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame F1D5 421 KB
94 KB 22ms
22ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:02 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755922.dop101.lo4.t,1580755922.cds250.lo4.hn,1580755922.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902502
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame F1D5 29 KB
8 KB 21ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250505
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F1D5 160 B
1016 B 41ms
40ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

6dc1da3d8bd6f59b9f852c2d747ee4179f2b659695fe5561573341d6bf240629

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:04 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.42:80
AN-X-Request-Uuid: 89ea6615-61f1-4d90-bb52-27daf0ad6f31
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame F1D5 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 08af43bcf27795d56a53dfd361538049c488e783ab61e2c109c692829b3300e1

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:02 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F1D5 160 B
1016 B 42ms
42ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e134df315beda0f922f11c3c946d3d72725dba3174969d025bcea3cd4b7833d3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:04 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.12:80
AN-X-Request-Uuid: 3936722b-8f53-43f1-8cdc-ec48a09bc0a6
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame F1D5 44 B
604 B 69ms
69ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%2299975ed2%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=99975ed2-2b36-48bf-8e50-c6b8c118c559&pv=99975ed2-2b36-48bf-8e50-c6b8c118c559&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

3aceb31392aac2dd1b2ede83d5d4c76b86a90c5f0042cd891ebd3895a5b9a99d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:02 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 348 B
238 B 446ms
446ms XHR
text/plain 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

199da3c79fa489812c5a5181008b8518500e01c612d9833ce70086e7bb8cb717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

date: Mon, 03 Feb 2020 18:52:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 161
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame F1D5 20 B
320 B 97ms
97ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=99975ed2-2b36-48bf-8e50-c6b8c118c559-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:02 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame F1D5 0
217 B 34ms
33ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=99975ed2&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:02 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 94ms
93ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4e901e554de6f650382e60398457635d5c54bdac727d3276a74adf69db3e1738

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:02 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 913

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 341 B
235 B 444ms
444ms XHR
text/plain 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

649a4c0f1067d82624e19f3f1af536c3518a03f590f02101465711ee8d2d8c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

date: Mon, 03 Feb 2020 18:52:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 157
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 39BB 421 KB
94 KB 23ms
23ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:02 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755922.dop101.lo4.t,1580755922.cds250.lo4.hn,1580755922.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902502
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 39BB 29 KB
8 KB 22ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250505
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 39BB 160 B
1016 B 35ms
35ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b86846d83a968c0b2af653f318a2c271fdea5a834972fa6cf4f7a61de25d3c46

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:04 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.15:80
AN-X-Request-Uuid: a1d4f476-332a-404d-9f11-d0b3d5ba52bf
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 39BB 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 77302794724e64645f5a4a28096d757acfc92339a8faadca76af5b5d607fe3c7

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:02 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 39BB 160 B
1016 B 40ms
39ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4687d3d846353cbcf2bf7a13050aa800c888cb79fabb19b61ebd919954af7d61

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:04 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.90:80
AN-X-Request-Uuid: b34783ea-85b3-47d6-9e22-c7207758e5e4
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 39BB 44 B
604 B 93ms
93ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22b26167cf%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=b26167cf-c888-40d5-8d8b-665d6a02085d&pv=b26167cf-c888-40d5-8d8b-665d6a02085d&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

03f9b0c07587fddf153526f4a2bcfd0e1ef1e1508769558b28ed883943d79985

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:02 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 39BB 20 B
320 B 105ms
104ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=b26167cf-c888-40d5-8d8b-665d6a02085d-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:03 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 39BB 0
217 B 34ms
33ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=b26167cf&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:03 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK c Show response
c.pub.network/ 36 B
344 B 122ms
121ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: a0832629b6a7b8575094f627b424367a8a6d543ec8e54062877ea4eca4d6cc07

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:03 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 35ms
34ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 88b86b9925075451f35d076bcdf5981e2710f880475bcfa85a04bb671cfcb696

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:03 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 910

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E499 42 B
110 B 28ms
27ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0o0aQtgMLCQKy5sGvfoyP-U1vwB2HtXtRrcMoP0-RR8-86_sRdJpQsu5A6G3QifwclTNQicY5kkqMWOMe4p8M11ahY1GqHeFbYlB6gU9JG2Gkce9gJ1qq9q7P6A&sai=AMfl-YSO2HKXcbfrMpjQ5zg2HHeoHFhl0yXR5oSA2956VqJB9nm_9sOo2L9ZojvJYq29BxBwlFVO5A2mZXESjXIcXCBCg5M1beZZBZLIax6FOgT7odxrpiPebDx8N9Q&sig=Cg0ArKJSzHVd78E18DfjEAE&cid=CAASF-Rozp_NA14z6nEA8eYWwbd6THYvdaTK&id=ampim&o=315,146&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=158&tls=1159&g=100&h=100&tt=1159&r=v&adk=960084856&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:03 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0C45 42 B
110 B 46ms
46ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9cm-bauCl3fz4PQ5uonSgG1pj_yP-ntpNsq905WFQqxSc2Ov4EadTckA7cuXrwkDQ26UW6V2bBLQuh3lAJWlSOUb0PuxKbvJvattofWEX3UhpYsiDrx9-nqN6Xw&sai=AMfl-YQg_lXV-QmmycqWWvA0aqzlvdZxFmVRUGOUYuLvbX0yO16CD1MlAtGUVIvSgafYqqOiE3TXzZQapzBB9zzeDE07qEckr58oLVHI7s1jU84jRW95-kbLvM4B7_Q&sig=Cg0ArKJSzKwicB_SBcpIEAE&cid=CAASF-RookdWgsr4CWvzrL0jY-YkdtftOsAi&id=ampim&o=1082,487&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1005&mtos=0,0,1005,1005,1005&tos=0,0,1005,0,0&tfs=104&tls=1109&g=100&h=100&tt=1110&r=v&adk=771041174&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:03 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 6197 421 KB
94 KB 22ms
22ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:03 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755923.dop101.lo4.t,1580755923.cds250.lo4.hn,1580755923.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902501
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 6197 29 KB
8 KB 22ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250506
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6197 160 B
1017 B 38ms
38ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

9ffd0b4547346d8b1c54c254bfdb1106ef1e1300be1d2b35b4742f1a43158b68

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:05 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.165:80
AN-X-Request-Uuid: 6f06858e-4c0c-4f9c-90ab-7f56e1bb0a44
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 6197 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 8d01caf4744f00ba7d61ce8f4e7d6c8b7b268d13dbe36d5ac8cac0655494f9da

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:03 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6197 159 B
1016 B 42ms
41ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b86e54c0ce2872278732808a265679f9590a4501fd38d108a86baf47363659eb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:05 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.244:80
AN-X-Request-Uuid: 0415ed8e-139a-4efa-b288-02bf78421831
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 6197 44 B
604 B 71ms
71ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22f55474f5%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=f55474f5-61a2-46e5-9c84-d9e1c2ff9c63&pv=f55474f5-61a2-46e5-9c84-d9e1c2ff9c63&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

4d4133ba0c50afb5f3fcf785348ff133580a06c051cf49f64fd7c09268af4fcb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:03 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 6197 20 B
320 B 110ms
109ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=f55474f5-61a2-46e5-9c84-d9e1c2ff9c63-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:03 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 6197 0
217 B 32ms
32ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=f55474f5&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:03 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 190ms
190ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3b961c51d0944664cd421ea49cc423939eefcdc5a296de8480e3b897f6a5be2a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:03 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 911

POST
H/1.1 200
OK c Show response
c.pub.network/ 36 B
344 B 118ms
118ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: a0832629b6a7b8575094f627b424367a8a6d543ec8e54062877ea4eca4d6cc07

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:03 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 3D0C 421 KB
94 KB 23ms
23ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:03 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755923.dop101.lo4.t,1580755923.cds250.lo4.hn,1580755923.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902501
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 3D0C 29 KB
8 KB 21ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250506
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3D0C 160 B
1016 B 35ms
35ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

077975983a28218e6dbe7fb817bf69cbc0aecaa07b41df57f34f837b67c698a3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:05 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.39:80
AN-X-Request-Uuid: 327c4622-78c8-47e8-81cd-391580d39420
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 3D0C 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 3fd0dca929cacb337e5777215f4e60bcbce3effe6bb25ede7e4854f36ef46df6

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:03 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3D0C 159 B
1008 B 42ms
42ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b2bce66de264a32e352d0d3dacda1ad9a0a7fba714dca13cf408d8ccf7406b4e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:05 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.107:80
AN-X-Request-Uuid: 04f733ee-c46d-4ba7-9841-fa77360602d6
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 3D0C 44 B
604 B 74ms
73ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22dab69560%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=dab69560-96d9-4c72-9a6b-6640b1e48f49&pv=dab69560-96d9-4c72-9a6b-6640b1e48f49&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

78a6688025d4973dc4c15b26ae0c82bc2d4803b13966e355556fa2cefd73923a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:03 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 3D0C 20 B
320 B 162ms
161ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=dab69560-96d9-4c72-9a6b-6640b1e48f49-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:03 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 3D0C 0
217 B 34ms
32ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=dab69560&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 129ms
128ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3c9395fe1509346d67a347fa2aece90dfc1759e69884dac85e15e34fa04bbb48

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:04 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 892

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame FE57 421 KB
94 KB 23ms
23ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:04 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755924.dop101.lo4.t,1580755924.cds250.lo4.hn,1580755924.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902500
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame FE57 29 KB
8 KB 22ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250507
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame FE57 160 B
1016 B 47ms
47ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

ee5e2388a94b357923c1b9eb6da63a66d1104521207693492b769f42c5fe1608

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:06 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.23:80
AN-X-Request-Uuid: 6bf529ca-5083-4435-aaf1-158cd526cd78
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame FE57 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: a31cf92b9a59b8fecdc5773e3c165c542f4516fdfeb7e8f80b1d40cc639bb337

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:04 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame FE57 160 B
1016 B 35ms
35ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

9cb178771082749c68446aeff47e90df654d81670c9a6adb09454fae85567364

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:06 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.36:80
AN-X-Request-Uuid: 16ea4b6a-aca3-43bc-97d2-9e4481464e28
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame FE57 44 B
604 B 52ms
51ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22d671df10%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=d671df10-095c-438a-847f-309ec90b4743&pv=d671df10-095c-438a-847f-309ec90b4743&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

c1edb15d88c54bc6633d02b208cb8aafbd98ac2db477e4c3efda964658440e8c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:04 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame FE57 20 B
320 B 101ms
101ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=d671df10-095c-438a-847f-309ec90b4743-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:04 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame FE57 0
217 B 32ms
32ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=d671df10&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 271ms
271ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d18ff73f3f4b4b51847b286484687e348714446f4e1026d894e49f84e8184165

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:04 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 912

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 09D2 421 KB
94 KB 30ms
30ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:04 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755924.dop101.lo4.t,1580755924.cds250.lo4.hn,1580755924.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902500
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 09D2 29 KB
8 KB 21ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250507
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 09D2 160 B
1017 B 35ms
35ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

651c84479fe22f8e4fb73a23cf731dfa6944eb8b36b72e9d0525bd69e026da6a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:06 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.122:80
AN-X-Request-Uuid: e7f2ffdf-5dda-49a2-8302-cce7557abf98
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 09D2 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 321e40ea279bae6d59fa2e41454f16e66e06d64a0297d3dce847e07fc90b6e0b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:04 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 09D2 160 B
1016 B 35ms
35ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

96d6ce9b82ef9fc7a0dec8559ac18ce8ab9c2f45cc5263346f5b5b08c81bd247

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:06 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.41:80
AN-X-Request-Uuid: c08a4206-6dbc-42cf-8d1f-a24849ebeb25
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 09D2 44 B
604 B 81ms
81ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%220e635904%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=0e635904-f450-4085-9e73-81e1e4100bcc&pv=0e635904-f450-4085-9e73-81e1e4100bcc&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

06ccce22395fc2935ee0b86b884d90cc601fb85b800f2e8a210e16e32cff9551

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:04 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 09D2 20 B
320 B 163ms
162ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=0e635904-f450-4085-9e73-81e1e4100bcc-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:05 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 09D2 0
217 B 32ms
32ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=0e635904&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:05 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 47F8 0
162 B 98ms
97ms Image
text/plain 3.213.93.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:244,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:358,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:317,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:338,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:279,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=c6a72dd2a35f2f66576b1580755925081&c_pl=W6UwCaIyrnWnOF1A9Q-b1OiAbnZ0aRL0idvwkcl4LdWtCMOeOL0Xn63QkMwyfM4nUn1f8Nm_AI0lZB5MhoUJ2JYA_bVeN5ELeCl0R6YAgMP4vFvEJuvC7Oh8IWVUuuPd-QxDProVkuHdhYEFT0hDGVMu8thITKaHscvRsKi3K-apkE3OENP5ecVL2I5OZWUsrLQpMXu7ZSpDk6Z0h7m3tuF30qZJtr1OZtUP3gpXfmJbXm3vop8scwayc6EiTZzTmY6_HviXe0bBShP3-o_hvw&c_v=1882_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-sho&xplt=true&spp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.93.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-93-144.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Feb 2020 18:52:05 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 144ms
144ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ad2357ee89849387d282e90f69cc4e95533b37a6b7cdf3b76d1765a4b5cb7297

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:05 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 905

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 78B7 421 KB
94 KB 25ms
25ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:05 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755925.dop101.lo4.t,1580755925.cds250.lo4.hn,1580755925.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902499
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 78B7 29 KB
8 KB 21ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250508
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 78B7 160 B
1016 B 38ms
38ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

fe1fa7ba1f8dfd3e8def1ed380790538a0bc5009c83116555e00e121103a947c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:07 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.36:80
AN-X-Request-Uuid: 4a478f90-9ec0-4125-84ca-41ebcec2b821
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 78B7 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 9084a5abab1d10095fabcd0768cd393b43a554ced6549992d5997c56bf65e4af

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:05 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 78B7 160 B
1017 B 39ms
39ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

394b94090b7fcd768b272ee93aa5c6f64c6da5fb1880dada2a0e43d2e445b56d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:07 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.165:80
AN-X-Request-Uuid: 24018ef8-7148-47b1-89c0-469d0f821e8f
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 78B7 44 B
667 B 47ms
47ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22cea1e9dd%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=cea1e9dd-c9ce-4617-a71b-0720254f1aed&pv=cea1e9dd-c9ce-4617-a71b-0720254f1aed&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

a35b8d2b1852ef52a1c247b05a67de8c6238b9bcfea7d1e88926c921531a3a01

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:05 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 78B7 20 B
320 B 103ms
102ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=cea1e9dd-c9ce-4617-a71b-0720254f1aed-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:05 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 78B7 0
217 B 33ms
32ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=cea1e9dd&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:05 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 449ms
448ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f1e9680607f0a33fa700e4c84bff82005c06b77fb8e6739744023126ad8348fb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:05 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 909

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 1148 421 KB
94 KB 25ms
24ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:06 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755926.dop101.lo4.t,1580755926.cds250.lo4.hn,1580755926.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902498
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 1148 29 KB
8 KB 21ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250509
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1148 159 B
1008 B 43ms
42ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a41b8bc62270c1757fde63539be953ee96c04dbd428c3e4403767a6d2966193c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:08 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.110:80
AN-X-Request-Uuid: c52c6a3a-f881-49a2-bea2-f7aa28f504a2
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 1148 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e03b4d7846cf09a1ab119cf548bc71e70a4cf40d2c4c6e36bd6a13c6ae53e761

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:06 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1148 160 B
1016 B 35ms
35ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

8f79c24c07b162b20bc1b38a5ab49c1d32828f1ad86a97aa9b08b15f05381e23

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:08 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.12:80
AN-X-Request-Uuid: 8104e35c-81a5-4af8-b133-e61f82eed21f
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 1148 44 B
604 B 46ms
46ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22f1536d99%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=f1536d99-ea7d-489d-9bde-ef1042e96978&pv=f1536d99-ea7d-489d-9bde-ef1042e96978&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

bf3c932a5b0764f8eaa17f0a7d68becaf57101d2af5066a3eeba61d5350234f6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:06 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 1148 20 B
320 B 106ms
106ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=f1536d99-ea7d-489d-9bde-ef1042e96978-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:06 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 sync
eb2.3lift.com/ Frame 52EE 0
0 111ms
37ms Document
text/html 35.157.209.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.209.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-209-134.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
accept-encoding: gzip, deflate, br
cookie: tluid=14841888454184934068
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

status: 200
date: Mon, 03 Feb 2020 18:52:06 GMT
content-type: text/html; charset=utf-8
content-length: 493
set-cookie: sync=CgoIgQIQ4PmU44AuCgoI4gEQ4PmU44AuCgoI5gEQ4PmU44AuCgkICRDg-ZTjgC4KCgipARDg-ZTjgC4KCQg5EOD5lOOALgoJCDoQ4PmU44AuCgkICxDg-ZTjgC4KCgjOARDg-ZTjgC4KCQgfEOD5lOOALg==; Max-Age=7776000; Expires=Sun, 3 May 2020 18:52:06 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=14841888454184934068; Max-Age=7776000; Expires=Sun, 3 May 2020 18:52:06 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 7D77 0
0 36ms
35ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.1 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
accept-encoding: gzip, deflate, br
cookie: i=2ce327aa-473a-4d61-8de8-f7d4a9a8b998|1580755921
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=2ce327aa-473a-4d61-8de8-f7d4a9a8b998|1580755921; Version=1; Expires=Tue, 02-Feb-2021 18:52:06 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1580755926|mOsLgqgikin0fcmWiygu; Version=1; Expires=Tue, 18-Feb-2020 18:52:06 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.174.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 03 Feb 2020 18:52:06 GMT
content-type: text/html
content-length: 483
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 983E 0
0 102ms
44ms Document
text/html 95.100.196.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.237 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-196-237.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=3118898064656377665; icu=ChgIodc0EAoYBCAEKAQw1Nfh8QU4BEAESAQQ1Nfh8QUYAw..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
Vary: Accept-Encoding
ETag: W/"573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Tue, 02 Feb 2021 18:52:06 GMT
Date: Mon, 03 Feb 2020 18:52:06 GMT
Connection: keep-alive

GET
H2 200 index.html
cdn.districtm.io/ids/ Frame 29F5 0
0 115ms
114ms Document
text/html 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.districtm.io/ids/index.html

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

status: 200
date: Mon, 03 Feb 2020 18:52:06 GMT
content-type: text/html
set-cookie: __cfduid=d479ca00eaca07ca53ff93b6f39e28db61580755926; expires=Wed, 04-Mar-20 18:52:06 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
cf-ray: 55f6999a880ae5e8-LHR
cache-control: s-maxage=1209600, max-age=14400
last-modified: Thu, 10 Jan 2019 16:50:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
content-encoding: br

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame AD33 0
0 100ms
44ms Document
text/html 95.100.196.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.237 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-196-237.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=3118898064656377665; icu=ChgIodc0EAoYBCAEKAQw1Nfh8QU4BEAESAQQ1Nfh8QUYAw..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
Vary: Accept-Encoding
ETag: W/"573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Tue, 02 Feb 2021 18:52:06 GMT
Date: Mon, 03 Feb 2020 18:52:06 GMT
Connection: keep-alive

GET
H2 200 index.html
cdn.districtm.io/ids/ Frame 8CDD 0
0 137ms
137ms Document
text/html 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.districtm.io/ids/index.html

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

status: 200
date: Mon, 03 Feb 2020 18:52:06 GMT
content-type: text/html
set-cookie: __cfduid=d479ca00eaca07ca53ff93b6f39e28db61580755926; expires=Wed, 04-Mar-20 18:52:06 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
cf-ray: 55f6999a880fe5e8-LHR
cache-control: s-maxage=1209600, max-age=14400
last-modified: Thu, 10 Jan 2019 16:50:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
content-encoding: br

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 8AF0 0
0 98ms
43ms Document
text/html 95.100.196.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.237 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-196-237.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=3118898064656377665; icu=ChgIodc0EAoYBCAEKAQw1Nfh8QU4BEAESAQQ1Nfh8QUYAw..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
Vary: Accept-Encoding
ETag: W/"573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Tue, 02 Feb 2021 18:52:06 GMT
Date: Mon, 03 Feb 2020 18:52:06 GMT
Connection: keep-alive

GET
H2 200 sync
eb2.3lift.com/ Frame 8324 0
0 103ms
37ms Document
text/html 35.157.209.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.209.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-209-134.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
accept-encoding: gzip, deflate, br
cookie: tluid=14841888454184934068
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

status: 200
date: Mon, 03 Feb 2020 18:52:06 GMT
content-type: text/html; charset=utf-8
content-length: 493
set-cookie: sync=CgoIgQIQ4PmU44AuCgoI4gEQ4PmU44AuCgoI5gEQ4PmU44AuCgkICRDg-ZTjgC4KCgipARDg-ZTjgC4KCQg5EOD5lOOALgoJCDoQ4PmU44AuCgkICxDg-ZTjgC4KCgjOARDg-ZTjgC4KCQgfEOD5lOOALg==; Max-Age=7776000; Expires=Sun, 3 May 2020 18:52:06 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=14841888454184934068; Max-Age=7776000; Expires=Sun, 3 May 2020 18:52:06 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 7BC2 0
0 143ms
39ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 22 Jan 2020 11:16:09 GMT
ETag: "13006b6-973d-59cb8a6c84de0"
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14478
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=117678
Expires: Wed, 05 Feb 2020 03:33:24 GMT
Date: Mon, 03 Feb 2020 18:52:06 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 2800 0
0 159ms
57ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

Last-Modified: Wed, 22 Jan 2020 11:16:09 GMT
ETag: "13006b6-973d-59cb8a6c84de0"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14478
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=117678
Expires: Wed, 05 Feb 2020 03:33:24 GMT
Date: Mon, 03 Feb 2020 18:52:06 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 sync
eb2.3lift.com/ Frame 82CB 0
0 98ms
36ms Document
text/html 35.157.209.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.209.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-209-134.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
accept-encoding: gzip, deflate, br
cookie: tluid=14841888454184934068
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

status: 200
date: Mon, 03 Feb 2020 18:52:06 GMT
content-type: text/html; charset=utf-8
content-length: 493
set-cookie: sync=CgoIgQIQ3_mU44AuCgoI4gEQ3_mU44AuCgoI5gEQ3_mU44AuCgkICRDf-ZTjgC4KCgipARDf-ZTjgC4KCQg5EN_5lOOALgoJCDoQ3_mU44AuCgkICxDf-ZTjgC4KCgjOARDf-ZTjgC4KCQgfEN_5lOOALg==; Max-Age=7776000; Expires=Sun, 3 May 2020 18:52:06 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=14841888454184934068; Max-Age=7776000; Expires=Sun, 3 May 2020 18:52:06 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 index.html
cdn.districtm.io/ids/ Frame 9160 0
0 110ms
109ms Document
text/html 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.districtm.io/ids/index.html

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

status: 200
date: Mon, 03 Feb 2020 18:52:06 GMT
content-type: text/html
set-cookie: __cfduid=d479ca00eaca07ca53ff93b6f39e28db61580755926; expires=Wed, 04-Mar-20 18:52:06 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
cf-ray: 55f6999a9823e5e8-LHR
cache-control: s-maxage=1209600, max-age=14400
last-modified: Thu, 10 Jan 2019 16:50:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
content-encoding: br

GET
H2 200 index.html
cdn.districtm.io/ids/ Frame C9EF 0
0 111ms
111ms Document
text/html 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.districtm.io/ids/index.html

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

status: 200
date: Mon, 03 Feb 2020 18:52:06 GMT
content-type: text/html
set-cookie: __cfduid=d479ca00eaca07ca53ff93b6f39e28db61580755926; expires=Wed, 04-Mar-20 18:52:06 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
cf-ray: 55f6999a9835e5e8-LHR
cache-control: s-maxage=1209600, max-age=14400
last-modified: Thu, 10 Jan 2019 16:50:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
content-encoding: br

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame BF72 0
0 39ms
38ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.1 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
accept-encoding: gzip, deflate, br
cookie: i=2ce327aa-473a-4d61-8de8-f7d4a9a8b998|1580755921
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=2ce327aa-473a-4d61-8de8-f7d4a9a8b998|1580755921; Version=1; Expires=Tue, 02-Feb-2021 18:52:06 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1580755926|mOsLgqgikin0fcmWiygu; Version=1; Expires=Tue, 18-Feb-2020 18:52:06 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.174.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 03 Feb 2020 18:52:06 GMT
content-type: text/html
content-length: 483
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 40C6 0
0 129ms
38ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

Last-Modified: Wed, 22 Jan 2020 11:16:09 GMT
ETag: "13006b6-973d-59cb8a6c84de0"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14478
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=117678
Expires: Wed, 05 Feb 2020 03:33:24 GMT
Date: Mon, 03 Feb 2020 18:52:06 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame DB03 0
0 33ms
33ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.1 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=89b2e804-9392-4144-aae0-0555f3960da4&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
accept-encoding: gzip, deflate, br
cookie: i=2ce327aa-473a-4d61-8de8-f7d4a9a8b998|1580755921
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=2ce327aa-473a-4d61-8de8-f7d4a9a8b998|1580755921; Version=1; Expires=Tue, 02-Feb-2021 18:52:06 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1580755926|mOsLgqgikin0fcmWiygu; Version=1; Expires=Tue, 18-Feb-2020 18:52:06 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.174.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 03 Feb 2020 18:52:06 GMT
content-type: text/html
content-length: 483
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 2833 0
0 83ms
27ms Document
text/html 95.100.196.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.237 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-196-237.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=3118898064656377665; icu=ChgIodc0EAoYBCAEKAQw1Nfh8QU4BEAESAQQ1Nfh8QUYAw..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
Vary: Accept-Encoding
ETag: W/"573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Tue, 02 Feb 2021 18:52:06 GMT
Date: Mon, 03 Feb 2020 18:52:06 GMT
Connection: keep-alive

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame D14D 0
0 122ms
36ms Document
text/html 23.37.55.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-55-184.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Accept-Encoding: gzip, deflate, br
Cookie: rsid=1|Bcy8MVRC7ODdRTOg1ss9JhXtu58fJrGXvHdRGdGfflUb6MffUmLjR8SYYNWIjejNRnPu7DyhH2f6QyjGMzz/K1KrngFWuVYFygsqecqRRkN5zGTGXOMAbP+vG/+NWVuQHruckxUPIC7vzP0zZcc9qMx+RYfwEVE=; ses15=151312^1; vis15=151312^1; khaos=K66T9DHF-A-6SYE; ses10=151312^2; vis10=151312^2; audit=1|hLZGFuTafB1HcFY30uvHMAAAUjyB2/ymVpvw41iuwhq/qimIyVK+mcmOZNlrfnQZ8Wf+CDJvEd7vQn6gbej9EcxuhZpbWKLt+/AMC2wiya8=; ses2=151312^3; vis2=151312^3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Fri, 31 Jan 2020 17:16:13 GMT
Content-Encoding: gzip
Content-Length: 7780
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=73095
Expires: Tue, 04 Feb 2020 15:10:21 GMT
Date: Mon, 03 Feb 2020 18:52:06 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame DA66 0
0 124ms
40ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 22 Jan 2020 11:16:09 GMT
ETag: "13006b6-973d-59cb8a6c84de0"
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14478
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=117678
Expires: Wed, 05 Feb 2020 03:33:24 GMT
Date: Mon, 03 Feb 2020 18:52:06 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 sync
eb2.3lift.com/ Frame 0F98 0
0 75ms
36ms Document
text/html 35.157.209.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.209.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-209-134.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
accept-encoding: gzip, deflate, br
cookie: tluid=14841888454184934068
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

status: 200
date: Mon, 03 Feb 2020 18:52:06 GMT
content-type: text/html; charset=utf-8
content-length: 493
set-cookie: sync=CgoIgQIQ3_mU44AuCgoI4gEQ3_mU44AuCgoI5gEQ3_mU44AuCgkICRDf-ZTjgC4KCgipARDf-ZTjgC4KCQg5EN_5lOOALgoJCDoQ3_mU44AuCgkICxDf-ZTjgC4KCgjOARDf-ZTjgC4KCQgfEN_5lOOALg==; Max-Age=7776000; Expires=Sun, 3 May 2020 18:52:06 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=14841888454184934068; Max-Age=7776000; Expires=Sun, 3 May 2020 18:52:06 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 pd
u.openx.net/w/1.0/ Frame D9D8 0
0 41ms
39ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.4.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.1 /
Resource Hash

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd?gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
accept-encoding: gzip, deflate, br
cookie: i=2ce327aa-473a-4d61-8de8-f7d4a9a8b998|1580755921
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=2ce327aa-473a-4d61-8de8-f7d4a9a8b998|1580755921; Version=1; Expires=Tue, 02-Feb-2021 18:52:06 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1580755926|mOgikimWiygu; Version=1; Expires=Tue, 18-Feb-2020 18:52:06 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.174.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 03 Feb 2020 18:52:06 GMT
content-type: text/html
content-length: 373
content-encoding: gzip
via: 1.1 google
alt-svc: clear

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 1148 0
217 B 43ms
42ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=f1536d99&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:06 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 529ms
528ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6c559ba8443a111bb464cc9e5bcb694d1cdbe39479ab138acb3e8b1b62ddb0a2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:06 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 908

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 0316 421 KB
94 KB 25ms
25ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:06 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755926.dop101.lo4.t,1580755926.cds250.lo4.hn,1580755926.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902498
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 0316 29 KB
8 KB 21ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250509
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0316 160 B
861 B 50ms
50ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

89860af8ae644ee015055c924ad0a305072b2d8cbd96648368bd13d5d808fb19

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:08 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.25:80
AN-X-Request-Uuid: bb33fcca-7cbb-42ed-8cc3-607b5df117a7
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 0316 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d996ddfcc4de7608d154e07f796014062ab6940feea583731f42c1b54b3ca823

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:06 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0316 160 B
861 B 42ms
41ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e21bfe3921375ce770d2ca99b23c28920932b7c3d26dfb3d70bcc6f4d25a474a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:08 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.45:80
AN-X-Request-Uuid: b1099d10-f640-4ae6-ba38-6b68333be159
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 0316 44 B
667 B 58ms
58ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%225ed1607d%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=5ed1607d-ac21-4b6c-810d-98d05c65bfaf&pv=5ed1607d-ac21-4b6c-810d-98d05c65bfaf&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

c7d1db3ee30eeab0dc82753ea00f9193186f7944f72831f4a94b935f14c59777

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:06 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 0316 20 B
320 B 108ms
107ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=5ed1607d-ac21-4b6c-810d-98d05c65bfaf-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:07 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 0316 0
217 B 32ms
32ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=5ed1607d&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:07 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 44ms
44ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1fb26c428dd36034dd4a9af8e842326a95ab938a60b10d62450d56dae38c0488

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:07 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 919

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame E5AA 421 KB
94 KB 23ms
23ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:07 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755927.dop101.lo4.t,1580755927.cds250.lo4.hn,1580755927.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902497
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame E5AA 29 KB
8 KB 22ms
22ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250510
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E5AA 160 B
861 B 36ms
35ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

8be87871153eee7eee18dafe9673bfc86b1a881965f010b1f3bf55f30647f697

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:09 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.14:80
AN-X-Request-Uuid: 6475608f-6c24-477a-b1a9-dcf9fa701ca0
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame E5AA 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 0f15caa0200c68058bdb77e22e03f811244191d8dd64b27de045036e394df10f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:07 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E5AA 160 B
862 B 35ms
35ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

d49bd672e410bef14ff774baf2e17623881826100a9564235a34a5f3e76c62ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:09 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.200:80
AN-X-Request-Uuid: f0945b78-fa82-4fdd-a776-e644c7922ccc
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame E5AA 44 B
604 B 43ms
43ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%222b18d1e7%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=2b18d1e7-45a2-465d-8a06-1a9f8f745570&pv=2b18d1e7-45a2-465d-8a06-1a9f8f745570&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

976c05e6ba8b5535d4fde597b7645f1d3054d3621fddacfa5bd313242341ae46

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:07 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame E5AA 20 B
320 B 103ms
102ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=2b18d1e7-45a2-465d-8a06-1a9f8f745570-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:07 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame E5AA 0
217 B 33ms
32ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=2b18d1e7&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:07 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 77ms
76ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4bf4e7618633314ef56d9a33bf21ca7d169462da4fd00e96c1fae3430b5dd9ba

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:07 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 913

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame F1C3 421 KB
94 KB 23ms
22ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:07 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755927.dop101.lo4.t,1580755927.cds250.lo4.hn,1580755927.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902497
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame F1C3 29 KB
8 KB 22ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250510
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F1C3 160 B
862 B 42ms
41ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

940ffcfb52c8e1c865ae2eb2dbb4040e7b693539c79c6fda3a2dd5b8eec8671f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:09 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.187:80
AN-X-Request-Uuid: 1d37d0d4-8c59-4614-ba47-6a0bfe9fedbc
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame F1C3 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 0200d7a290ce2258d613d6c028ff3da2e9c6e5d0256bb751ee44d2279dac87ca

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:07 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F1C3 160 B
861 B 37ms
37ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a7e9a1102912cc3aee77ea683abdb91c8a910dce31dddc19ff6f41f5e53387ed

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:09 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.16:80
AN-X-Request-Uuid: c535bbf7-efc4-4c0c-855a-0874e086ddb1
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame F1C3 44 B
604 B 115ms
115ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%227217e5b6%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=7217e5b6-705a-4999-a712-7f5b0a41099d&pv=7217e5b6-705a-4999-a712-7f5b0a41099d&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

a2e673d93c9b970ff3ecfd46d7276c73a7287052304b27970569baee96415d16

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:07 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame F1C3 20 B
320 B 102ms
101ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=7217e5b6-705a-4999-a712-7f5b0a41099d-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:07 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame F1C3 0
217 B 36ms
35ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=7217e5b6&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:07 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 40ms
39ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6fbd27a436cb3a0bedbd617f51c0e37f466bcb29a61bdab7244b0d42441eae41

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:07 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 918

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 38FC 421 KB
94 KB 28ms
28ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:07 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755927.dop101.lo4.t,1580755927.cds250.lo4.hn,1580755927.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902497
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 38FC 29 KB
8 KB 22ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250511
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 38FC 166 B
1 KB 62ms
62ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

701727b3547d5a97352e87afbe2f638a098f96c88462ee6ac8ec8a9b106563e9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:10 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.176:80
AN-X-Request-Uuid: 14871941-3864-4252-9bc9-d1629dfcdad8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 38FC 150 B
340 B 14ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 928678ab9bfbb458d9a76ff42e8e4c838596d59bf6dd01b147c08df25d8c40b7

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:08 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 38FC 160 B
861 B 35ms
35ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

cf7feca75143377d0c374302bf7684dce261ecf42fc833ef110ad5586dfe02fe

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:10 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.16:80
AN-X-Request-Uuid: a7c2b487-3606-4967-ae79-453a04a6bd58
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 38FC 44 B
604 B 48ms
47ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22532a9304%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=532a9304-9881-43e2-9a47-3bb95abebc5a&pv=532a9304-9881-43e2-9a47-3bb95abebc5a&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

ed36b6334bd1a7b6cceb88de426bea72a59ea90ac868cc02fd6fbce9afdcaf5c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:08 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 47F8 0
162 B 98ms
98ms Image
text/plain 3.213.93.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:360,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:284,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:263,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:275,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:251,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=dcc3628db1088660deb11580755928081&c_pl=W6UwCaIyrnWnOF1A9Q-b1OiAbnZ0aRL0idvwkcl4LdWtCMOeOL0Xn63QkMwyfM4nUn1f8Nm_AI0lZB5MhoUJ2JYA_bVeN5ELeCl0R6YAgMP4vFvEJuvC7Oh8IWVUuuPd-QxDProVkuHdhYEFT0hDGVMu8thITKaHscvRsKi3K-apkE3OENP5ecVL2I5OZWUsrLQpMXu7ZSpDk6Z0h7m3tuF30qZJtr1OZtUP3gpXfmJbXm3vop8scwayc6EiTZzTmY6_HviXe0bBShP3-o_hvw&c_v=1882_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-sho&xplt=true&spp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.93.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-93-144.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Feb 2020 18:52:08 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 47F8 0
162 B 202ms
102ms Image
text/plain 3.213.93.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:354,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=0e210b4df30f51a3400f1580755928081&c_pl=W6UwCaIyrnWnOF1A9Q-b1OiAbnZ0aRL0idvwkcl4LdWtCMOeOL0Xn63QkMwyfM4nUn1f8Nm_AI0lZB5MhoUJ2JYA_bVeN5ELeCl0R6YAgMP4vFvEJuvC7Oh8IWVUuuPd-QxDProVkuHdhYEFT0hDGVMu8thITKaHscvRsKi3K-apkE3OENP5ecVL2I5OZWUsrLQpMXu7ZSpDk6Z0h7m3tuF30qZJtr1OZtUP3gpXfmJbXm3vop8scwayc6EiTZzTmY6_HviXe0bBShP3-o_hvw&c_v=1882_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-sho&xplt=true&spp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.93.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-93-144.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Feb 2020 18:52:08 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 38FC 20 B
320 B 110ms
109ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=532a9304-9881-43e2-9a47-3bb95abebc5a-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:08 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 38FC 0
217 B 33ms
32ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=532a9304&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:08 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 48ms
47ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 97e5e414dc009ec1ce8867f4779b492d13da7201a1f1c1993c73e90f5b1093cf

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:08 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 912

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 6C99 421 KB
94 KB 23ms
23ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:08 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755928.dop101.lo4.t,1580755928.cds250.lo4.hn,1580755928.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902496
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 6C99 29 KB
8 KB 22ms
22ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250511
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6C99 160 B
1017 B 35ms
35ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

65febf3c59ff4fea5dd7c8a921987fa87d75a2b229f54f556e1d13a922511728

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:10 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.123:80
AN-X-Request-Uuid: 3c128ecd-4f92-4edc-a96d-b4229af3b470
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 6C99 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: a6082f8b936b54ddda9501b76f01328fc819d601501399e4b773462fe6755b7e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:08 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6C99 159 B
1016 B 35ms
35ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

101a273ce6b9c03b0cbe62431209b17fe2432f3c4bf85bf66b7fc9b2b358d4ce

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:10 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.254:80
AN-X-Request-Uuid: 0f4c32de-d9a5-4985-8cc6-f56bd75e98a8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 6C99 44 B
604 B 82ms
82ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%2230c9b545%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=30c9b545-ed8a-4a8e-9582-3cc94bcb1a5d&pv=30c9b545-ed8a-4a8e-9582-3cc94bcb1a5d&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

f3671fb18cf8e5d01b75143295430617e1e223d940fcfca5a5c53780b1e011cc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:08 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 6C99 20 B
320 B 103ms
103ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=30c9b545-ed8a-4a8e-9582-3cc94bcb1a5d-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:08 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 6C99 0
217 B 32ms
32ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=30c9b545&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:08 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 34ms
34ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bc6cdb31f8e6673490af0c302a44d803ef9de7450c293d488fc7afa00f87fea0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:08 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 904

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 8FDD 421 KB
94 KB 23ms
23ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:08 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755928.dop101.lo4.t,1580755928.cds250.lo4.hn,1580755928.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902496
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 8FDD 29 KB
8 KB 22ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250511
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8FDD 160 B
1009 B 51ms
50ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

beba778d933f03e32209f04118a470d1a495dc6f2230ea16234bdde4d69fcac1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:10 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.107:80
AN-X-Request-Uuid: 4aa93049-1cdd-4d9d-ab24-780bef9625e7
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 8FDD 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 3535267bd0d3f037e1333df3230240a6d80ce5e6b02982ade06d64053e6f4ec9

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:08 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8FDD 160 B
1017 B 35ms
35ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

91eeb93a271ada6aa5fa29560a26c83252e82740fe5fe251500352e541780291

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:10 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.123:80
AN-X-Request-Uuid: 66da1cff-8977-459a-a024-69dee2a4fedf
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 8FDD 44 B
604 B 49ms
48ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22d9bfa180%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=d9bfa180-a78c-4b02-8a80-b7f7a8301299&pv=d9bfa180-a78c-4b02-8a80-b7f7a8301299&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

9a7575444f13af5803964be6134b7c6959919a987359de6400ba8f133422ffe7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:08 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 8FDD 20 B
320 B 121ms
120ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=d9bfa180-a78c-4b02-8a80-b7f7a8301299-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:08 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 8FDD 0
217 B 32ms
32ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=d9bfa180&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:08 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 34ms
33ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ed6a9b0e192b74d80769eef3f76e9b81bab1e624c24ce7a864493466acd085ec

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:08 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 908

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame C318 421 KB
94 KB 24ms
23ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:09 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755929.dop101.lo4.t,1580755929.cds250.lo4.hn,1580755929.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902495
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame C318 29 KB
8 KB 21ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250512
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C318 166 B
1 KB 47ms
47ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

263c4637ed52864fcbdebc4719fcd8023796c005daeffd972fb10de0060031be

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:11 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.244:80
AN-X-Request-Uuid: c011335d-a74a-4e0f-b901-08862f777b76
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame C318 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 5754e8bcd0d36bf11a88296fe8116a5f26d6ca288c3a39756ae75c9dbf446aa0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:09 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C318 166 B
1 KB 71ms
71ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

518b2f8d23685cc5bf3e8771181dafc9f2ffdee54de7e495523d68f7960d6185

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:11 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.166:80
AN-X-Request-Uuid: e17a4308-7aeb-461c-9564-6ce5a1fbfda7
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame C318 44 B
667 B 48ms
47ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22c8f0fc81%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=c8f0fc81-e16c-4ff9-a6ca-f599f7c4c2ac&pv=c8f0fc81-e16c-4ff9-a6ca-f599f7c4c2ac&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

3c877240e9f70e73d364949fcf2858c0a63c4c5ebb219d46b2ce58667d271fdb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:09 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame C318 20 B
320 B 112ms
111ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=c8f0fc81-e16c-4ff9-a6ca-f599f7c4c2ac-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:09 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame C318 0
217 B 91ms
91ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=c8f0fc81&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 40ms
39ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 869c9f9cbfb6924e8a9f5f8fb41a7f6d2b06a4bb49751c238a300a1cdb536017

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:09 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 915

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame EF73 421 KB
94 KB 76ms
75ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:09 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755929.dop101.lo4.t,1580755929.cds250.lo4.hn,1580755929.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902495
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame EF73 29 KB
8 KB 22ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250512
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame EF73 166 B
1 KB 100ms
99ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

6879618d482d845b7cd8de78737aa92b2b0910508957fa74e2f3e0fedb724896

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:11 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.28:80
AN-X-Request-Uuid: 53faafdc-2c69-40ad-8ec4-19c06cf357db
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame EF73 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 416da4a147b4eaa2b133a1a1eb63b5a8e7fa928e067122f26d5a7bc2fcf73984

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:09 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame EF73 160 B
1016 B 36ms
35ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

53c125002f46d7dae6f0b8fd0f4f07c436a693469f3f295087de043dc146031e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:11 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.16:80
AN-X-Request-Uuid: ff6972a6-2233-4af4-b739-de94eb1ca332
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame EF73 44 B
604 B 132ms
79ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%224eb36dd0%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=4eb36dd0-ce10-4567-8431-8feafa884d55&pv=4eb36dd0-ce10-4567-8431-8feafa884d55&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

122acc03268b561f442a26b979bd28c6258a4eab3a22f15e6104fa09f93f30ad

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:09 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame EF73 20 B
320 B 199ms
136ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=4eb36dd0-ce10-4567-8431-8feafa884d55-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:09 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame EF73 0
217 B 32ms
32ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=4eb36dd0&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 33ms
33ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4233244a4ea795124a84f63edba7922155ecf752891c556c81f343e151a581b5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:09 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 902

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 8E91 421 KB
94 KB 23ms
22ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:10 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755930.dop101.lo4.t,1580755930.cds250.lo4.hn,1580755930.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902494
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 8E91 29 KB
8 KB 21ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250513
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8E91 160 B
1017 B 36ms
36ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a08f246149b868dff5ae2486e73bcffb08ee85ed5bc56db25a96a0ad28617af1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:12 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.173:80
AN-X-Request-Uuid: 4599e477-25be-4dbf-9d85-fcccf683098f
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 8E91 150 B
340 B 14ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 4e6ce4d1ced611bf95a26b56bb27aeee51ed7dd0838f748a36c61c5ca457fa08

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:10 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8E91 160 B
1016 B 39ms
38ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

988c06bbac4e090f84bd31495d6053e5af6a424d1949d15cedae16400a23ff5f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:12 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.13:80
AN-X-Request-Uuid: ebd65eab-0f1c-4dfa-92f4-5ab206e085a6
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 8E91 44 B
604 B 98ms
43ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%229078f719%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=9078f719-422f-4f84-8079-9843070b5fac&pv=9078f719-422f-4f84-8079-9843070b5fac&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

88ebb66de3331eb24cb56e0fdbad225bce36716a8e85cab72f2cdd8405ca27d9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:10 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 8E91 20 B
320 B 162ms
100ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=9078f719-422f-4f84-8079-9843070b5fac-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:10 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 8E91 0
217 B 32ms
32ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=9078f719&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:10 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 33ms
33ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a56669f7e6d45c53dab105241533c70d07700c6e2e2fb5dc1ac0dd1119038154

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:10 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 914

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 2C82 421 KB
94 KB 23ms
23ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:10 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755930.dop101.lo4.t,1580755930.cds250.lo4.hn,1580755930.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902494
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 2C82 29 KB
8 KB 21ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250513
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 2C82 160 B
1016 B 39ms
39ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

bb6de9d08c978260fa6ab8d15c1388a38311b7d8a4feb48ade89bab73d27b249

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:12 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.40:80
AN-X-Request-Uuid: e23f51b4-cbb9-42a6-892f-127a84319cda
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 2C82 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 5530acea889113dde550780da87615872823f45d71bde1d0138fdc5e2da4b52e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:10 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 2C82 160 B
1016 B 35ms
35ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

3bf9e60726c4f84f4e72d2115897d1095939c69879bfc1580a5907f112d47714

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:12 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.51:80
AN-X-Request-Uuid: e37af384-06db-4385-92e6-656159d2feb8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 2C82 44 B
604 B 43ms
43ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%220479c9ec%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=0479c9ec-5b0b-4f4f-a1f6-6112d5f5e915&pv=0479c9ec-5b0b-4f4f-a1f6-6112d5f5e915&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

e0cea41fdaff2d58e31fee4e0f582d04f9e5f6825deac72c79d2f9d5c4e7024f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:10 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 2C82 20 B
320 B 100ms
100ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=0479c9ec-5b0b-4f4f-a1f6-6112d5f5e915-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:10 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 2C82 0
217 B 33ms
32ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=0479c9ec&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:10 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 34ms
33ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6800d50a3ca73f4a63fb758f8cc41e920de0ed920ec64d39acb78f58edc52cb6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:10 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 908

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 5DA6 421 KB
94 KB 24ms
24ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:10 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755930.dop101.lo4.t,1580755930.cds250.lo4.hn,1580755930.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902494
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 5DA6 29 KB
8 KB 22ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250513
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5DA6 160 B
1016 B 276ms
276ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

dad4b2f69ecf1d53c96a4f27fae1ee718668756604eb6e92e3c4d1eca4dfac46

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:13 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.40:80
AN-X-Request-Uuid: 19e05042-1569-445a-8a94-7635dd9c0b0a
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 5DA6 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 4630e04faef7e76236283e2e47cd2529bcdfbe32126d49b9ee0070ee3faef5e6

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:10 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5DA6 160 B
1017 B 43ms
43ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

de2fb045962f9a8296004fb25a5380ac9c846b5e5b73c99f948a83d20bb387e4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:12 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.166:80
AN-X-Request-Uuid: 3aa2871a-ebca-4fb5-86d7-5bd5c280244a
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 5DA6 44 B
604 B 68ms
67ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22b459a46a%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=b459a46a-c0d5-4dd4-b877-794c6dd34df4&pv=b459a46a-c0d5-4dd4-b877-794c6dd34df4&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

0a11ba4dbce84f50667571a501e3f02ad0bdd908a1812f182ee65cc50af66348

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:10 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 47F8 0
162 B 97ms
97ms Image
text/plain 3.213.93.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:239,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:356,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:507,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:344,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:260,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=c3a2f05bb3f8025df5461580755931082&c_pl=W6UwCaIyrnWnOF1A9Q-b1OiAbnZ0aRL0idvwkcl4LdWtCMOeOL0Xn63QkMwyfM4nUn1f8Nm_AI0lZB5MhoUJ2JYA_bVeN5ELeCl0R6YAgMP4vFvEJuvC7Oh8IWVUuuPd-QxDProVkuHdhYEFT0hDGVMu8thITKaHscvRsKi3K-apkE3OENP5ecVL2I5OZWUsrLQpMXu7ZSpDk6Z0h7m3tuF30qZJtr1OZtUP3gpXfmJbXm3vop8scwayc6EiTZzTmY6_HviXe0bBShP3-o_hvw&c_v=1882_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-sho&xplt=true&spp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.93.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-93-144.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Feb 2020 18:52:11 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 47F8 0
162 B 103ms
102ms Image
text/plain 3.213.93.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:314,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:324,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=77e5b9c38bc359c440111580755931082&c_pl=W6UwCaIyrnWnOF1A9Q-b1OiAbnZ0aRL0idvwkcl4LdWtCMOeOL0Xn63QkMwyfM4nUn1f8Nm_AI0lZB5MhoUJ2JYA_bVeN5ELeCl0R6YAgMP4vFvEJuvC7Oh8IWVUuuPd-QxDProVkuHdhYEFT0hDGVMu8thITKaHscvRsKi3K-apkE3OENP5ecVL2I5OZWUsrLQpMXu7ZSpDk6Z0h7m3tuF30qZJtr1OZtUP3gpXfmJbXm3vop8scwayc6EiTZzTmY6_HviXe0bBShP3-o_hvw&c_v=1882_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-sho&xplt=true&spp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.93.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-93-144.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Feb 2020 18:52:11 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 5DA6 20 B
320 B 106ms
105ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=b459a46a-c0d5-4dd4-b877-794c6dd34df4-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:11 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 5DA6 0
217 B 32ms
31ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=b459a46a&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:11 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 33ms
33ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 96cf20d1899788e9e805473a337cd23da1a997efdd5796e89b4400835ed374d5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:11 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 915

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 3E70 421 KB
94 KB 23ms
23ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:11 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755931.dop101.lo4.t,1580755931.cds250.lo4.hn,1580755931.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902493
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 3E70 29 KB
8 KB 22ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250514
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3E70 159 B
1015 B 36ms
36ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

8618c7bd9bf188e239297cac4690006f84ed10bc13ea2f812d938cf2ec033f7a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:13 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.25:80
AN-X-Request-Uuid: a4b22c49-2340-46c9-970b-3c25a859e04c
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 3E70 150 B
340 B 13ms
12ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 4cc59f7b78da1a8b38b5342e6a1b1d017a2d2467d9913846d7ced138ead60874

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:11 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3E70 160 B
1017 B 44ms
44ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

17e957e1ef9550810f5a5671ec360818b3f0f301741d10d6c454af89306e97f0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:13 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.113:80
AN-X-Request-Uuid: 05f0e0ee-b163-4437-ac03-72428e7d1283
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 3E70 44 B
604 B 257ms
204ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22ad00f63c%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=ad00f63c-c0d9-46bf-b605-a00ee9731c0c&pv=ad00f63c-c0d9-46bf-b605-a00ee9731c0c&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

cea29ae7caf26d487a42645daccff679d16fa7946df0cd7f6bb428c9d0a5e200

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:11 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 3E70 20 B
320 B 103ms
103ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=ad00f63c-c0d9-46bf-b605-a00ee9731c0c-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:11 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 3E70 0
217 B 35ms
34ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=ad00f63c&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:11 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 35ms
35ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6020fa6914057cbd6a250ff8b2442c3ec62c2fdee26e2a58299b37e3597dafbf

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:11 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 903

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 0661 421 KB
94 KB 23ms
23ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:11 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755931.dop101.lo4.t,1580755931.cds250.lo4.hn,1580755931.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902493
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 0661 29 KB
8 KB 22ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250514
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0661 160 B
861 B 36ms
36ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

ebf7bffae72f2c78f29a1f7132d251d2021ff8da2f48a1f187a17775c9af43a1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:13 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.49:80
AN-X-Request-Uuid: f63cfd65-e06b-47cb-8326-4b736f334b88
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 0661 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 766d238937bd9916fa02474800676d8af1df81ec44f312f57d774971d538e5a8

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:11 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0661 160 B
862 B 39ms
39ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e19724cd1be4acbfe57bfdbb4039b62e22457f9bd5eba70f658bf8656996ab2d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:13 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.121:80
AN-X-Request-Uuid: 69721473-a889-4af1-8c89-af59a3d361ef
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 0661 44 B
669 B 100ms
47ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%225a5fe6b5%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=5a5fe6b5-37e2-40da-abd4-58b388f65b4b&pv=5a5fe6b5-37e2-40da-abd4-58b388f65b4b&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

f35d60e64ca30d036936395a507bc0b54d5da86e04dce3ffc04c0759569b0e31

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:11 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 0661 20 B
320 B 170ms
105ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=5a5fe6b5-37e2-40da-abd4-58b388f65b4b-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:12 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 0661 0
217 B 34ms
33ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=5a5fe6b5&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:12 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 33ms
32ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aacb699b1ff6ee33c47c873a9d9babea6ff426f6c8145f3b1f402bdf51c68f11

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:12 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 919

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 84D5 421 KB
94 KB 22ms
22ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:12 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755932.dop101.lo4.t,1580755932.cds250.lo4.hn,1580755932.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902492
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 84D5 29 KB
8 KB 21ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250515
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 84D5 160 B
861 B 38ms
37ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

369dcf64c729554dd7bdb119d702a3af57b1fd904cb9388a0f564b8ee1f46f8b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:14 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.51:80
AN-X-Request-Uuid: 21076034-84a4-4985-9a37-4c647c2212dc
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 84D5 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 0b4e5dca6d42c7ccf8fc26e17845e42da2e182f2d812f010680ab91679799e6a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:12 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 84D5 166 B
1 KB 63ms
63ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

8c7bc02fb09d1c08c5638c34bfcf436d7ea41e4b4c8dc05898a6dad92138cb5c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:14 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.48:80
AN-X-Request-Uuid: 799470b3-5bbd-439b-bcf2-f10902a4b418
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 84D5 44 B
605 B 113ms
58ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22418e18c6%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=418e18c6-3440-4831-9f2d-bb7d6d803a1f&pv=418e18c6-3440-4831-9f2d-bb7d6d803a1f&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

baf1d3f064f9d880a2c4d1f98b1cc798557233d6d181828180d600ff1f6b2822

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:12 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 84D5 20 B
320 B 220ms
156ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=418e18c6-3440-4831-9f2d-bb7d6d803a1f-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:12 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 84D5 0
217 B 34ms
34ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=418e18c6&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:12 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 33ms
33ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ddc558682b1397b410087c34b4174a3d5891a0aed6243d9c94768c7d60e281e2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:12 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 912

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame A3B9 421 KB
94 KB 22ms
22ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:12 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755932.dop101.lo4.t,1580755932.cds250.lo4.hn,1580755932.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902492
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame A3B9 29 KB
8 KB 21ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250515
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A3B9 160 B
1009 B 35ms
35ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

f01fec33ad513f73c7b204d93dc047b4d9a0aadc73ffc379af2a021f93a44993

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:14 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.106:80
AN-X-Request-Uuid: 33e3955c-3e5f-42e3-90c9-03ad128c83d8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame A3B9 150 B
340 B 13ms
12ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 3ae5561ec67cce55f10098548f2030669ea41b9465c28a4e305be994e3fc1133

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:12 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A3B9 160 B
1016 B 36ms
36ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

627033427a71f698af725458d6b686d55c4422762a606e18ddbf3ca4bfeaf0c3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:14 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.55:80
AN-X-Request-Uuid: 2abaaef2-1fcc-4999-b0aa-68604ebf00ca
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame A3B9 44 B
605 B 59ms
59ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22da80253a%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=da80253a-b3c7-48f7-899f-ca44ae13f0f1&pv=da80253a-b3c7-48f7-899f-ca44ae13f0f1&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

264f5c8e48543e8bf7c9a7e7033fb61a8cca74fc99094decaa31f6caad75bee0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:12 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame A3B9 20 B
320 B 102ms
101ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=da80253a-b3c7-48f7-899f-ca44ae13f0f1-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:12 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame A3B9 0
217 B 33ms
32ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=da80253a&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:12 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 33ms
33ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8ba582c213b4d9ff71e0731194b3f218feb8895ee840caa1e0e3acb4cc0ba37b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:12 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 909

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame E75B 421 KB
94 KB 23ms
23ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:13 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755933.dop101.lo4.t,1580755933.cds250.lo4.hn,1580755933.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902491
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame E75B 29 KB
8 KB 21ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250516
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E75B 160 B
1017 B 44ms
44ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

009ab43082dce45bc997a40b7d905473fe56bc7b7f2bad93e55a504b383c0203

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:15 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.199:80
AN-X-Request-Uuid: 34a01ae6-c127-4e59-b2d8-fcaecfeb1b30
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame E75B 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 455759bee5ad6b16b5881ca0740c552caa5deecf8b641405f6d69f13b3d15545

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:13 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E75B 160 B
1017 B 38ms
37ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

d24cb9eeff44ebf1a7427f4966f54a70f6c246feb9869458ed8e94995df0ef4f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:15 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.167:80
AN-X-Request-Uuid: 799565ea-6eed-4f05-80eb-5642cf035edd
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame E75B 44 B
669 B 76ms
76ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%221e2317c0%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=1e2317c0-1aaf-47fb-81c2-871ad9aaa29a&pv=1e2317c0-1aaf-47fb-81c2-871ad9aaa29a&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

23987b015b6f5ae4c2985fc517de6c811226614ef65fb5fbdf52f35cdc1f5c81

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:13 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame E75B 20 B
320 B 101ms
101ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=1e2317c0-1aaf-47fb-81c2-871ad9aaa29a-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:13 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame E75B 0
217 B 33ms
32ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=1e2317c0&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:13 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 33ms
32ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 371c70312b7c4429a00f4bd98b4bdc74427c1ba16433010aeccb422c09d3964b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:13 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 902

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 655F 421 KB
94 KB 23ms
23ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:13 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755933.dop101.lo4.t,1580755933.cds250.lo4.hn,1580755933.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902491
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 655F 29 KB
8 KB 21ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250516
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 655F 160 B
1017 B 35ms
35ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

146d99745580440061491a9bd14ab83d5d83fc26a1d7d6ec6ee2fde50f146368

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:15 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.111:80
AN-X-Request-Uuid: 5454b83a-d29d-4e7a-9771-2029d7f28668
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 655F 150 B
340 B 14ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 0ca632cab81646faa240b95e576fc65d24870febc2f9466b97a650a3d1469920

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:13 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 655F 160 B
1016 B 40ms
40ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

18c00f32545db04b734e2d2fdd67159d0cb75db3c796bea0959e15da68b86fb1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:15 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.50:80
AN-X-Request-Uuid: d42e84dd-aba7-4fd9-b130-9b585aad972c
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 655F 44 B
605 B 111ms
111ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%222a9d5027%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=2a9d5027-ba34-4c79-aa87-31f6c1710776&pv=2a9d5027-ba34-4c79-aa87-31f6c1710776&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

bf8f9e61a5f9385174a80bfc41510b2744742d2b6b4cbf22e421ef89656dca86

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:13 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 655F 20 B
320 B 98ms
97ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=2a9d5027-ba34-4c79-aa87-31f6c1710776-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:13 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 655F 0
217 B 33ms
33ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=2a9d5027&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:13 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 33ms
33ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 53dfd289dca2b5ae738729140561756d2fe67ea5b149820e3e0758adafc625c1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:13 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 894

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 357E 421 KB
94 KB 25ms
24ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:13 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755933.dop101.lo4.t,1580755933.cds250.lo4.hn,1580755933.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902491
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 357E 29 KB
8 KB 22ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250516
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 357E 160 B
1016 B 80ms
79ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

06a43c554095109f1b3591cf66e0e08d28cff5d0b366a2afc33b56ef583f3103

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:15 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.40:80
AN-X-Request-Uuid: a50bb80a-93ea-473f-880c-aa7981838304
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 357E 150 B
340 B 14ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 65f9e2d97c111487b0deee1103423d9fa88f7d722bc9a1256473170f8d41fb43

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:13 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 357E 160 B
1016 B 79ms
79ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0419639e920020e0daa0339713840cbdbba1c96879c0b15955d27b1be2ddeb95

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:15 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.42:80
AN-X-Request-Uuid: 20807136-9bcf-4c9a-9710-4acf6412685b
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 357E 44 B
605 B 80ms
79ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%2210980a2d%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=10980a2d-95dd-4877-8e7e-6bf0a30c65fa&pv=10980a2d-95dd-4877-8e7e-6bf0a30c65fa&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

ced2dbd2ce02da089c8c2963b3af5775203ba5e3d370804bf491c251ab7eae2d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:13 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 357E 20 B
320 B 107ms
107ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=10980a2d-95dd-4877-8e7e-6bf0a30c65fa-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:13 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 357E 0
217 B 68ms
67ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=10980a2d&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:14 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 33ms
33ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7ef41990af92715f92adfeb41d4effe8ff32a826acd136337f0ee76f672bb906

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:14 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 910

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 47F8 0
162 B 103ms
103ms Image
text/plain 3.213.93.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:369,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:306,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:267,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:251,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:425,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=dec2aeaf27be03b48c181580755934082&c_pl=W6UwCaIyrnWnOF1A9Q-b1OiAbnZ0aRL0idvwkcl4LdWtCMOeOL0Xn63QkMwyfM4nUn1f8Nm_AI0lZB5MhoUJ2JYA_bVeN5ELeCl0R6YAgMP4vFvEJuvC7Oh8IWVUuuPd-QxDProVkuHdhYEFT0hDGVMu8thITKaHscvRsKi3K-apkE3OENP5ecVL2I5OZWUsrLQpMXu7ZSpDk6Z0h7m3tuF30qZJtr1OZtUP3gpXfmJbXm3vop8scwayc6EiTZzTmY6_HviXe0bBShP3-o_hvw&c_v=1882_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-sho&xplt=true&spp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.93.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-93-144.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Feb 2020 18:52:14 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 47F8 0
162 B 97ms
97ms Image
text/plain 3.213.93.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:387,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:457,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:517,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=e1f7844a70c56917e5d01580755934082&c_pl=W6UwCaIyrnWnOF1A9Q-b1OiAbnZ0aRL0idvwkcl4LdWtCMOeOL0Xn63QkMwyfM4nUn1f8Nm_AI0lZB5MhoUJ2JYA_bVeN5ELeCl0R6YAgMP4vFvEJuvC7Oh8IWVUuuPd-QxDProVkuHdhYEFT0hDGVMu8thITKaHscvRsKi3K-apkE3OENP5ecVL2I5OZWUsrLQpMXu7ZSpDk6Z0h7m3tuF30qZJtr1OZtUP3gpXfmJbXm3vop8scwayc6EiTZzTmY6_HviXe0bBShP3-o_hvw&c_v=1882_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-sho&xplt=true&spp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.93.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-93-144.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Feb 2020 18:52:14 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame A883 421 KB
94 KB 24ms
23ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:14 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755934.dop101.lo4.t,1580755934.cds250.lo4.hn,1580755934.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902490
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame A883 29 KB
8 KB 21ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250517
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A883 160 B
1016 B 37ms
37ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

ed140c980a14b1a985231f3df94762f028cc37405bd295df3070f009968f96ae

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:16 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.42:80
AN-X-Request-Uuid: a5aaad3c-e685-4a7e-97d0-f3888837aedc
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame A883 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 62ff9ca5047b718250c62f712da249cb040bfc3f41fd84ebbf05f21a6d643f03

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:14 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A883 160 B
1017 B 39ms
39ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

56ffa1f61e823e43d9020d413f25cb297c70fc15411d6be99cc743caa2438706

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:16 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.184:80
AN-X-Request-Uuid: 1708393c-a7db-4a40-9e04-c85f96d5c16f
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame A883 44 B
605 B 72ms
71ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%223530b325%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=3530b325-ff11-40d5-ba72-07cde78ba6f4&pv=3530b325-ff11-40d5-ba72-07cde78ba6f4&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

6d09bc29b8552ad70c6a62957a207286a5ffe011d4afc400defffb622faf1887

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:14 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame A883 20 B
320 B 104ms
104ms XHR
application/json 34.252.47.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=3530b325-ff11-40d5-ba72-07cde78ba6f4-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.47.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-47-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Feb 2020 18:52:14 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame A883 0
217 B 32ms
32ms XHR
text/plain 52.211.26.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=3530b325&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.26.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-26-131.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Mon, 03 Feb 2020 18:52:14 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 47F8 2 KB
1 KB 34ms
33ms XHR
application/xml 34.247.198.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.198.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-198-69.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c67b7152865e65a147134a3b99ded98f054710e782d5160bb25ac81a9f22c6dc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com

Response headers

Date: Mon, 03 Feb 2020 18:52:14 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 902

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 66E8 421 KB
94 KB 23ms
22ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Mon, 03 Feb 2020 18:52:14 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: EDC20434BBAC21AF
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1580755934.dop101.lo4.t,1580755934.cds250.lo4.hn,1580755934.cds090.lo4.c
content-type: application/javascript
status: 200
cache-control: max-age=902490
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: x6zzDAUcJ92rwbw0X4ZmoQy6yRPSupnTHTJ+bt4PXR9PtoFlp+ApXUso01P+l6pr3DaA8tEMBlI=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 66E8 29 KB
8 KB 21ms
21ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 31 Jan 2020 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250517
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: ZBF1eDRjUDN7ji20/Pa/XkPuLm6wlxseKJKQf/oduZnL9r7zp1U3A3lFMi9920v2HTuLFTgv5E8=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 82B82267E60A3B35
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 66E8 159 B
1016 B 35ms
35ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

59ae8a09c325bae1ff3060b5a812125296bb994a64a0a14dfbb9863fab07f605

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:16 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.121:80
AN-X-Request-Uuid: 1a811b47-8773-463e-b3db-9e99b8d5f871
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 66E8 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 44832e8656d71ea97bb6ba5ab51417e8105b96f7c6711dea275423d2431f455b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Feb 2020 18:52:14 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 66E8 160 B
1016 B 37ms
37ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

145278ea7471abf6898c562b20acc2a363a1c8c7656e5d794492586530016334

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:16 GMT
X-Proxy-Origin: 185.16.206.89; 185.16.206.89; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.26:80
AN-X-Request-Uuid: 919637dc-b1d7-4ac2-aced-317ced08c0fa
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 66E8 44 B
605 B 93ms
92ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22e02b8bc6%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=e02b8bc6-39ed-44b4-a3de-eb005c80c771&pv=e02b8bc6-39ed-44b4-a3de-eb005c80c771&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

7a7a6b356f3a2609eb3878310864dd60818f6450c855c1487b89a64ee9231277

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Feb 2020 18:52:14 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET bc2
bc-rtb-dub.springserve.com/ Frame 66E8 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1429c9e7b4f57545;misc=1580755918923;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=144ef65dce0ad179;misc=1580755918923;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=147dda570b13c986;misc=1580755918923;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=148980a5a9743262;misc=1580755918923;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=149ea1b295f68431;misc=1580755918923;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146918/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=152913fe39fe2a4d;misc=1580755918923;

Domain: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmicrosoft-detects-new-ta505-malware-attacks-after-short-break%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=ecf7750c-4570-431a-88a0-bb6f2d057f54%2C279bae4a-2022-497e-b3af-75cbdbeae35e%2Cd38ea8f8-217a-4cb5-99ae-fc7adcf15188%2Cda160e62-3590-4b11-bb54-e0926d2555dd%2C51852c79-2b48-4b24-8354-901d85b20acc%2Cb51a4ec4-7c02-4491-9a1a-06031890eb0e&nocache=1580755918927&pubcid=2ce327aa-473a-4d61-8de8-f7d4a9a8b998&schain=1.0%2C1!freestar.io%2C535%2C1%2C%2C%2C&aus=728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250%7C300x250%2C300x600%7C300x250%2C300x600%7C728x90%7C300x250%2C300x600&divIds=bleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_300x250_300x600_160x600_Right_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&auid=540959250%2C540959250%2C540959250%2C540959250%2C540959250%2C540959250&

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14303ad63f99a8cf;misc=1580755918923

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1458b35aecffacf1;misc=1580755918923

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1460e0ed0d4bd21e;misc=1580755918923

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146913/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=151c9587d69ab123;misc=1580755918923

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146915/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14058cbedbfee68b;misc=1580755918923

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146917/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=1509796e3cb0f526;misc=1580755918923

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5146916/0/0/ADTECH;cfp=1;rndc=1580755919;v=2;cmd=bid;cors=yes;alias=14163fe21592e06d;misc=1580755918923

Domain: bc-rtb-dub.springserve.com
URL: https://bc-rtb-dub.springserve.com/bc2?r=e02b8bc6-39ed-44b4-a3de-eb005c80c771-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 07:05:56	Name: test_cookie Value: CheckForPermission
.bleepingcomputer.com/	1970-01-19 07:49:07	Name: __beaconTrackerID Value: mkj6b06mj
www.bleepingcomputer.com/	1970-01-19 07:49:07	Name: _fsloc Value: ?i=GB&c=London
www.bleepingcomputer.com/	1970-01-26 14:17:55	Name: _fsuid Value: 6d58324b-4e19-4ccb-bdb4-875e000b466d
www.bleepingcomputer.com/	1970-01-19 15:51:31	Name: _pubcid Value: 2ce327aa-473a-4d61-8de8-f7d4a9a8b998

36 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://quantcast.mgr.consensu.org/cmp.js(Line 1) Message: Dependency check failed for Publisher Purpose Legitimate Interest IDs: Publisher Purpose Legitimate Interest IDs must be an array containing only purpose IDs contained in the Publisher Purpose IDs array, the following purpose IDs will be ignored: 1, 4, 5
console-api	warning	URL: https://static.quantcast.mgr.consensu.org/v28/cmpui-popup.js(Line 1) Message: Unable to get NonIab Vendor list.
console-api	log	URL: https://freestar-io.videoplayerhub.com/gallery.js(Line 1) Message: Video gallery initializing
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020012701.js(Line 6) Message: Exception in queued GPT command TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	info	URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js(Line 409) Message: Powered by AMP ⚡ HTML – Version 2001251659540 https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
console-api	info	URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js(Line 409) Message: Powered by AMP ⚡ HTML – Version 2001251659540 https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
console-api	info	URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js(Line 409) Message: Powered by AMP ⚡ HTML – Version 2001251659540 https://www.bleepingcomputer.com/news/security/microsoft-detects-new-ta505-malware-attacks-after-short-break/
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1882/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
apex.go.sonobi.com
api.quantcast.mgr.consensu.org
as-sec.casalemedia.com
audit.quantcast.mgr.consensu.org
bc-rtb-dub.springserve.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.pub.network
cdn-ssl.vidible.tv
cdn.ampproject.org
cdn.connatix.com
cdn.districtm.io
cdns.connatix.com
ck.connatix.com
cluster-na.cdnjquery.com
confiant-integrations.global.ssl.fastly.net
core.connatix.com
cse.google.com
d.pub.network
dmx.districtm.io
eb2.3lift.com
ecdn.analysis.fi
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
googleads.g.doubleclick.net
graph.facebook.com
hbopenbid.pubmatic.com
i.connatix.com
ib.adnxs.com
pagead2.googlesyndication.com
prebid.pub.network
protect-us.mimecast.com
quantcast.mgr.consensu.org
rtb.connatix.com
s7.addthis.com
s9.addthis.com
securepubads.g.doubleclick.net
static.quantcast.mgr.consensu.org
tlx.3lift.com
tpc.googlesyndication.com
trk.connatix.com
u.openx.net
v1.addthisedge.com
vendorlist.consensu.org
vid-io.springserve.com
vid.springserve.com
vpaid.springserve.com
web.hb.ad.cpe.dotomi.com
www.bleepingcomputer.com
www.bleepstatic.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.reddit.com
z.moatads.com
adserver-us.adtech.advertising.com
bc-rtb-dub.springserve.com
freestar-d.openx.net
104.16.190.66
104.20.59.209
104.26.12.6
13.35.253.57
13.35.253.87
143.204.213.153
143.204.214.119
143.204.214.2
151.101.113.140
151.101.113.194
151.101.114.217
151.101.14.217
152.199.21.89
172.217.22.70
178.162.133.150
185.64.189.112
205.139.111.113
212.71.236.117
216.58.207.34
23.210.248.44
23.210.249.164
23.210.249.92
23.37.55.184
2600:9000:2057:5800:9:46dc:4700:93a1
2600:9000:214f:a00:9:46dc:4700:93a1
2600:9000:214f:a800:1:af78:4c0:93a1
2606:4700:20::681a:18b
2a00:1288:f03d:1fa::2000
2a00:1450:4001:800::2002
2a00:1450:4001:806::200e
2a00:1450:4001:808::2003
2a00:1450:4001:809::200a
2a00:1450:4001:81a::2004
2a00:1450:4001:820::2001
2a00:1450:4001:820::2002
2a00:1450:4001:821::2002
2a00:1450:4001:821::200e
2a00:1450:4001:824::2002
2a00:1450:4001:824::2008
2a00:1450:4001:825::2002
2a02:fa8:8806:16::1460
2a03:2880:f02d:e:face:b00c:0:2
3.213.93.144
34.247.198.69
34.252.47.177
34.95.120.147
35.157.209.134
35.157.40.44
35.188.71.214
35.226.134.247
35.226.36.58
37.252.172.250
52.1.207.152
52.211.26.131
52.29.78.64
52.45.66.51
54.88.18.195
69.16.175.10
69.173.144.141
95.100.196.237
95.100.197.246
009ab43082dce45bc997a40b7d905473fe56bc7b7f2bad93e55a504b383c0203
01ab81e1f90cf76c54d5f1e2f7ad0c9fd5216728cbe10739636b9e5d010ac4c2
01c00d59c63921b2fe1e39ba741be020fd873448b7cd65507dd4caa7a557dfa9
0200d7a290ce2258d613d6c028ff3da2e9c6e5d0256bb751ee44d2279dac87ca
02fab07d57d6ec2279b0a21239e593fe65915ce90c377687cea6cd750fea588d
03f9b0c07587fddf153526f4a2bcfd0e1ef1e1508769558b28ed883943d79985
0419639e920020e0daa0339713840cbdbba1c96879c0b15955d27b1be2ddeb95
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
060cdd9e9505aabff86edab8e74ad408f4f643f81e9287e4bb6126dcf83eb876
06a43c554095109f1b3591cf66e0e08d28cff5d0b366a2afc33b56ef583f3103
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06ccce22395fc2935ee0b86b884d90cc601fb85b800f2e8a210e16e32cff9551
077975983a28218e6dbe7fb817bf69cbc0aecaa07b41df57f34f837b67c698a3
08af43bcf27795d56a53dfd361538049c488e783ab61e2c109c692829b3300e1
08cb302a491f30074105f1e227bfa91e66f471877fa52bb20ba76df1efb98523
0a11ba4dbce84f50667571a501e3f02ad0bdd908a1812f182ee65cc50af66348
0b4e5dca6d42c7ccf8fc26e17845e42da2e182f2d812f010680ab91679799e6a
0b80abddb430ca9804d794bff7ab297089d2744b5ad364d2e6b0fcfd5bb8ccf5
0c5889d72d723466b235c959a5cbe3ca215ce5ac630ddcc69194f7e6a812f164
0ca632cab81646faa240b95e576fc65d24870febc2f9466b97a650a3d1469920
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f15caa0200c68058bdb77e22e03f811244191d8dd64b27de045036e394df10f
0f26954e59757f573c709bcabe82328c10ea5f250fe6a48082eaea2e116bbb8f
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
101a273ce6b9c03b0cbe62431209b17fe2432f3c4bf85bf66b7fc9b2b358d4ce
113769b67c35dd097357b1847eca10cf60a05bb0c6323e9915ce0f4199bcf3af
122acc03268b561f442a26b979bd28c6258a4eab3a22f15e6104fa09f93f30ad
145278ea7471abf6898c562b20acc2a363a1c8c7656e5d794492586530016334
146d99745580440061491a9bd14ab83d5d83fc26a1d7d6ec6ee2fde50f146368
161dfdf807ac9a78d58914e749ca5ce81c0753326f7df90970cef2c2b27f79ba
16d93f8991abc2b531c7c1f5e54bf6f8b941ee9595ebcf61370ee0b9d1047fb1
17e957e1ef9550810f5a5671ec360818b3f0f301741d10d6c454af89306e97f0
18c00f32545db04b734e2d2fdd67159d0cb75db3c796bea0959e15da68b86fb1
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
199da3c79fa489812c5a5181008b8518500e01c612d9833ce70086e7bb8cb717
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
1b81e6df83ca73575d26841a844aca1a5dee46406302a1fdfb4d974a2645c292
1baa095d22bb56595d01129827366f2e5024528610788a5ebc46610a082c7e49
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1efd7c56b531aabe0d2787b3e6434c4e83a138669a018df4fd544cd326486c34
1fb26c428dd36034dd4a9af8e842326a95ab938a60b10d62450d56dae38c0488
1fc93ea0dd05beefd35a6a067c43f101a0734f4533d1e753680dcd886d7f5774
21033f49bea1bc18c71d1b314387b3ae04b0d2ecb2613c93342cc2a9b662d255
21ea4c803a880cb155e7a41f4806c66ae13e47697604741ea9ae4629256965b5
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b
23987b015b6f5ae4c2985fc517de6c811226614ef65fb5fbdf52f35cdc1f5c81
2439e13f23fd3513bb4ef8d4b8886d7169c35d8f77764857c6ffa4476f36b6f5
26274967a7d17242cbc651021ff1318b540fc69a424ec01f25ba1d534a6b79b5
263c4637ed52864fcbdebc4719fcd8023796c005daeffd972fb10de0060031be
264f5c8e48543e8bf7c9a7e7033fb61a8cca74fc99094decaa31f6caad75bee0
2a6bfabe65ca353e4359be32e10d40b8b514590b536dd93499bc1067e4bf6329
2b9639929d5fe08539490bbe05b2e2d348c6924b1329d48b26dddfbb8a678fde
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
30f825366b29e0c783fd4416f9729fec0e5900cf115de79d2a628fb21d7df7b4
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
320b1a38eea4864d8c45ef5c7131117abeaa6b38068396aef46d73ad06c5f641
321e40ea279bae6d59fa2e41454f16e66e06d64a0297d3dce847e07fc90b6e0b
3273b2097367a935a67aae72700bf31790831e30e37ff27150460fbd54975e73
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9
334333b4898686ffe1b613764c506f10d1d6c0e96f25972ef4e1471d4f73cf66
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590
3478cc707352a2827330f9a2d87ec2b5257679f647db9763345370221ed0e9c5
3535267bd0d3f037e1333df3230240a6d80ce5e6b02982ade06d64053e6f4ec9
35a41ffc650013a5d32ac841b8be273b7a85a38681119143f3009b0104768b53
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3658dc6aa6744d7a5eb57cfcee99a2a26e1887303c27676068f756f8cb87b767
369dcf64c729554dd7bdb119d702a3af57b1fd904cb9388a0f564b8ee1f46f8b
371c70312b7c4429a00f4bd98b4bdc74427c1ba16433010aeccb422c09d3964b
37cd8a7ca7f3c71f17f8744852f97c5a6bc9defdd52c22178ab4c704dcb72378
385bf60b00ac86347e623110798bf340dac6a124146c034cf58ff596525f38a3
394b94090b7fcd768b272ee93aa5c6f64c6da5fb1880dada2a0e43d2e445b56d
3993b8c159e31d863bd06e1de86077566c28cb69f557d511be799ea6478ccea5
3aceb31392aac2dd1b2ede83d5d4c76b86a90c5f0042cd891ebd3895a5b9a99d
3ad93ac2156560b8da0dd71e9817a8f4bc29f1c9eb50598f8aa9dd9f7d0b238e
3ae5561ec67cce55f10098548f2030669ea41b9465c28a4e305be994e3fc1133
3b6a84a416edfb98ed7608dad8cd26ffd7123e54bce2bb13a4a3394e0b948382
3b961c51d0944664cd421ea49cc423939eefcdc5a296de8480e3b897f6a5be2a
3bf9e60726c4f84f4e72d2115897d1095939c69879bfc1580a5907f112d47714
3c877240e9f70e73d364949fcf2858c0a63c4c5ebb219d46b2ce58667d271fdb
3c9395fe1509346d67a347fa2aece90dfc1759e69884dac85e15e34fa04bbb48
3ea8fb76a5d21b8addc8b32b5521a9dde1949c365171c75dffa467c0ecaefe87
3fd0dca929cacb337e5777215f4e60bcbce3effe6bb25ede7e4854f36ef46df6
40c366f285e6feedf078b699c41730a4f0de3e711e0cc1813daad214f931616c
416a2567e590d525f5d97d210c54685405ff750ada45a7ec1f4a737b99eba42d
416da4a147b4eaa2b133a1a1eb63b5a8e7fa928e067122f26d5a7bc2fcf73984
4233244a4ea795124a84f63edba7922155ecf752891c556c81f343e151a581b5
42473182b7be1e9059b11448b00e33e0197994dd8e542fb7b58706408e02f2b9
43869e57b9339b03aecd3da7938097421e238ae9bdfd42a64035cc17c86399e0
44832e8656d71ea97bb6ba5ab51417e8105b96f7c6711dea275423d2431f455b
455759bee5ad6b16b5881ca0740c552caa5deecf8b641405f6d69f13b3d15545
4630e04faef7e76236283e2e47cd2529bcdfbe32126d49b9ee0070ee3faef5e6
4687d3d846353cbcf2bf7a13050aa800c888cb79fabb19b61ebd919954af7d61
4975d58a5aed094680122b519c44c892c91ae9d9b0e33cd2b7b777fff6f9b806
4bf4e7618633314ef56d9a33bf21ca7d169462da4fd00e96c1fae3430b5dd9ba
4cc59f7b78da1a8b38b5342e6a1b1d017a2d2467d9913846d7ced138ead60874
4d0901164e54448c22125651889d7b5d372f9d503bfda07be57f320a2ca034c7
4d4133ba0c50afb5f3fcf785348ff133580a06c051cf49f64fd7c09268af4fcb
4e6ce4d1ced611bf95a26b56bb27aeee51ed7dd0838f748a36c61c5ca457fa08
4e901e554de6f650382e60398457635d5c54bdac727d3276a74adf69db3e1738
4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313
50bd812525c0b8bd3d27581e8a46a0f1d0281bcdfdaae770eb8e3e3677e7e5cd
517cb906fbcc0e68c946dd2cd570a2ff937490847bf12abe240480e5c77aafe0
518b2f8d23685cc5bf3e8771181dafc9f2ffdee54de7e495523d68f7960d6185
518c3e3856edb5330757186eecc7a57d7e5f90329837648076eb22d364106150
53c125002f46d7dae6f0b8fd0f4f07c436a693469f3f295087de043dc146031e
53dfd289dca2b5ae738729140561756d2fe67ea5b149820e3e0758adafc625c1
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5530acea889113dde550780da87615872823f45d71bde1d0138fdc5e2da4b52e
558b994b4af9055eb6d223ed1d01853829ab2169b609712aa6ef704b7a91385b
56ffa1f61e823e43d9020d413f25cb297c70fc15411d6be99cc743caa2438706
5754e8bcd0d36bf11a88296fe8116a5f26d6ca288c3a39756ae75c9dbf446aa0
57cbd4e42c31b91a389b1a40d7ee3da0eb267af8ba8cfb5e8f34f12925743963
59ae8a09c325bae1ff3060b5a812125296bb994a64a0a14dfbb9863fab07f605
59b3d33f2fd94ea19425841c32e2fbfdfb82f3a8d7afabff60fc62737e918ac0
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
6020fa6914057cbd6a250ff8b2442c3ec62c2fdee26e2a58299b37e3597dafbf
607925ab8d33c36088098c4a47782c520d1fbb59245c946a13b21a41e42403f8
609459a6a1f7293661ad7d407b5522fb2211ef2accf747503c29bcf4f9d2e7ef
61c53dd1cb4eca011e50099a396f2c295467567da20a0c2ba1bd785d8132a9e8
623ba67fdee04abb38857d8cb22124da662ae2d95d1ce5033a4df0ddcd444031
627033427a71f698af725458d6b686d55c4422762a606e18ddbf3ca4bfeaf0c3
62ff9ca5047b718250c62f712da249cb040bfc3f41fd84ebbf05f21a6d643f03
649a4c0f1067d82624e19f3f1af536c3518a03f590f02101465711ee8d2d8c70
651c84479fe22f8e4fb73a23cf731dfa6944eb8b36b72e9d0525bd69e026da6a
65e6427f490a96c4a8b363d5f70ce70cc29164e2753d3843d38be63ac5235c0a
65f9e2d97c111487b0deee1103423d9fa88f7d722bc9a1256473170f8d41fb43
65febf3c59ff4fea5dd7c8a921987fa87d75a2b229f54f556e1d13a922511728
6614eac161305e6201210710c158426c3b2ea6a4ef2c7da7fde5d236d10d0639
67780bbf59e0d2c0aeb5bd001c65026fcfdb4f9c603ab4179f55bead75d36219
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6800d50a3ca73f4a63fb758f8cc41e920de0ed920ec64d39acb78f58edc52cb6
6879618d482d845b7cd8de78737aa92b2b0910508957fa74e2f3e0fedb724896
6be98913504e67a45275ad901ee77ce807e3feb3946ba25ecec7576702267cd9
6c559ba8443a111bb464cc9e5bcb694d1cdbe39479ab138acb3e8b1b62ddb0a2
6d09bc29b8552ad70c6a62957a207286a5ffe011d4afc400defffb622faf1887
6d23d10111755a12c87198df1c71cce449de31eca9643030c6327a2157f9bd86
6dc1da3d8bd6f59b9f852c2d747ee4179f2b659695fe5561573341d6bf240629
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
6fbd27a436cb3a0bedbd617f51c0e37f466bcb29a61bdab7244b0d42441eae41
701727b3547d5a97352e87afbe2f638a098f96c88462ee6ac8ec8a9b106563e9
74025a1fcfa46df65e852f34732278be580a3162743e6923d7c1f9c5e73343a9
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
764c862d312159b49f8e6fd8b1944c16499713abe7236eb8b6b40f20cf1033fa
766d238937bd9916fa02474800676d8af1df81ec44f312f57d774971d538e5a8
77302794724e64645f5a4a28096d757acfc92339a8faadca76af5b5d607fe3c7
78a6688025d4973dc4c15b26ae0c82bc2d4803b13966e355556fa2cefd73923a
7a7a6b356f3a2609eb3878310864dd60818f6450c855c1487b89a64ee9231277
7b7913bb1cd795008d5d324c61cb3cd49e473919c52ffa8c575cf445559c70e0
7c08b9ee757a1b402b9253021a240ec6b4ec960b048e1c905c31beef75788891
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39
7e38f36581797057d1a944a6ea4149da11d4844bfd7926f6cd31ec08237ba5bc
7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f
7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e
7ef41990af92715f92adfeb41d4effe8ff32a826acd136337f0ee76f672bb906
7ef52af34aeee37e2e6433fdec511d86fe9f9ab816d0c6fc3b2fc5e419c438c2
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80c3b3e1fefd8a07231a7c231828c0c52b8a3b86dca55960382a6d3cb4a44fc3
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991
82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83629ee4253b5e8e53b5633fe03e7a421bb9ec5a6e38fc0f18fe9c4c197a1ab8
8395babebf84b3112402c2c9d0956ef4c10cfaeb53909fbbb0dc53fdf3956ec2
84d3411b4fceaf9a92e5aceac6294b8ec69de0eda996d2205972479e05f4c677
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b
8618c7bd9bf188e239297cac4690006f84ed10bc13ea2f812d938cf2ec033f7a
869c9f9cbfb6924e8a9f5f8fb41a7f6d2b06a4bb49751c238a300a1cdb536017
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e
88b86b9925075451f35d076bcdf5981e2710f880475bcfa85a04bb671cfcb696
88ebb66de3331eb24cb56e0fdbad225bce36716a8e85cab72f2cdd8405ca27d9
89860af8ae644ee015055c924ad0a305072b2d8cbd96648368bd13d5d808fb19
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89d534f9486fafac94e81933b4c52516cdf309377796e5d782a5f721627df669
8a56e644a617b2d1e4e7d808dfc334a7ea8622979f22999dc9eccd21c61958b3
8b2a0f1f28e439d402ee9cfc13203db8667a0c5dcfe53176268c0962f9ad82fe
8ba582c213b4d9ff71e0731194b3f218feb8895ee840caa1e0e3acb4cc0ba37b
8be87871153eee7eee18dafe9673bfc86b1a881965f010b1f3bf55f30647f697
8c7bc02fb09d1c08c5638c34bfcf436d7ea41e4b4c8dc05898a6dad92138cb5c
8d01caf4744f00ba7d61ce8f4e7d6c8b7b268d13dbe36d5ac8cac0655494f9da
8d37890fcb6150bef67a2e23abae8935f5b4937453f2d4ae5a677693fed38622
8e0211d5dea8bb654f84e725029eb04d5da912943af3fc207f7fd3b89fff44cf
8f79c24c07b162b20bc1b38a5ab49c1d32828f1ad86a97aa9b08b15f05381e23
9084a5abab1d10095fabcd0768cd393b43a554ced6549992d5997c56bf65e4af
91eeb93a271ada6aa5fa29560a26c83252e82740fe5fe251500352e541780291
91f6b63dd0e322460991a767fbef9db1b62c829b7e80eb1debf4a88cc7029efb
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
928678ab9bfbb458d9a76ff42e8e4c838596d59bf6dd01b147c08df25d8c40b7
92f68a8a0dc71834a9a64f183b40161f5aac79db51614ccd49a2406a222bc68b
940ffcfb52c8e1c865ae2eb2dbb4040e7b693539c79c6fda3a2dd5b8eec8671f
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339
96cf20d1899788e9e805473a337cd23da1a997efdd5796e89b4400835ed374d5
96d6ce9b82ef9fc7a0dec8559ac18ce8ab9c2f45cc5263346f5b5b08c81bd247
976c05e6ba8b5535d4fde597b7645f1d3054d3621fddacfa5bd313242341ae46
97e5e414dc009ec1ce8867f4779b492d13da7201a1f1c1993c73e90f5b1093cf
988c06bbac4e090f84bd31495d6053e5af6a424d1949d15cedae16400a23ff5f
9a7575444f13af5803964be6134b7c6959919a987359de6400ba8f133422ffe7
9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a
9cb178771082749c68446aeff47e90df654d81670c9a6adb09454fae85567364
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9d736c38177155502957abff98a8fe085ad818b88acd6fa0a17e9e9b0b81460f
9d9f4ce8e7af5088fb1f0c20f81143ec037d471f018cb3560548ba643aa85499
9ffd0b4547346d8b1c54c254bfdb1106ef1e1300be1d2b35b4742f1a43158b68
a03cc419fc0c4e4dd94a63522e8825b9a0b7fa9d2afb05c6c4db1fe7876abbef
a0832629b6a7b8575094f627b424367a8a6d543ec8e54062877ea4eca4d6cc07
a08f246149b868dff5ae2486e73bcffb08ee85ed5bc56db25a96a0ad28617af1
a1af15b17fd7099b2d3a81a8b3aeffd94b26d2c1a58489c3903e11ec5a4896d3
a2e673d93c9b970ff3ecfd46d7276c73a7287052304b27970569baee96415d16
a31cf92b9a59b8fecdc5773e3c165c542f4516fdfeb7e8f80b1d40cc639bb337
a35b8d2b1852ef52a1c247b05a67de8c6238b9bcfea7d1e88926c921531a3a01
a41b8bc62270c1757fde63539be953ee96c04dbd428c3e4403767a6d2966193c
a56669f7e6d45c53dab105241533c70d07700c6e2e2fb5dc1ac0dd1119038154
a6082f8b936b54ddda9501b76f01328fc819d601501399e4b773462fe6755b7e
a7e9a1102912cc3aee77ea683abdb91c8a910dce31dddc19ff6f41f5e53387ed
a7f02fd5b7a6baae27068d88b70d5ac6d7e3e43a926ceed4caa78eb27f2bf1a1
aacb699b1ff6ee33c47c873a9d9babea6ff426f6c8145f3b1f402bdf51c68f11
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460
ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7
ad2357ee89849387d282e90f69cc4e95533b37a6b7cdf3b76d1765a4b5cb7297
ae059e4888c177d0e9fb349e04cd04ea35213f89a900017dce7b803f3a8ee133
ae34f9ad856970d9e03522c69aadd3742b9495827dfd739869708c7136ad8d9d
ae5bb9457cd46a1c06e6a3d23839eb97a533b8edbf3f913a12c9cb5c0073792d
afbbe3f3ce8f16e852a4db7ad4fcd7292c2e3b4010c0b3b1a35b30821cee24f5
affd87461f2babd57a2f7aec75e9193e8e71a377e8249a02c95a5f43326e289e
b120b96c3b7dc8f3c5535263f471b596012ffc565e1e9db36ff87dd81f20c9b4
b2bce66de264a32e352d0d3dacda1ad9a0a7fba714dca13cf408d8ccf7406b4e
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1
b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad
b3954082785b943aabdbdb60222c1e235a0c474792656596547f3c66f4d18e57
b46f9c8e9542caa684ec5f787ef01f0cc4c72f74982086f232806dc441df8dec
b5793cdeaa96960277998a57b22428aa38bab7897877626efe8491ffafef954e
b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad
b86846d83a968c0b2af653f318a2c271fdea5a834972fa6cf4f7a61de25d3c46
b86e54c0ce2872278732808a265679f9590a4501fd38d108a86baf47363659eb
ba445e0c7cc23519a04832326ff212421d62129a512c9cbc4793f6126743ed25
baf1d3f064f9d880a2c4d1f98b1cc798557233d6d181828180d600ff1f6b2822
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb330af7727353ce81576a3b251445f2aacca1fa9d3fc2a581993addac0a2259
bb6de9d08c978260fa6ab8d15c1388a38311b7d8a4feb48ade89bab73d27b249
bc6cdb31f8e6673490af0c302a44d803ef9de7450c293d488fc7afa00f87fea0
bd21a86e65073eaf7dd05e4c2b9d4de60ce437ba37be3e6eae069708ddcfbc9f
beba778d933f03e32209f04118a470d1a495dc6f2230ea16234bdde4d69fcac1
bf20ecb036b80d6a81fa50404450290977c41d5d5469efb0b1d5ce4b8bc10fab
bf3c932a5b0764f8eaa17f0a7d68becaf57101d2af5066a3eeba61d5350234f6
bf8f9e61a5f9385174a80bfc41510b2744742d2b6b4cbf22e421ef89656dca86
bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e
c0abda667946d8920234d82d73a1463d092ad7f373c2c6a0c052a34b53805ea6
c1edb15d88c54bc6633d02b208cb8aafbd98ac2db477e4c3efda964658440e8c
c2b3b8e710bb657c06e9d5c969939dae7a40371f5d3210c6390e5161bfea44b6
c3034d0370c5faa09e7a8d7b0c48925afa0371cf17e4827dde23059f56019dae
c3488b9ee77c39ded916162bd3095b1ec0b8c17ee1b183f98aceb06f31094b03
c49b60c1e4b12c26a8ca26a4f921c751101effb434e42fdb5e585cf591b88e01
c6265788182730e69c40e24d29a7ef28046a82c2f25620bae0999ba621effad1
c67b7152865e65a147134a3b99ded98f054710e782d5160bb25ac81a9f22c6dc
c7b0f8b6aaaf95652ad550739ac8e7e97d59c8633412290547fb807487a81b73
c7d1db3ee30eeab0dc82753ea00f9193186f7944f72831f4a94b935f14c59777
c841942e68758e8657b77836d05dd53abca7af201209ae98df4ae3446ad06257
c9e727b37a735a7983ea8bdad06a38b246261c239bb80b86cc0ff3663c910adb
cb1007124f3d39e54bf351f37bb6f6239ade907a384964fe51bf14e12dfebb10
cda09677337093b10da14ba0ecbed2ea647ecec1f327ff794a046e3a71083fd4
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cea29ae7caf26d487a42645daccff679d16fa7946df0cd7f6bb428c9d0a5e200
ced2dbd2ce02da089c8c2963b3af5775203ba5e3d370804bf491c251ab7eae2d
cf1091e08a0a0c7b7e407014d53bda0223573859d06351c958a1174479a77752
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7816fd5067d7a596b0dd17cd7b101259812ebfa889ac62e8024ccb859a4a75
cf7feca75143377d0c374302bf7684dce261ecf42fc833ef110ad5586dfe02fe
d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d
d18ff73f3f4b4b51847b286484687e348714446f4e1026d894e49f84e8184165
d1c7f856b2634d01853b4e1496651fb5a7cd9c95ad90f6dfc8959e415268c240
d24cb9eeff44ebf1a7427f4966f54a70f6c246feb9869458ed8e94995df0ef4f
d44b93a0af159f0d547d7ec89e9227a5667ce1171bc630e6fbf79dae0e596e2d
d49bd672e410bef14ff774baf2e17623881826100a9564235a34a5f3e76c62ea
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d996ddfcc4de7608d154e07f796014062ab6940feea583731f42c1b54b3ca823
da4733da023951de3691cf82030db2cfc45dacb09f735567ad4b7fc0bf5f4e89
dad4b2f69ecf1d53c96a4f27fae1ee718668756604eb6e92e3c4d1eca4dfac46
dc0d3b44a4cbe769eca3a48f9470f911bf3f4e65f1650b2eecea7ed2942eada6
ddc558682b1397b410087c34b4174a3d5891a0aed6243d9c94768c7d60e281e2
de2fb045962f9a8296004fb25a5380ac9c846b5e5b73c99f948a83d20bb387e4
df9780134a7c0e3a1c50f835c1fe0ae93445f83441208017dfe8ef15d1334d32
dfe59cdcc0dc18e5dbae92ed9508bb5b57d6944dbdb25e3e0c256491cc450c49
e03b4d7846cf09a1ab119cf548bc71e70a4cf40d2c4c6e36bd6a13c6ae53e761
e0cea41fdaff2d58e31fee4e0f582d04f9e5f6825deac72c79d2f9d5c4e7024f
e134df315beda0f922f11c3c946d3d72725dba3174969d025bcea3cd4b7833d3
e19724cd1be4acbfe57bfdbb4039b62e22457f9bd5eba70f658bf8656996ab2d
e21bfe3921375ce770d2ca99b23c28920932b7c3d26dfb3d70bcc6f4d25a474a
e2e25d3b5d2ed72689112be4f7a566a7d2dbffc28c509d4bfdb81605afbff6cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e548c1ce78f73067beca7f7e2bb284f7a79a0e537c7ebb48266560290fcfbe66
e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85
e690f18638c83525e33be4e49f8deeff36facbb6625f1cc60db0fc4aad7c2f25
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
e862f9054c5c3227ef21f89903cabef9ab111a1bc9ad139211865097eaaeea3b
ebf7bffae72f2c78f29a1f7132d251d2021ff8da2f48a1f187a17775c9af43a1
ec9b07d5c356ecb069035639c098bb093a59449ca3a712a6cb337836e7d714c5
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
ed140c980a14b1a985231f3df94762f028cc37405bd295df3070f009968f96ae
ed36b6334bd1a7b6cceb88de426bea72a59ea90ac868cc02fd6fbce9afdcaf5c
ed6a9b0e192b74d80769eef3f76e9b81bab1e624c24ce7a864493466acd085ec
ee5e2388a94b357923c1b9eb6da63a66d1104521207693492b769f42c5fe1608
ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34
ee9b2fe75e3a5637b840957e2f9aefedb394224a1846a731ad7ead76abf91d58
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3d32ea9a9fa05f8170d164890b55e15ce39157bb9ae7e96b047c1996d22a8b
f01fec33ad513f73c7b204d93dc047b4d9a0aadc73ffc379af2a021f93a44993
f1e9680607f0a33fa700e4c84bff82005c06b77fb8e6739744023126ad8348fb
f31197f3d33768943e115e18beb58eb689d99db7b9a6509c38d826e2049d9223
f35d60e64ca30d036936395a507bc0b54d5da86e04dce3ffc04c0759569b0e31
f3671fb18cf8e5d01b75143295430617e1e223d940fcfca5a5c53780b1e011cc
f3c44f7e5e11084c0eca72906cc890b4202ac991c79bcbc3f31402d8b48cfcf1
f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3
fa0d5dafe7943170020463f14a29668b511dcd7f8e0fbeff7a88f8a8712f43f1
faaebdb790be8e217260b9d5a97292ab3d978a858eb9293c3de66925395d220c
fe1fa7ba1f8dfd3e8def1ed380790538a0bc5009c83116555e00e121103a947c
fe618af6796c4ac1aeb2dc0cfa21dc68aab0cfb9143521158b4cc4c43a1dab4d
ff71b2aecc5b02b6c38f7e1340770f51d853df99281640581c4552b215c1985b

www.bleepingcomputer.com Open in urlscan Pro 104.20.59.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

568 Requests

97 %HTTPS

31 %IPv6

40 Domains

69 Subdomains

61 IPs

7 Countries

5753 kBTransfer

20254 kBSize

5 Cookies

21 Outgoing links

Page URL History

Redirected requests

568 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bleepingcomputer.com Open in urlscan Pro
104.20.59.209 Public Scan

Screenshot
Live screenshot

Full Image

568
Requests

97 %
HTTPS

31 %
IPv6

40
Domains

69
Subdomains

61
IPs

7
Countries

5753 kB
Transfer

20254 kB
Size

5
Cookies

568 HTTP transactions
8 data transactions