www.bleepingcomputer.com Open in urlscan Pro
104.20.60.209 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Submission: On July 30 via api (July 30th 2019, 7:34:38 am UTC) from US

Summary HTTP 312 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 54 IPs in 6 countries across 45 domains to perform 312 HTTP transactions. The main IP is 104.20.60.209, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.bleepingcomputer.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on May 12th 2018. Valid for: 2 years.

This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.20.60.209 104.20.60.209	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
5	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
32	104.24.0.61 104.24.0.61	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2a04:4e42:1b:... 2a04:4e42:1b::645	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
5 8	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2606:4700:20:... 2606:4700:20::6819:bf72	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
7	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2.18.232.15 2.18.232.15	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
8	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2600:9000:20b... 2600:9000:20bb:4c00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
11	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2600:9000:20b... 2600:9000:20bb:3e00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	18.207.76.63 18.207.76.63	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
5	35.188.71.214 35.188.71.214	15169 (GOOGLE) (GOOGLE - Google LLC)
1	13.32.158.114 13.32.158.114	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	13.32.158.123 13.32.158.123	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	13.32.158.159 13.32.158.159	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
11	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE - Google LLC)
3	13.32.221.209 13.32.221.209	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY - Fastly)
3	52.200.29.29 52.200.29.29	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
7	2a04:4e42:3::645 2a04:4e42:3::645	54113 (FASTLY) (FASTLY - Fastly)
2	13.32.158.181 13.32.158.181	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	23.22.162.56 23.22.162.56	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	13.32.158.208 13.32.158.208	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	34.195.70.133 34.195.70.133	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	151.101.13.140 151.101.13.140	54113 (FASTLY) (FASTLY - Fastly)
4	2606:4700:10:... 2606:4700:10::6814:8428	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a02:fa8:8806... 2a02:fa8:8806:16::1460	41041 (VCLK-EU-) (VCLK-EU-)
2	23.210.250.97 23.210.250.97	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
32	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
23	2a00:1450:400... 2a00:1450:4001:819::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
7	13.32.145.147 13.32.145.147	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	172.217.22.70 172.217.22.70	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	34.245.32.91 34.245.32.91	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	35.226.36.58 35.226.36.58	15169 (GOOGLE) (GOOGLE - Google LLC)
2 13	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.154.11.177 54.154.11.177	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY - Fastly)
1 1	13.32.158.226 13.32.158.226	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	35.157.5.82 35.157.5.82	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
1	104.109.78.125 104.109.78.125	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700::68... 2606:4700::6812:1bef	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	208.100.17.186 208.100.17.186	32748 (STEADFAST) (STEADFAST - Steadfast)
2	34.199.195.7 34.199.195.7	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	104.17.120.107 104.17.120.107	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
312	54

1 104.20.60.209 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.bleepingcomputer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 104.24.0.61 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.bleepstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:1b::645 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

cdn.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdns.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ck.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::6819:bf72 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.232.15 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-15.deploy.static.akamaitechnologies.com

s9.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20bb:4c00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20bb:3e00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

static.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.207.76.63 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-207-76-63.compute-1.amazonaws.com

core.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.188.71.214 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 214.71.188.35.bc.googleusercontent.com

d.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.158.114 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-158-114.fra56.r.cloudfront.net

freestar-io.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.158.123 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-158-123.fra56.r.cloudfront.net

privacy-api-gateway.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.158.159 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-158-159.fra56.r.cloudfront.net

audit.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.23.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.221.209 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-221-209.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.200.29.29 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-200-29-29.compute-1.amazonaws.com

rtb.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a04:4e42:3::645 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

i.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.158.181 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-158-181.fra56.r.cloudfront.net

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.22.162.56 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-23-22-162-56.compute-1.amazonaws.com

trk.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.158.208 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-158-208.fra56.r.cloudfront.net

api.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.70.133 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-195-70-133.compute-1.amazonaws.com

cluster-na.cdnjquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6814:8428 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

i.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:16::1460 (Sweden)

ASN41041 (VCLK-EU-, SE)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.250.97 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-250-97.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.32.145.147 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-145-147.fra56.r.cloudfront.net

video.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.70 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f70.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.245.32.91 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-245-32-91.eu-west-1.compute.amazonaws.com

stats3.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.226.36.58 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 58.36.226.35.bc.googleusercontent.com

c.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.95.120.147 (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com

connatix-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.11.177 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-11-177.eu-west-1.compute.amazonaws.com

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.158.226 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-158-226.fra56.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.5.82 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-5-82.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.241.240.143 (Amsterdam, Netherlands)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.78.125 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1bef (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 208.100.17.186 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip186.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.199.195.7 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-199-195-7.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.120.107 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	ampproject.org cdn.ampproject.org	818 KB
32	bleepstatic.com www.bleepstatic.com	318 KB
29	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com Failed	575 KB
20	doubleclick.net 1 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net ad.doubleclick.net	115 KB
15	openx.net connatix-d.openx.net Failed freestar-d.openx.net Failed us-u.openx.net Failed u.openx.net	3 KB
15	connatix.com cdn.connatix.com cdns.connatix.com ck.connatix.com core.connatix.com rtb.connatix.com i.connatix.com trk.connatix.com	598 KB
11	unrulymedia.com video.unrulymedia.com stats3.unrulymedia.com targeting.unrulymedia.com	76 KB
11	pub.network a.pub.network d.pub.network c.pub.network	219 KB
10	google.com 5 redirects www.google.com cse.google.com adservice.google.com	2 KB
8	gstatic.com fonts.gstatic.com	87 KB
6	consensu.org quantcast.mgr.consensu.org static.quantcast.mgr.consensu.org audit.quantcast.mgr.consensu.org api.quantcast.mgr.consensu.org	94 KB
6	googleapis.com fonts.googleapis.com ajax.googleapis.com	33 KB
5	facebook.com graph.facebook.com www.facebook.com	1 KB
4	tynt.com de.tynt.com
4	adnxs.com ib.adnxs.com Failed acdn.adnxs.com
4	connectad.io i.connectad.io cdn.connectad.io	1 KB
3	facebook.net connect.facebook.net	78 KB
3	3lift.com tlx.3lift.com Failed ib.3lift.com eb2.3lift.com	790 B
3	amazon-adsystem.com c.amazon-adsystem.com	21 KB
3	googletagservices.com www.googletagservices.com	68 KB
3	addthis.com s9.addthis.com s7.addthis.com	185 KB
2	media.net hbx.media.net	7 KB
2	bfmio.com display.bfmio.com Failed sync.bfmio.com
2	districtm.io dmx.districtm.io Failed cdn.districtm.io
2	dotomi.com web.hb.ad.cpe.dotomi.com	1 KB
2	reddit.com www.reddit.com	628 B
2	ad-delivery.net ad-delivery.net	1 KB
2	fastly.net confiant-integrations.global.ssl.fastly.net	50 KB
2	google-analytics.com www.google-analytics.com	17 KB
1	brealtime.com biddr.brealtime.com edba.brealtime.com Failed
1	rubiconproject.com fastlane.rubiconproject.com Failed eus.rubiconproject.com
1	cdnjquery.com cluster-na.cdnjquery.com	379 B
1	quantcast.com privacy-api-gateway.quantcast.com	81 KB
1	videoplayerhub.com freestar-io.videoplayerhub.com	17 KB
1	addthisedge.com v1.addthisedge.com	931 B
1	google.de adservice.google.de	171 B
1	googletagmanager.com www.googletagmanager.com	26 KB
1	bleepingcomputer.com www.bleepingcomputer.com	14 KB
0	ntv.io Failed s.ntv.io Failed
0	scorecardresearch.com Failed sb.scorecardresearch.com Failed
0	quantserve.com Failed secure.quantserve.com Failed
0	emxdgt.com Failed hb.emxdgt.com Failed
0	33across.com Failed ssc.33across.com Failed
0	sharethrough.com Failed btlr.sharethrough.com Failed
0	gumgum.com Failed g2.gumgum.com Failed
312	45

	Domain	Requested by
32	cdn.ampproject.org	securepubads.g.doubleclick.net
32	www.bleepstatic.com	www.bleepingcomputer.com cdn.connatix.com pagead2.googlesyndication.com
23	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.bleepingcomputer.com
13	connatix-d.openx.net	cdns.connatix.com www.bleepingcomputer.com
11	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.bleepingcomputer.com
8	fonts.gstatic.com	www.bleepingcomputer.com
8	www.google.com	5 redirects www.bleepingcomputer.com
7	video.unrulymedia.com	securepubads.g.doubleclick.net video.unrulymedia.com ajax.googleapis.com confiant-integrations.global.ssl.fastly.net
7	i.connatix.com	www.bleepingcomputer.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.bleepingcomputer.com
6	pagead2.googlesyndication.com	www.bleepingcomputer.com pagead2.googlesyndication.com
5	d.pub.network	a.pub.network
5	fonts.googleapis.com	www.bleepingcomputer.com securepubads.g.doubleclick.net
4	de.tynt.com	a.pub.network
4	acdn.adnxs.com	a.pub.network
4	c.pub.network	a.pub.network
3	stats3.unrulymedia.com	www.bleepingcomputer.com
3	www.facebook.com	www.bleepingcomputer.com connect.facebook.net
3	connect.facebook.net	a.pub.network connect.facebook.net
3	rtb.connatix.com	cdns.connatix.com
3	c.amazon-adsystem.com	a.pub.network c.amazon-adsystem.com
3	www.googletagservices.com	pagead2.googlesyndication.com a.pub.network securepubads.g.doubleclick.net
2	sync.bfmio.com	a.pub.network
2	cdn.districtm.io	a.pub.network
2	u.openx.net	a.pub.network
2	eb2.3lift.com	1 redirects a.pub.network
2	cdn.connectad.io	a.pub.network
2	ad.doubleclick.net	1 redirects www.bleepingcomputer.com
2	hbx.media.net	a.pub.network hbx.media.net
2	web.hb.ad.cpe.dotomi.com	a.pub.network
2	i.connectad.io	a.pub.network
2	www.reddit.com	s9.addthis.com
2	graph.facebook.com	s9.addthis.com
2	ad-delivery.net	freestar-io.videoplayerhub.com www.bleepingcomputer.com
2	confiant-integrations.global.ssl.fastly.net	a.pub.network confiant-integrations.global.ssl.fastly.net
2	s7.addthis.com	s9.addthis.com
2	audit.quantcast.mgr.consensu.org	static.quantcast.mgr.consensu.org
2	static.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
2	www.google-analytics.com	www.googletagmanager.com www.bleepingcomputer.com
2	a.pub.network	www.bleepingcomputer.com a.pub.network
1	biddr.brealtime.com	a.pub.network
1	eus.rubiconproject.com	a.pub.network
1	ib.3lift.com	1 redirects
1	targeting.unrulymedia.com	video.unrulymedia.com
1	ajax.googleapis.com	video.unrulymedia.com
1	cluster-na.cdnjquery.com	freestar-io.videoplayerhub.com
1	api.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	trk.connatix.com	www.bleepingcomputer.com
1	privacy-api-gateway.quantcast.com	quantcast.mgr.consensu.org
1	freestar-io.videoplayerhub.com	a.pub.network
1	v1.addthisedge.com	s9.addthis.com
1	core.connatix.com	cdns.connatix.com
1	ck.connatix.com	cdns.connatix.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	quantcast.mgr.consensu.org	www.bleepstatic.com
1	cdns.connatix.com	cdn.connatix.com
1	s9.addthis.com	www.bleepingcomputer.com
1	cse.google.com	www.bleepingcomputer.com
1	www.googletagmanager.com	www.bleepingcomputer.com
1	cdn.connatix.com	www.bleepingcomputer.com
1	www.bleepingcomputer.com
0	edba.brealtime.com Failed	www.bleepingcomputer.com
0	us-u.openx.net Failed	www.bleepingcomputer.com
0	s.ntv.io Failed	a.pub.network
0	sb.scorecardresearch.com Failed	a.pub.network
0	secure.quantserve.com Failed	a.pub.network
0	hb.emxdgt.com Failed	a.pub.network
0	tlx.3lift.com Failed	a.pub.network
0	ssc.33across.com Failed	a.pub.network
0	freestar-d.openx.net Failed	a.pub.network
0	display.bfmio.com Failed	a.pub.network
0	dmx.districtm.io Failed	a.pub.network
0	fastlane.rubiconproject.com Failed	a.pub.network
0	btlr.sharethrough.com Failed	a.pub.network
0	g2.gumgum.com Failed	a.pub.network
0	ib.adnxs.com Failed	a.pub.network
312	77

This site contains links to these domains. Also see Links.

Domain
www.quantcast.com
www.facebook.com
twitter.com
plus.google.com
www.youtube.com
deals.bleepingcomputer.com
connatix.com

Subject Issuer	Validity	Valid
bleepingcomputer.com COMODO RSA Domain Validation Secure Server CA	`2018-05-12` - `2020-05-17`	2 years	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-07-02` - `2019-09-24`	3 months	crt.sh
ssl391376.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-06-20` - `2019-12-27`	6 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2018-08-20` - `2019-10-19`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-07-02` - `2019-09-24`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-07-02` - `2019-09-24`	3 months	crt.sh
ssl376957.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-07-09` - `2020-01-15`	6 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-07-02` - `2019-09-24`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-06-06` - `2020-09-04`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2019-05-06` - `2020-06-06`	a year	crt.sh
*.pub.network Go Daddy Secure Certificate Authority - G2	`2019-02-09` - `2020-05-16`	a year	crt.sh
*.videoplayerhub.com Amazon	`2019-07-18` - `2020-08-18`	a year	crt.sh
*.quantcast.com DigiCert SHA2 High Assurance Server CA	`2018-09-06` - `2019-10-01`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2018-12-18` - `2019-11-21`	a year	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-01-02` - `2020-01-03`	a year	crt.sh
ad-delivery.net Amazon	`2019-03-07` - `2020-04-07`	a year	crt.sh
*.assetbucket.net Amazon	`2018-09-26` - `2019-10-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-06-06` - `2019-09-04`	3 months	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2018-08-17` - `2020-09-02`	2 years	crt.sh
connectad.io CloudFlare Inc ECC CA-2	`2019-07-18` - `2020-07-17`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign Organization Validation CA - SHA256 - G2	`2018-05-25` - `2020-05-25`	2 years	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2018-12-30` - `2020-03-30`	a year	crt.sh
misc-sni.google.com Google Internet Authority G3	`2019-07-02` - `2019-09-24`	3 months	crt.sh
tpc.googlesyndication.com Google Internet Authority G3	`2019-07-02` - `2019-09-24`	3 months	crt.sh
*.unrulymedia.com DigiCert SHA2 Secure Server CA	`2017-08-30` - `2020-11-27`	3 years	crt.sh
www.google.com Google Internet Authority G3	`2019-07-02` - `2019-09-24`	3 months	crt.sh
*.doubleclick.net Google Internet Authority G3	`2019-07-02` - `2019-09-24`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-16` - `2020-05-16`	a year	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
districtm.io CloudFlare Inc ECC CA-2	`2019-03-26` - `2020-03-26`	a year	crt.sh
*.tynt.com COMODO RSA Domain Validation Secure Server CA	`2014-10-14` - `2019-10-13`	5 years	crt.sh
*.bfmio.com Go Daddy Secure Certificate Authority - G2	`2016-09-05` - `2019-09-05`	3 years	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2017-03-22` - `2020-03-22`	3 years	crt.sh

This page contains 37 frames:

Primary Page: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Frame ID: C41ADD21EC2CDC5BDDC281A53905402E
Requests: 182 HTTP requests in this frame

Frame: https://cdns.connatix.com/p/1625/min/connatix.renderer.infeed.min_dc.js
Frame ID: A5B417764BCA274DF77C6817570F6E67
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190724/r20190131/show_ads_impl.js
Frame ID: 68171524447FCA01DB4689C3E29573D7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190724/r20190131/zrt_lookup.html
Frame ID: 3FA5ED50A89AD2740984BA11555F2CDE
Requests: 1 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v23/cmp-3pc-check.html
Frame ID: 544A876DBB92420838326B1A455BDA46
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1564461736&rafmt=9&guci=1.2.0.0.2.2.0.0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1564472043884&bpp=15&bdt=168&fdt=123&idt=123&shv=r20190724&cbv=r20190131&saldr=aa&abxe=1&correlator=2211543418630&frm=20&pv=2&ga_vid=274515886.1564472044&ga_sid=1564472044&ga_hid=173968599&ga_fc=0&iag=0&icsg=549758443520&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=5071&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=368226501%2C410075105%2C21063397&oid=3&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&osw_key=3733268371&ifi=1&uci=1.mlotoil71scq&fsb=1&xpc=jyhu3jNENg&p=https%3A//www.bleepingcomputer.com&dtd=136
Frame ID: A6F0ACDB406FAE0082989DB256A5A1D2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1564461736&plat=1%3A32776%2C2%3A16809992%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A34635776&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1564472043996&bpp=3&bdt=281&fdt=64&idt=64&shv=r20190724&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=2211543418630&frm=20&pv=1&ga_vid=274515886.1564472044&ga_sid=1564472044&ga_hid=173968599&ga_fc=0&iag=0&icsg=9345851465728&dssz=41&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=368226501%2C410075105%2C21063397&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=2001182872&ifi=1&uci=1.1hgp10i3ihpt&fsb=1&dtd=68
Frame ID: 401F43DE96363E9B4ACFD6D8AE1808EE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011907152257550/amp4ads-v0.js
Frame ID: BC812426DC218E7B6161CA217B0A1A62
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011907152257550/amp4ads-v0.js
Frame ID: 31F4CFC5BA1356CD98C643B35009C7E8
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011907152257550/amp4ads-v0.js
Frame ID: 25F7DD4B3A0E1ECA72DE467141E4DB7F
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011907152257550/amp4ads-v0.js
Frame ID: D225F1B60A2C6C3BBF4A90DD34D2D116
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEXLvIK6NbFc-H5lfueTpIhFGYO80Jno0tV3yp7RE9UpGeGtG5aCTfehuXfthvhQQbviMgZB3RCdV3I8Oy8axpMFsCyXv3xWtLmvRs66618d9o_uHQ_zQ7KWJiW9mBLYBJQLK8qYVrybuMFnyb_qRPvrZK0VptmCT3_WpLSF7roMSKSxrsuRcgHPoDvH8Q4gBiNe8bOmhSIUV42a5SLWoquVim79aQ0Z0vpJwt15oPmyH4Uc_yhMSo0p8yJRMJEGD4-7kuLeoqVuYoU64JT1UaGw4T4l3yFZLx&sig=Cg0ArKJSzHBRVhwdwTwjEAE&urlfix=1&adurl=
Frame ID: 14D2215E02D02833AA96978895317074
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011907152257550/amp4ads-v0.js
Frame ID: 4EB2849D943DCBC3C31608A6C1E9ACFA
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 05FF6EB519AD04618FA7AFCC1899A6B7
Requests: 1 HTTP requests in this frame

Frame: https://video.unrulymedia.com/native/et_v1.0.1474-0-g168d541.js
Frame ID: A7D655FCB5345A5543B3509AD698BE79
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011907152257550/amp4ads-v0.js
Frame ID: 7328A5F50DF740BCB3F73BF926E8B566
Requests: 12 HTTP requests in this frame

Frame: https://video.unrulymedia.com/iframes/third-party-iframes.html?h=v1.0.1474-0-g168d541&siteId=1101818
Frame ID: 85976D64848EBB6888DB28918E4B1638
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: D708B399602550AF5C8A62E95FEAB06E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: F0733FB602497D60119A77039FE95670
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 8C7294EF99C31AEFFD27E5C7CD9F6C67
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 5C337A39B524A45891A164B1CE76C108
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 00A6850BC0236D9ECF9D3E1882B2FEB3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: BABED76F6A7E0DB28756A1D169A05BCF
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 672EC38A1EADC1FF014FDBE1CDC2A269
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: FA1E4D7A1B33CE7EE7DB6387A89452CE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: BC98570D40765F901FCE8E5C07FF1177
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=bBb-SI6fGr6iocaKkv7mNO
Frame ID: 8E26032EA0501F21B6E408BABD5ECD73
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ddRMkSZxSr6lrlaKkv7mNO
Frame ID: BFF8DE6A6087C53BC4DACF727D24BE7C
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifg=1&id=92fd6b68-fe21-44c5-bce8-6f519808339c&gdpr=0&gc=&gce=1
Frame ID: 6439B7C1CE1B4F319D4A6F6578A0C3C4
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: DE4AA2670F94312FC0D26A9426EAEAE4
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 6057FF23805FC984F4538F10385C5490
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: C1C76CA1E7B7CE8617FDEA463F07FABF
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=bBb-SI6fGr6iocaKkv7mNO
Frame ID: 59CC878F5A832C28824CA0AAF83FBAF0
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ddRMkSZxSr6lrlaKkv7mNO
Frame ID: F189B0423EE1B5509CE7FE7E1D001CA4
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 47F889CB2FDAB65EE9B1AC50BF744A9D
Requests: 1 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifg=1&id=92fd6b68-fe21-44c5-bce8-6f519808339c&gdpr=0&gc=&gce=1
Frame ID: 2D4EF945ACC8B353010657B141069024
Requests: 1 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C10000&https=1&gdpr=1&gdprconsent=2
Frame ID: C6D1C0592E10CEEDAE767B32E85F97B3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

312
Requests

78 %
HTTPS

41 %
IPv6

45
Domains

77
Subdomains

54
IPs

6
Countries

3507 kB
Transfer

9442 kB
Size

0
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.quantcast.com/gdpr/consent-management-solution/?utm_source=Quantcast%20Choice&utm_medium=Product%20Logo
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BleepingComputer

Search URL Search Domain Scan URL

URL: https://twitter.com/BleepinComputer

Search URL Search Domain Scan URL

URL: https://plus.google.com/+bleepingcomputer/posts

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BleepingComputer

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/
Title: Deals

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/deals/elearning?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: eLearning

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/deals/certifications?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: IT Certification Courses

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/deals/gear-gadgets?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: Gear + Gadgets

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/collections/tag-cyber-security?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: Security

Search URL Search Domain Scan URL

URL: https://connatix.com/
Title: .st0{fill:#FFFFFF;}.st1{fill:#0099FF;}

Search URL Search Domain Scan URL

URL: https://twitter.com/malwrhunterteam
Title: MalwareHunterTeam

Search URL Search Domain Scan URL

URL: https://twitter.com/VK_Intel
Title: Vitali Kremez

Search URL Search Domain Scan URL

URL: https://twitter.com/LawrenceAbrams

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 302
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request Chain 213

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B21469107.249674974;dc_trk_aid=445853819;dc_trk_cid=103966409;ord=2631460523;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B21469107.249674974;dc_pre=CNn76MSQ3OMCFQon4AodBWkEsw;dc_trk_aid=445853819;dc_trk_cid=103966409;ord=2631460523;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Request Chain 239

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 240

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 241

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 242

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 280

https://connatix-d.openx.net/v/1.0/av?auid=540193949&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&cb=58c030f4f71f6e8f017e1564472048633&vwd=834&vht=470&gdpr=1&gdpr_consent=0 HTTP 302
https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193949&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&cb=58c030f4f71f6e8f017e1564472048633&vwd=834&vht=470&gdpr=1&gdpr_consent=0

Request Chain 281

https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193949&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&cb=58c030f4f71f6e8f017e1564472048633&vwd=834&vht=470&gdpr=1&gdpr_consent=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Request Chain 282

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJFpa6tkiLkXeEPfv7Gvkkc&google_cver=1

Request Chain 302

https://ib.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

312 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/ 66 KB
14 KB 927ms
925ms Document
text/html 104.20.60.209
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.60.209 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbeea4a919f5c330ef718804a166e4d784b99841cc3d5e96859ba3fc1e1d1850

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.bleepingcomputer.com
:scheme: https
:path: /news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status: 200
date: Tue, 30 Jul 2019 07:34:03 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d8a5a0c5db245a0904b4dae4d09d1e7c21564472042; expires=Wed, 29-Jul-20 07:34:02 GMT; path=/; domain=.bleepingcomputer.com; HttpOnly session_id=9377ca617d548430ad9b76b92d05023b; path=/; domain=.bleepingcomputer.com; httponly;Secure lav=6489; expires=Thu, 29-Aug-2019 07:34:03 GMT; Max-Age=2592000; path=/;Secure
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
last-modified: Tue, 30 Jul 2019 04:42:16 GMT
vary: Accept-Encoding,User-Agent
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4fe5a5db7846729f-AMS
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 14 KB
897 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

d229886fc63edf6b95865ad6a9e90b589ca7585d2203bc61b69f73f61f746830

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 30 Jul 2019 07:34:03 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 30 Jul 2019 07:34:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 30 Jul 2019 07:34:03 GMT

GET
H2 200 bootstrap.css
www.bleepstatic.com/css/redesign/ 111 KB
17 KB 28ms
26ms Stylesheet
text/css 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/bootstrap.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
content-encoding: br
cf-cache-status: HIT
age: 1825595
cf-polished: origSize=137522
status: 200
cf-bgj: minify
last-modified: Fri, 23 Sep 2016 14:33:06 GMT
server: cloudflare
etag: W/"2184297232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 4fe5a5e15b61d8b1-AMS
expires: Tue, 26 Mar 2019 04:25:05 GMT

GET
H2 200 main.css
www.bleepstatic.com/css/redesign/ 51 KB
9 KB 31ms
29ms Stylesheet
text/css 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9e727b37a735a7983ea8bdad06a38b246261c239bb80b86cc0ff3663c910adb

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
content-encoding: br
cf-cache-status: HIT
age: 2862569
cf-polished: origSize=60842
status: 200
cf-bgj: minify
last-modified: Thu, 16 Aug 2018 15:28:40 GMT
server: cloudflare
etag: W/"4249134023"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 4fe5a5e15b62d8b1-AMS
expires: Thu, 14 Mar 2019 04:21:16 GMT

GET
H2 200 home.css
www.bleepstatic.com/css/redesign/ 12 KB
3 KB 29ms
27ms Stylesheet
text/css 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/home.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
content-encoding: br
cf-cache-status: HIT
age: 1676843
cf-polished: origSize=14998
status: 200
cf-bgj: minify
last-modified: Sat, 24 Mar 2018 16:18:00 GMT
server: cloudflare
etag: W/"2402535603"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 4fe5a5e15b65d8b1-AMS
expires: Wed, 27 Mar 2019 21:45:08 GMT

GET
H2 200 news.css
www.bleepstatic.com/css/redesign/ 27 KB
5 KB 25ms
23ms Stylesheet
text/css 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/news.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6d4ea4e2f95dcd77bc3acb8408f8ed9c2d9453aeafef8af9387b04e6c9a8ff9

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
content-encoding: br
cf-cache-status: HIT
age: 417204
cf-polished: origSize=32748
status: 200
cf-bgj: minify
last-modified: Mon, 28 Jan 2019 20:41:57 GMT
server: cloudflare
etag: W/"3696970514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 4fe5a5e15b67d8b1-AMS
expires: Thu, 20 Jun 2019 11:39:31 GMT

GET
H2 200 jquery-1.11.1.min.js Show response
www.bleepstatic.com/js/redesign/ 94 KB
32 KB 35ms
33ms Script
text/javascript 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/jquery-1.11.1.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Apr 2015 12:36:44 GMT
server: cloudflare
age: 1607977
etag: W/"3647451394"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=3024000
cf-ray: 4fe5a5e15b68d8b1-AMS
access-control-allow-origin: *
expires: Thu, 28 Mar 2019 16:53:04 GMT

GET
H2 200 news.js Show response
www.bleepstatic.com/js/redesign/ 183 B
468 B 23ms
21ms Script
text/javascript 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/news.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
content-encoding: br
cf-cache-status: HIT
age: 2254742
cf-polished: origSize=247
status: 200
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 15:41:46 GMT
server: cloudflare
etag: W/"4218930423"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 4fe5a5e15b6ad8b1-AMS
expires: Thu, 21 Mar 2019 05:10:14 GMT

GET
H2 200 connatix.renderer.infeed.min.js Show response
cdn.connatix.com/min/ 957 B
1 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::645
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Varnish /
Resource Hash: 4e656b00aee730e6a7b7988247614f8de9700b158bd7c8f666185086183d53d2

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
via: 1.1 varnish
server: Varnish
age: 0
x-cache: HIT
content-type: application/javascript
status: 200
x-referer-host: bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-cache-hits: 0
accept-ranges: bytes
x-timer: S1564472044.725930,VS0,VE0
content-length: 957
retry-after: 0
x-served-by: cache-hhn4022-HHN

GET
H2 200 qc-consent.js Show response
www.bleepstatic.com/js/qc-consent/ 3 KB
1 KB 25ms
20ms Script
text/javascript 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b6a84a416edfb98ed7608dad8cd26ffd7123e54bce2bb13a4a3394e0b948382

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
content-encoding: br
cf-cache-status: HIT
age: 1747304
cf-polished: origSize=3848
status: 200
cf-bgj: minify
last-modified: Thu, 07 Feb 2019 13:49:44 GMT
server: cloudflare
etag: W/"3981350888"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 4fe5a5e18be4d8b1-AMS
expires: Wed, 27 Mar 2019 02:09:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 68 KB
26 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:808::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-91740-1

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

67f6ff539de92fdceb2afebcd32af8a3db2970d5ad82d8a718ddfa4331c45e3c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
content-encoding: br
last-modified: Tue, 30 Jul 2019 06:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 26359
x-xss-protection: 0
expires: Tue, 30 Jul 2019 07:34:03 GMT

GET
H2 200 logo.png
www.bleepstatic.com/images/site/ 1 KB
1 KB 19ms
19ms Image
image/webp 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/logo.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
cf-cache-status: HIT
age: 1576536
cf-polished: origFmt=png, origSize=1882
status: 200
content-disposition: inline; filename="logo.webp"
cf-bgj: imgq:85
content-length: 1152
last-modified: Sat, 04 Mar 2017 04:12:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 4fe5a5e1cc5cd8b1-AMS
expires: Sun, 11 Aug 2019 01:38:27 GMT

GET
H2

200

brand Show response
cse.google.com/coop/cse/
Redirect Chain

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en

3 KB
1 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

pfe /

Resource Hash

4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:33:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: pfe
age: 30
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1181
x-xss-protection: 0
expires: Tue, 30 Jul 2019 08:03:33 GMT

Redirect headers

date: Tue, 30 Jul 2019 07:34:03 GMT
x-content-type-options: nosniff
server: sffe
location: https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 266
x-xss-protection: 0

GET
H2 200 pubfig.min.js Show response
a.pub.network/bleepingcomputer-com/ 432 KB
116 KB 172ms
171ms Script
application/javascript 2606:4700:20::6819:bf72
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:bf72 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: eccbddaa87bff2bb2d9697571fcccc9be778f8c17dafb4a1dfcbc0e999fd558b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
content-encoding: br
cf-cache-status: REVALIDATED
status: 200
x-guploader-uploadid: AEnB2Ur3USZoZuS0D5UelWklMIkxwgwttuewHZJ2lpdjpHLsAoRqX3UeuKtOlkGvKTJBouA9N8bgkB02D0zpUqAC2xsZv0q1IQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Mon, 29 Jul 2019 17:14:20 GMT
server: cloudflare
etag: W/"e39347e69badd432a8fce8ab68b0d18b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=dTK3zg==, md5=45NH5put1DKo/OiraLDRiw==
content-type: application/javascript
x-goog-generation: 1564420460284548
cache-control: public, max-age=1800
x-goog-stored-content-length: 442844
cf-ray: 4fe5a5e1c91b97f0-FRA
expires: Tue, 30 Jul 2019 08:04:03 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 92 KB
34 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

714298b6251bc9f6bb390cb871a096ea383abf7e5928a9438c23291768c1dbbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 34359
x-xss-protection: 0
server: cafe
etag: 17581743365698966113
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 30 Jul 2019 07:34:03 GMT

GET
H2 200 twitter.png
www.bleepstatic.com/images/site/login/ 475 B
600 B 19ms
19ms Image
image/png 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/login/twitter.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9278e008fc4edcd157a9a7b3f5dfbd75c167f405d11296e19c313dc5d052cc2

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
cf-cache-status: HIT
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
age: 547962
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 4fe5a5e1dc67d8b1-AMS
access-control-allow-origin: *
content-length: 475
expires: Fri, 24 May 2019 23:15:26 GMT

GET
H2 200 bootstrap.js Show response
www.bleepstatic.com/js/redesign/ 44 KB
10 KB 62ms
61ms Script
text/javascript 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/bootstrap.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
content-encoding: br
cf-cache-status: HIT
age: 1649917
cf-polished: origSize=65813
status: 200
cf-bgj: minify
last-modified: Thu, 23 Apr 2015 12:36:43 GMT
server: cloudflare
etag: W/"3930092018"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 4fe5a5e1dc69d8b1-AMS
expires: Thu, 28 Mar 2019 05:13:57 GMT

GET
H2 200 blazy.min.js Show response
www.bleepstatic.com/js/blazy/ 5 KB
2 KB 63ms
63ms Script
text/javascript 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/blazy/blazy.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Aug 2018 21:06:19 GMT
server: cloudflare
age: 1638070
etag: W/"753357888"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=3024000
cf-ray: 4fe5a5e1dc6ad8b1-AMS
access-control-allow-origin: *
expires: Thu, 28 Mar 2019 08:32:18 GMT

GET
H2 200 bleep.js Show response
www.bleepstatic.com/js/redesign/ 3 KB
791 B 32ms
31ms Script
text/javascript 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/bleep.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
content-encoding: br
cf-cache-status: HIT
age: 2169645
cf-polished: origSize=3600
status: 200
cf-bgj: minify
last-modified: Mon, 01 Oct 2018 12:47:57 GMT
server: cloudflare
etag: W/"2696894447"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 4fe5a5e1dc6cd8b1-AMS
expires: Fri, 22 Mar 2019 04:49:09 GMT

GET
H2 200 jquery.fancybox.js Show response
www.bleepstatic.com/js/redesign/fancybox/ 31 KB
9 KB 90ms
90ms Script
text/javascript 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
content-encoding: br
cf-cache-status: HIT
age: 1908320
cf-polished: origSize=48706
status: 200
cf-bgj: minify
last-modified: Wed, 14 Oct 2015 20:25:51 GMT
server: cloudflare
etag: W/"327140449"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 4fe5a5e1dc6dd8b1-AMS
expires: Mon, 25 Mar 2019 04:42:04 GMT

GET
H2 200 fixto.min.js Show response
www.bleepstatic.com/js/fixto/ 8 KB
3 KB 60ms
60ms Script
text/javascript 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 13 Jun 2015 21:34:42 GMT
server: cloudflare
age: 2252928
etag: W/"1740214911"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=3024000
cf-ray: 4fe5a5e20ccdd8b1-AMS
access-control-allow-origin: *
expires: Thu, 21 Mar 2019 05:36:11 GMT

GET
H2 200 addthis_widget.js Show response
s9.addthis.com/js/300/ 344 KB
110 KB 100ms
37ms Script
application/javascript 2.18.232.15
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s9.addthis.com/js/300/addthis_widget.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.15 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-15.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 559ddd5af0665c44301056fab0b8c66153cb6a380314f41a6dd7fc541ae4d2ad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
content-encoding: gzip
last-modified: Thu, 18 Jul 2019 17:30:28 GMT
etag: "5d30acb4-561b4"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
x-host: s9.addthis.com
accept-ranges: bytes

GET
H2 200 login_bg.png
www.bleepstatic.com/images/site/ 187 B
279 B 78ms
78ms Image
image/png 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/login_bg.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46f054a5c98b253c46ff84547ce118625668349700a0730724df4bb25bcf5f78

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
cf-cache-status: HIT
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
age: 541298
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 4fe5a5e1ec9bd8b1-AMS
access-control-allow-origin: *
content-length: 187
expires: Sat, 25 May 2019 01:06:01 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin: https://www.bleepingcomputer.com

Response headers

date: Wed, 24 Jul 2019 01:25:10 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 540533
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Thu, 23 Jul 2020 01:25:10 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin: https://www.bleepingcomputer.com

Response headers

date: Wed, 24 Jul 2019 01:26:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 540424
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 0
expires: Thu, 23 Jul 2020 01:26:59 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 nav_bg.png
www.bleepstatic.com/images/site/ 83 B
198 B 63ms
62ms Image
image/png 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/nav_bg.png
Requested by: Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6d408ceb31cfae3d3d87971b82e522a331aa2eb042a793223b7ec19e419c564

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
cf-cache-status: HIT
last-modified: Sat, 04 Mar 2017 07:57:02 GMT
server: cloudflare
age: 545245
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 4fe5a5e1fcc3d8b1-AMS
access-control-allow-origin: *
content-length: 83
expires: Fri, 24 May 2019 23:57:34 GMT

GET
H2 200 connatix.renderer.infeed.min_dc.js Show response
cdns.connatix.com/p/1625/min/ Frame A5B4 713 KB
185 KB 7ms
6ms Script
application/x-javascript 2a04:4e42:1b::645
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.connatix.com/p/1625/min/connatix.renderer.infeed.min_dc.js
Requested by: Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 9737768746f590e294399babcefe90db3b079779b4fabd64a9f348b5aa1e7e92

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
content-encoding: gzip
age: 359089
x-cache: HIT, HIT
status: 200
content-length: 189227
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-dca17740-DCA, cache-hhn4022-HHN
last-modified: Fri, 26 Jul 2019 03:48:36 GMT
x-timer: S1564472044.824965,VS0,VE1
etag: "5346860164ab9fd54c7bf7ff093c2635"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 18260

GET
H2 200 cmp.js Show response
quantcast.mgr.consensu.org/ 143 KB
40 KB 7ms
7ms Script
text/javascript 2600:9000:20bb:4c00:9:46dc:4700:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/cmp.js
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:4c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b870c2ac68a0695e7d2216307d9dd43dafdf18f121cd350fa659b0d10243b5fa

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:32:53 GMT
content-encoding: gzip
last-modified: Tue, 23 Jul 2019 18:36:02 GMT
server: AmazonS3
age: 597
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA56
x-amz-cf-id: 0WhLktqZvDszLdmPXtSTyiVbQeTMwdSTn7rUFde0SgfSfdXtD9Bu-g==
via: 1.1 5e6663e1b6bfcd319fbf11ba3c6a1259.cloudfront.net (CloudFront)

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 Jun 2019 21:35:04 GMT
server: Golfe2
age: 3983
date: Tue, 30 Jul 2019 06:27:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17707
expires: Tue, 30 Jul 2019 08:27:40 GMT

GET
H2 200 20x20-printer.png
www.bleepstatic.com/images/site/ 422 B
589 B 51ms
51ms Image
image/webp 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/20x20-printer.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
cf-cache-status: HIT
age: 1068914
cf-polished: origFmt=png, origSize=824
status: 200
content-disposition: inline; filename="20x20-printer.webp"
cf-bgj: imgq:85
content-length: 422
last-modified: Sat, 03 Oct 2015 03:18:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 4fe5a5e22d16d8b1-AMS
expires: Fri, 16 Aug 2019 22:38:48 GMT

GET
H2 200 calendar.png
www.bleepstatic.com/images/site/ 129 B
254 B 52ms
51ms Image
image/png 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/calendar.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61cb7a1fefe87904c7b02aa16c88d4b42805526d63f9d20f2f797380713e4577

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
cf-cache-status: HIT
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
age: 2537946
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 4fe5a5e22d12d8b1-AMS
access-control-allow-origin: *
content-length: 129
expires: Fri, 31 May 2019 22:31:50 GMT

GET
H2 200 clock.png
www.bleepstatic.com/images/site/ 252 B
413 B 52ms
52ms Image
image/webp 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/clock.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
cf-cache-status: HIT
age: 1063333
cf-polished: origFmt=png, origSize=1316
status: 200
content-disposition: inline; filename="clock.webp"
cf-bgj: imgq:85
content-length: 252
last-modified: Fri, 29 May 2015 07:08:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 4fe5a5e22d14d8b1-AMS
expires: Sat, 17 Aug 2019 00:11:49 GMT

GET
H2 200 comment-light.png
www.bleepstatic.com/images/site/ 96 B
303 B 51ms
51ms Image
image/webp 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/comment-light.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
cf-cache-status: HIT
age: 2365934
cf-polished: origFmt=png, origSize=1034
status: 200
content-disposition: inline; filename="comment-light.webp"
cf-bgj: imgq:85
content-length: 96
last-modified: Fri, 29 May 2015 07:08:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 4fe5a5e22d17d8b1-AMS
expires: Thu, 01 Aug 2019 22:21:49 GMT

GET
H2 200 32x32-printer.png
www.bleepstatic.com/images/site/ 256 B
424 B 35ms
34ms Image
image/webp 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/32x32-printer.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
cf-cache-status: HIT
age: 1065545
cf-polished: origFmt=png, origSize=618
status: 200
content-disposition: inline; filename="32x32-printer.webp"
cf-bgj: imgq:85
content-length: 256
last-modified: Fri, 02 Oct 2015 21:57:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 4fe5a5e27dd0d8b1-AMS
expires: Fri, 16 Aug 2019 23:34:58 GMT

GET
H2 200 21beb902b545b086a90ec39f1df36b94.jpg
www.bleepstatic.com/author/photos/ 7 KB
8 KB 34ms
34ms Image
image/jpeg 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/author/photos/21beb902b545b086a90ec39f1df36b94.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19e1dbba639ba68ceb71cdada9621e11d0aec6edba410971f1937d6cc4935b32

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
cf-cache-status: HIT
age: 1037500
cf-polished: origSize=7617, status=webp_bigger
status: 200
cf-bgj: imgq:85
content-length: 7581
last-modified: Mon, 26 Oct 2015 17:15:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 4fe5a5e27dd1d8b1-AMS
expires: Wed, 20 Mar 2019 04:25:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin: https://www.bleepingcomputer.com

Response headers

date: Wed, 24 Jul 2019 01:26:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 540424
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11180
x-xss-protection: 0
expires: Thu, 23 Jul 2020 01:26:59 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900
Origin: https://www.bleepingcomputer.com

Response headers

date: Wed, 24 Jul 2019 01:25:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 540491
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11056
x-xss-protection: 0
expires: Thu, 23 Jul 2020 01:25:52 GMT

GET
H2 200 h4-bg.png
www.bleepstatic.com/images/site/ 72 B
175 B 35ms
34ms Image
image/png 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/h4-bg.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bb3aaeb6bd2ba6d6c88f1497a5b86b2dba5ed0a39dcdbe82ee94dd06990e146

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
cf-cache-status: HIT
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
age: 544910
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 4fe5a5e24d56d8b1-AMS
access-control-allow-origin: *
content-length: 72
expires: Sat, 25 May 2019 00:08:06 GMT

GET
H2 200 news_email_icon.png
www.bleepstatic.com/images/site/ 126 B
412 B 35ms
34ms Image
image/webp 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/news_email_icon.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a

Request headers

Referer: https://www.bleepstatic.com/css/redesign/home.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
cf-cache-status: HIT
age: 1600933
cf-polished: origFmt=png, origSize=1105
status: 200
content-disposition: inline; filename="news_email_icon.webp"
cf-bgj: imgq:85
content-length: 126
last-modified: Fri, 29 May 2015 07:10:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 4fe5a5e24d53d8b1-AMS
expires: Sat, 10 Aug 2019 18:51:50 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bleepingcomputer.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190724/r20190131/ 213 KB
79 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190724/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

982f3a34f5f84bbdd6b6449c87aa9ee3cfbdb54d66d591f41f8d94f4ec422a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 80877
x-xss-protection: 0
server: cafe
etag: 6335387296809731024
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jul 2019 07:34:03 GMT

GET
H2 200 news_footer_icon.png
www.bleepstatic.com/images/site/ 186 B
278 B 35ms
35ms Image
image/png 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/news_footer_icon.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 371e60eaea3df0bf53403a81ca0d49fad4e0c08dca679cf6a85300da15bf3208

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
cf-cache-status: HIT
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
age: 640275
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 4fe5a5e27dd3d8b1-AMS
access-control-allow-origin: *
content-length: 186
expires: Thu, 23 May 2019 21:41:26 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190724/r20190131/ Frame 6817 213 KB
79 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190724/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

982f3a34f5f84bbdd6b6449c87aa9ee3cfbdb54d66d591f41f8d94f4ec422a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 80877
x-xss-protection: 0
server: cafe
etag: 6335387296809731024
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jul 2019 07:34:03 GMT

GET
H2 200 ca-pub-0920899300397823.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 68 B
150 B 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-0920899300397823.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Mon, 29 Jul 2019 21:42:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
age: 35484
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 88
x-xss-protection: 0
expires: Tue, 30 Jul 2019 09:42:39 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190724/r20190131/ Frame 3FA5 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190724/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190724/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 24 Jul 2019 13:21:49 GMT
expires: Wed, 07 Aug 2019 13:21:49 GMT
content-type: text/html; charset=UTF-8
etag: 8417942342425268489
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 7136
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 497534
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v23/ Frame 544A 0
0 14ms
13ms Document
text/html 2600:9000:20bb:3e00:9:46dc:4700:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v23/cmp-3pc-check.html
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: static.quantcast.mgr.consensu.org
:scheme: https
:path: /v23/cmp-3pc-check.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

status: 200
content-type: text/html
content-length: 583
last-modified: Tue, 23 Jul 2019 18:35:59 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Jul 2019 07:28:59 GMT
etag: "2382c3f01978a379e8fa8bc1a3bec605"
age: 1554
x-cache: Hit from cloudfront
via: 1.1 4b35c814a2788c09b015e4cc052e552f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56
x-amz-cf-id: F2GfId-ptObQ5Y2Lc-o-EZpc-vSFWVjfl6L7RVQe8vaBU37h7bm_8Q==

GET
H2 200 g Show response
ck.connatix.com/ 46 B
102 B 6ms
6ms Script
text/plain 2a04:4e42:1b::645
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://ck.connatix.com/g?callback=cnxJSONP_4b88d398a15fc51a0ae01564472043939
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1625/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Varnish /
Resource Hash: f8bcf7007fb92dc3ea21b999ff73f52344091d2f56782ff0d537b23ea5bb2f7c

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:03 GMT
via: 1.1 varnish
server: Varnish
age: 0
x-cache: HIT
status: 200
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-cache-hits: 0
accept-ranges: bytes
x-timer: S1564472044.943339,VS0,VE0
content-length: 46
retry-after: 0
x-served-by: cache-hhn4022-HHN

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 13ms
13ms Image
image/gif 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j77&a=173968599&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&ul=en-us&de=UTF-8&dt=New%20TrickBot%20Version%20Focuses%20on%20Microsoft%27s%20Windows%20Defender&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=241186282&gjid=894834274&cid=274515886.1564472044&tid=UA-91740-1&_gid=1905735659.1564472044&_r=1&gtm=2ou7i2&z=1969395384

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2019 07:34:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmpui-popup.js Show response
static.quantcast.mgr.consensu.org/v23/ 172 KB
52 KB 8ms
8ms Script
text/javascript 2600:9000:20bb:3e00:9:46dc:4700:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v23/cmpui-popup.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 197a9c26e969604e977626f4724b03758916685d54e4018706da7e96e4fb07a5

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:20:23 GMT
content-encoding: gzip
last-modified: Tue, 23 Jul 2019 18:35:58 GMT
server: AmazonS3
age: 1387
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-cf-pop: FRA56
x-amz-cf-id: 3n1Ua2EmJ6X874zrudOYvYQoMOvl4tKYNEDSeIHFJn_14lhovrUbEQ==
via: 1.1 4b35c814a2788c09b015e4cc052e552f.cloudfront.net (CloudFront)

GET
H2 200 pls Show response
core.connatix.com/ Frame A5B4 11 KB
4 KB 349ms
151ms Script
text/plain 18.207.76.63
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://core.connatix.com/pls?callback=jQuery321024242246370489462_1564472043918&token=83c6e833-8c07-474c-b10f-079d46320a80&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&c_v=1625_0_1_0_0&page_guid=01c516271632c323d36f1564472044000&spp=1&_=1564472043919
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1625/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.76.63 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-18-207-76-63.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 681e69ba98efde182514479b508744ac7e593b9e5c06ac31ad14797b208c06d3

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status: 200
date: Tue, 30 Jul 2019 07:34:04 GMT
content-encoding: gzip
server: nginx/1.12.2
access-control-allow-origin: *

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame A6F0 0
0 255ms
255ms Document
text/html 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1564461736&rafmt=9&guci=1.2.0.0.2.2.0.0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1564472043884&bpp=15&bdt=168&fdt=123&idt=123&shv=r20190724&cbv=r20190131&saldr=aa&abxe=1&correlator=2211543418630&frm=20&pv=2&ga_vid=274515886.1564472044&ga_sid=1564472044&ga_hid=173968599&ga_fc=0&iag=0&icsg=549758443520&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=5071&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=368226501%2C410075105%2C21063397&oid=3&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&osw_key=3733268371&ifi=1&uci=1.mlotoil71scq&fsb=1&xpc=jyhu3jNENg&p=https%3A//www.bleepingcomputer.com&dtd=136

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190724/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0920899300397823&output=html&h=500&slotname=4359266829&adk=3764243768&adf=155314479&w=834&cr_col=4&cr_row=2&fwrn=2&lmt=1564461736&rafmt=9&guci=1.2.0.0.2.2.0.0&format=834x500&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1564472043884&bpp=15&bdt=168&fdt=123&idt=123&shv=r20190724&cbv=r20190131&saldr=aa&abxe=1&correlator=2211543418630&frm=20&pv=2&ga_vid=274515886.1564472044&ga_sid=1564472044&ga_hid=173968599&ga_fc=0&iag=0&icsg=549758443520&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=5071&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=368226501%2C410075105%2C21063397&oid=3&rx=0&eae=0&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=144&bc=31&osw_key=3733268371&ifi=1&uci=1.mlotoil71scq&fsb=1&xpc=jyhu3jNENg&p=https%3A//www.bleepingcomputer.com&dtd=136
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 30 Jul 2019 07:34:04 GMT
server: cafe
content-length: 12427
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 30-Jul-2019 07:49:04 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
expires: Tue, 30 Jul 2019 07:34:04 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 75 KB
28 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190724/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

82f3d77276cf01fe491779f356613120b9e2cea8d70193a752cbf10c7996a9f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1563967017806152"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28248
x-xss-protection: 0
expires: Tue, 30 Jul 2019 07:34:04 GMT

GET
H2 200 TrickBot-Logo.png
www.bleepstatic.com/content/hl-images/2017/09/03/ 77 KB
78 KB 346ms
345ms Image
image/png 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2017/09/03/TrickBot-Logo.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e28ab550c0ea1f71cc178fced9f39e36e65d44d948bd278fc2e7562710ae3c28

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:04 GMT
cf-cache-status: MISS
last-modified: Sun, 03 Sep 2017 18:22:34 GMT
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 4fe5a5e33f6ed8b1-AMS
content-length: 79304
expires: Thu, 29 Aug 2019 07:34:04 GMT

GET
H2 200 292x176_URGENT-11.png
www.bleepstatic.com/content/posts/2019/07/29/thumb/ 38 KB
39 KB 21ms
20ms Image
image/webp 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/posts/2019/07/29/thumb/292x176_URGENT-11.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5e4440c13ee4404761d8e1abbe3684e4ea4a036bcb82b7f03e65aa6fe4c8e84

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:04 GMT
cf-cache-status: HIT
age: 12768
cf-polished: origFmt=png, origSize=54261
status: 200
content-disposition: inline; filename="292x176_URGENT-11.webp"
cf-bgj: imgq:85
content-length: 39366
last-modified: Mon, 29 Jul 2019 14:53:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 4fe5a5e33f73d8b1-AMS
expires: Thu, 29 Aug 2019 04:01:15 GMT

GET
H2 200 292x176_Android_Malware.png
www.bleepstatic.com/content/hl-images/2016/11/22/thumb/ 19 KB
20 KB 22ms
22ms Image
image/webp 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2016/11/22/thumb/292x176_Android_Malware.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7969ff920d3a575faf02dcb6f341e27d6d13b3ba52f1762d9c4083ddfa820a06

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:04 GMT
cf-cache-status: HIT
age: 12764
cf-polished: origFmt=png, origSize=41524
status: 200
content-disposition: inline; filename="292x176_Android_Malware.webp"
cf-bgj: imgq:85
content-length: 19872
last-modified: Tue, 22 Nov 2016 23:31:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 4fe5a5e33f75d8b1-AMS
expires: Thu, 29 Aug 2019 04:01:20 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/ 2 KB
931 B 66ms
64ms Script
application/javascript 2.18.232.15
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/_ate.track.config_resp
Requested by: Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.15 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-15.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.8.v20180619) /
Resource Hash: 5fe405e64b42b49a5813c2c7b8e48ccf290310c5eb351d2b15966856d1a2f06e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:04 GMT
content-encoding: gzip
dnt: 1
surrogate-key: ra-561517d2c7f964d6
server: Jetty(9.4.8.v20180619)
etag: -1808207170--gzip
vary: Accept-Encoding
cache-tag: ra-561517d2c7f964d6
status: 200
cache-control: public, max-age=13, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-type: application/javascript;charset=utf-8
content-length: 678

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 401F 0
0 16ms
16ms Document
text/html 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1564461736&plat=1%3A32776%2C2%3A16809992%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A34635776&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1564472043996&bpp=3&bdt=281&fdt=64&idt=64&shv=r20190724&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=2211543418630&frm=20&pv=1&ga_vid=274515886.1564472044&ga_sid=1564472044&ga_hid=173968599&ga_fc=0&iag=0&icsg=9345851465728&dssz=41&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=368226501%2C410075105%2C21063397&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=2001182872&ifi=1&uci=1.1hgp10i3ihpt&fsb=1&dtd=68

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190724/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1564461736&plat=1%3A32776%2C2%3A16809992%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A34635776&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1564472043996&bpp=3&bdt=281&fdt=64&idt=64&shv=r20190724&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=834x500&nras=1&correlator=2211543418630&frm=20&pv=1&ga_vid=274515886.1564472044&ga_sid=1564472044&ga_hid=173968599&ga_fc=0&iag=0&icsg=9345851465728&dssz=41&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=368226501%2C410075105%2C21063397&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=2001182872&ifi=1&uci=1.1hgp10i3ihpt&fsb=1&dtd=68
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 30 Jul 2019 07:34:04 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 30-Jul-2019 07:49:04 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
expires: Tue, 30 Jul 2019 07:34:04 GMT
cache-control: private

GET
H2 200 jquery.fancybox.css
www.bleepstatic.com/js/redesign/fancybox/ 4 KB
1 KB 34ms
34ms Stylesheet
text/css 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:04 GMT
content-encoding: br
cf-cache-status: HIT
age: 1603651
cf-polished: origSize=4895
status: 200
cf-bgj: minify
last-modified: Wed, 14 Oct 2015 20:25:51 GMT
server: cloudflare
etag: W/"9108074"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 4fe5a5e37ffcd8b1-AMS
expires: Thu, 28 Mar 2019 18:04:30 GMT

GET
H2 200 font-awesome.css
www.bleepstatic.com/css/redesign/ 22 KB
5 KB 38ms
37ms Stylesheet
text/css 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/font-awesome.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:04 GMT
content-encoding: br
cf-cache-status: HIT
age: 2341273
cf-polished: origSize=26776
status: 200
cf-bgj: minify
last-modified: Tue, 03 May 2016 04:39:29 GMT
server: cloudflare
etag: W/"1700274315"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 4fe5a5e3781ed8b1-AMS
expires: Wed, 03 Jul 2019 05:12:31 GMT

GET
H/1.1 200
OK cookie Show response
d.pub.network/ 36 B
527 B 342ms
113ms XHR
text/plain 35.188.71.214
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/cookie
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 214.71.188.35.bc.googleusercontent.com
Software: /
Resource Hash: 0401552f2a8baada175f687c202716b22ae97a18ac9f8f10ac8579b23e222b8e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 30 Jul 2019 07:34:04 GMT
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H/1.1 200
OK gallery.js Show response
freestar-io.videoplayerhub.com/ 68 KB
17 KB 35ms
35ms Script
application/javascript 13.32.158.114
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://freestar-io.videoplayerhub.com/gallery.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.158.114 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-158-114.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0891f85ccd1c9db593424b9838b0c2500e71ad92ebbd5d060d6331d9b2483518

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-amz-version-id: vez.ue2HKrn0vzc3tRsBSDaqIPpGLC3M
Content-Encoding: gzip
Last-Modified: Wed, 24 Jul 2019 17:28:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56
Date: Tue, 30 Jul 2019 07:34:04 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 89934ce37ea0d70a19ace48a847ae306.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: S17va6o4xBkatqydMNk68YL6z6crL-9bieN5UVYBged5J4BjVCqA6Q==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 37 KB
12 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b3f0cf3618bc701038fbf1d26c6832a9fb0674f9e18935ffe36f70245bdface3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "234 / 728 of 1000 / last-modified: 1564416327"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 12521
x-xss-protection: 0
expires: Tue, 30 Jul 2019 07:34:04 GMT

GET
H2 200 prebid-analytics-1.33.5.js Show response
a.pub.network/core/ 323 KB
97 KB 159ms
158ms Script
text/html 2606:4700:20::6819:bf72
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:bf72 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a6ac1e8519aa132772c1f732514d4a2cbcd2143a90710b7656bc23024b4c85c

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:04 GMT
content-encoding: br
cf-cache-status: MISS
status: 200
x-guploader-uploadid: AEnB2UrzMya8_jvzq8Pr6qKyYE3NY0bQNKRnFrTCTGMI1z6MkjW-3guMsYTEpqiNBWFwXYrdESIO8Xq4MDVVSqi_9dvdifbOQQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
last-modified: Wed, 13 Mar 2019 15:07:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=xB2m2g==, md5=LUwj9S7PGmAQITSf93OXew==
content-type: text/html
x-goog-generation: 1552489625640716
cache-control: public, max-age=31536000
x-goog-stored-content-length: 330336
cf-ray: 4fe5a5e40c4097f0-FRA
expires: Wed, 29 Jul 2020 07:34:04 GMT

GET
H/1.1 200
OK location Show response
d.pub.network/ 53 B
372 B 461ms
114ms XHR
application/json 35.188.71.214
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/location
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 214.71.188.35.bc.googleusercontent.com
Software: /
Resource Hash: 9db8799c8383641b18aaeb987074ecd580a81e9766d5128b998474996f0485f1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 30 Jul 2019 07:34:04 GMT
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding: chunked
Content-Type: application/json

GET
H2 200 gvl-proxy Show response
privacy-api-gateway.quantcast.com/ 81 KB
81 KB 199ms
198ms XHR
application/json 13.32.158.123
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy-api-gateway.quantcast.com/gvl-proxy?version=
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.158.123 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-158-123.fra56.r.cloudfront.net
Software: /
Resource Hash: db76ea1e164f349fc5078dbf67563dc394441d086825046b5670c6778fade9b0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

date: Tue, 30 Jul 2019 07:34:04 GMT
via: 1.1 4b35c814a2788c09b015e4cc052e552f.cloudfront.net (CloudFront)
etag: "992b524b21629f25b6e8f2bb3ab59ae8"
x-amz-cf-pop: FRA56
x-amzn-requestid: 6819e3b4-b29c-11e9-b84c-9349f80e4e31
x-cache: Miss from cloudfront
status: 200
x-amz-apigw-id: doLk6FxQvHcFk0Q=
content-length: 82827
last-modified: Thu, 25 Jul 2019 16:00:19 GMT
x-amzn-trace-id: Root=1-5d3ff2ec-0ef387002ef6fc2ec3e8d803
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=259200
x-amz-cf-id: Q5omEasSBZOeeDnKwQjNhrswNcCfoNiTi-1WMhCWXdXfyV4L6dZ4bQ==

GET
H2 200 / Show response
audit.quantcast.mgr.consensu.org/ 80 B
484 B 28ms
28ms XHR
text/html 13.32.158.159
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://audit.quantcast.mgr.consensu.org/?log=;1564472044170;BleepingComputer.com;https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F;;;;;p,off,false,,1,en;CMP_Display:initializationdisplay,;Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F75.0.3770.142%20Safari%2F537.36
Requested by: Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v23/cmpui-popup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.158.159 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-158-159.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

date: Mon, 29 Jul 2019 20:23:38 GMT
via: 1.1 40b36a86ab4ea993a78087b1ceb80e25.cloudfront.net (CloudFront)
vary: Origin
age: 80533
x-cache: Hit from cloudfront
status: 200
content-length: 80
last-modified: Mon, 11 Jun 2018 22:07:34 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: FRA56
accept-ranges: bytes
x-amz-cf-id: iUx4KO_jVJDekAzzqZXbHtHuurd404b8UUAuxS3Z5-cwL8Avah_RsQ==

GET
H2 200 fontawesome-webfont.woff
www.bleepstatic.com/fonts/ 64 KB
64 KB 20ms
20ms Font
application/octet-stream 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepstatic.com/css/redesign/font-awesome.css
Origin: https://www.bleepingcomputer.com

Response headers

date: Tue, 30 Jul 2019 07:34:04 GMT
cf-cache-status: HIT
last-modified: Thu, 23 Apr 2015 09:36:00 GMT
server: cloudflare
age: 6626
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
status: 200
accept-ranges: bytes
cf-ray: 4fe5a5e42d522c10-AMS
access-control-allow-origin: *
content-length: 65452

GET
H2 200 layers.1a65b1df626b9b567918.js Show response
s7.addthis.com/static/ 261 KB
74 KB 58ms
57ms Script
application/javascript 2.18.232.15
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s7.addthis.com/static/layers.1a65b1df626b9b567918.js
Requested by: Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.15 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-15.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 52c076a4a2dcc234393575563406598546bf30e0f521560aa78e8c7952977499

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:04 GMT
content-encoding: gzip
last-modified: Thu, 18 Jul 2019 17:30:28 GMT
etag: "5d30acb4-415e1"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
x-host: s7.addthis.com
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 pubads_impl_2019072601.js Show response
securepubads.g.doubleclick.net/gpt/ 152 KB
56 KB 100ms
54ms Script
text/javascript 172.217.23.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019072601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

77c1c49f6ae3ec59f2e2926b800050a54dac4c2b0449c5fbc585ace16f57ee52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 27 Jul 2019 00:35:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 57067
x-xss-protection: 0
expires: Tue, 30 Jul 2019 07:34:04 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 69 KB
20 KB 339ms
39ms Script
application/javascript 13.32.221.209
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.221.209 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-221-209.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 781c5596f9a65325ecfa652e4fe12760d429b1cf3070be38eb5d42ce6d83eb6d

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Mon, 29 Jul 2019 21:32:36 GMT
content-encoding: gzip
server: Server
age: 36087
etag: 2651fa4bf4c1a481572051f7f35c8f68
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: dk6Ex6O06lcdOApIZk44_e78hn2tGIfqzzZacCW-YFIu2BUkWiveNQ==
via: 1.1 7a04ed7b69e0edefa91e397390fa9ad0.cloudfront.net (CloudFront)

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/dvS98IKwDukcG6gPDYBBcCk9sKY/gpt_and_prebid/ 195 KB
39 KB 3119ms
25ms Script
text/javascript 151.101.113.194
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/dvS98IKwDukcG6gPDYBBcCk9sKY/gpt_and_prebid/config.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 828dee36e1cad92793c92ca76c25a8786f85e1a6a30966932406ec46103d1da1

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Tue, 30 Jul 2019 07:34:07 GMT
Content-Encoding: gzip
Age: 914
X-Cache: HIT
Connection: keep-alive
Content-Length: 39558
x-amz-id-2: bS3U35bnpuq0sIKTiVUnsehXeprrX/Bw1VyvjIs2VFIMwLMsF1iume/HkN7kUAeutI1MTqd5Rv8=
X-Served-By: cache-hhn4075-HHN
Last-Modified: Mon, 29 Jul 2019 14:35:24 GMT
Server: AmazonS3
X-Timer: S1564472048.508386,VS0,VE0
ETag: "1932cfd080597791160bb0207649a147"
x-amz-request-id: F3FE46C7A5A5C72E
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 17

GET
H/1.1 200
OK v2 Show response
d.pub.network/floors/ 3 KB
3 KB 169ms
116ms XHR
application/json 35.188.71.214
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/floors/v2?key=535desktop
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 214.71.188.35.bc.googleusercontent.com
Software: /
Resource Hash: 2824ad2d0c13770e07cfac4e49b7bccafd3afc9a2a2b05972bd5cd640c59b1d3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 30 Jul 2019 07:34:04 GMT
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding: chunked
Content-Type: application/json

GET
DATA 200
OK truncated
/ 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK g Show response
rtb.connatix.com/ 191 B
335 B 11494ms
163ms Script
text/plain 52.200.29.29
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.connatix.com/g?c_pw=834&c_ph=469&c_tk=C018218D-4AD0-4E01-8158-045425E65946&c_bu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&c_ivt=0&connatix_sess=bqHDAhvHNxSHA1_yom-q8Q2_b66FIm7DUErWQ0CZZVpBGX-Q2oHOBcm-HVCbwb-hXrLt56-E_m4Jgd24Bz7cnc-dMfUt7VoE33UhCOW8rbnO2uAuelrs6yaQJ6ciSeHBL6k9JB5WX3eASYDDmA3VjSqD-iJwIVSD6rf1RX2eFbYKqMn9_Dx1X6PIOTo5GxJi&notServed=false&xplr=true&c_s=false&c_pl=4fVDcPSYlbqC233G0M3kB8taQuOLG6rLNvSOpp8COavmWY8BITptdmq0s-ewvhERCA0oeyipqPPNxFC6VNPhyKeBwDcD6Oj5Jqbj0a6iF1jVU7vZcHgOMNbXn8c-8mxiGQhUpjMkLvHSbQFbfE69MwIL7kcrRUaE0ILWaq-Y0Mz0FQcvrx4tQxtJcviUsZim1Y2mDtqBun6-QX4qb5HALx-VmGfAmEbPaVnDhiQLNdE&gdpr=1&med_id=639404&request_guid=4f34dbfa437c04ba60901564472044466&req_no=0&v=1&c_pt=1&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-de&c_v=1625_0_1_0_0&spp=1&callback=cnxJSONP_c91345768f8f2ef5d7c11564472044466
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1625/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.29.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-200-29-29.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 27b4a8972a40ca7aaa04c89393fda09453c51a926ad9d234c489fc3c9418f954

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Jul 2019 07:34:15 GMT
Content-Encoding: gzip
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 156

GET
H2 200 218.jpg
i.connatix.com/s3/connatix-uploads/af391ba1-47b0-4ff1-87cb-08a6df11845f/ 21 KB
21 KB 35ms
15ms Image
image/jpeg 2a04:4e42:3::645
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/af391ba1-47b0-4ff1-87cb-08a6df11845f/218.jpg?mode=stretch&connatiximg=true&scale=both&height=469&width=834
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 0c435e09612018a22500e8ed7cbe02eeeaae7c98ca1501f7ab0e3b2175bc7302

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:04 GMT
via: 1.1 varnish, 1.1 varnish
age: 39578
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 1, 2
accept-ranges: bytes
x-timer: S1564472044.490484,VS0,VE0
access-control-allow-origin: *
content-length: 21817
x-served-by: cache-sjc3122-SJC, cache-fra19171-FRA

GET
H2 200 1.jpg
i.connatix.com/s3/connatix-uploads/594d8eb8-fb1a-403c-84de-9b05dc725cb7/ 26 KB
26 KB 25ms
5ms Image
image/jpeg 2a04:4e42:3::645
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/594d8eb8-fb1a-403c-84de-9b05dc725cb7/1.jpg?mode=crop&width=1001&height=563
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 356bfe696c4953e3315bb5e3f945ca48d7d718007ef7e9f903716b56018dbe32

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:04 GMT
via: 1.1 varnish, 1.1 varnish
age: 39578
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 1, 2
accept-ranges: bytes
x-timer: S1564472044.490467,VS0,VE0
access-control-allow-origin: *
content-length: 26426
x-served-by: cache-sjc3145-SJC, cache-fra19171-FRA

GET
H2 200 1.jpg
i.connatix.com/s3/connatix-uploads/50b9c197-46ef-47d5-893f-d3d3894452ee/ 72 KB
72 KB 35ms
16ms Image
image/jpeg 2a04:4e42:3::645
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/50b9c197-46ef-47d5-893f-d3d3894452ee/1.jpg?mode=crop&width=1001&height=563
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 7e9edd4ec2318eb025e01ea67a4f6f3b75bd173bdb32a0dcf9a37f893169baec

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:04 GMT
via: 1.1 varnish, 1.1 varnish
age: 39578
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 1, 3
accept-ranges: bytes
x-timer: S1564472044.490481,VS0,VE0
access-control-allow-origin: *
content-length: 73417
x-served-by: cache-sjc3143-SJC, cache-fra19171-FRA

GET
H2 200 1.jpg
i.connatix.com/s3/connatix-uploads/5de67c56-f982-4e83-a426-4551e2855caf/ 43 KB
43 KB 41ms
22ms Image
image/jpeg 2a04:4e42:3::645
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/5de67c56-f982-4e83-a426-4551e2855caf/1.jpg?mode=crop&width=1001&height=563
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 9e220f799ed1b3036d63ce02b5ffa4482994d526522821b4771b404e0ba08a32

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:04 GMT
via: 1.1 varnish, 1.1 varnish
age: 39578
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 1, 2
accept-ranges: bytes
x-timer: S1564472044.490502,VS0,VE0
access-control-allow-origin: *
content-length: 44263
x-served-by: cache-sjc3151-SJC, cache-fra19171-FRA

GET
H2 200 1.jpg
i.connatix.com/s3/connatix-uploads/4c5ca8d2-b575-426b-b2bb-13dee5f477b8/ 72 KB
72 KB 41ms
22ms Image
image/jpeg 2a04:4e42:3::645
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/4c5ca8d2-b575-426b-b2bb-13dee5f477b8/1.jpg?mode=crop&width=1001&height=563
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: aaa73509b44d09f9af09c497bb99d57433e8ae896ff36b50cacab6f9359f3051

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:04 GMT
via: 1.1 varnish, 1.1 varnish
age: 39578
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 1, 2
accept-ranges: bytes
x-timer: S1564472044.490549,VS0,VE0
access-control-allow-origin: *
content-length: 73932
x-served-by: cache-sjc3129-SJC, cache-fra19171-FRA

GET
H2 200 1.jpg
i.connatix.com/s3/connatix-uploads/2a16e4b7-1df8-44c4-8b14-bd10b434075a/ 149 KB
149 KB 45ms
26ms Image
image/jpeg 2a04:4e42:3::645
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/2a16e4b7-1df8-44c4-8b14-bd10b434075a/1.jpg?mode=crop&width=1001&height=563
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 391f3da7f65ac83416f1319ddfca7c315be8abde245867c297a4d6c78e3ca1ab

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:04 GMT
via: 1.1 varnish, 1.1 varnish
age: 212654
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 1, 1
accept-ranges: bytes
x-timer: S1564472044.490555,VS0,VE2
access-control-allow-origin: *
content-length: 152406
x-served-by: cache-sjc3138-SJC, cache-fra19171-FRA

GET
H2 200 bleeping-computerlogo-lg.png
www.bleepstatic.com/logos/ 7 KB
7 KB 22ms
22ms Image
image/webp 104.24.0.61
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/logos/bleeping-computerlogo-lg.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.24.0.61 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a56e644a617b2d1e4e7d808dfc334a7ea8622979f22999dc9eccd21c61958b3

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:04 GMT
cf-cache-status: HIT
age: 2375893
cf-polished: origFmt=png, origSize=15281
status: 200
content-disposition: inline; filename="bleeping-computerlogo-lg.webp"
cf-bgj: imgq:85
content-length: 7156
last-modified: Wed, 07 Jan 2015 22:52:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 4fe5a5e5fd77d8b1-AMS
expires: Thu, 01 Aug 2019 19:35:51 GMT

GET
H2 200 0_th_1.jpg
i.connatix.com/s3/connatix-videos/af391ba1-47b0-4ff1-87cb-08a6df11845f/ Frame A5B4 23 KB
23 KB 23ms
22ms Image
image/jpeg 2a04:4e42:3::645
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-videos/af391ba1-47b0-4ff1-87cb-08a6df11845f/0_th_1.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::645 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: c3034d0370c5faa09e7a8d7b0c48925afa0371cf17e4827dde23059f56019dae

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:04 GMT
via: 1.1 varnish, 1.1 varnish
age: 3621079
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 1, 1
accept-ranges: bytes
x-timer: S1564472044.494491,VS0,VE0
access-control-allow-origin: *
content-length: 23507
x-served-by: cache-sjc3144-SJC, cache-fra19171-FRA

GET
H2 200 beacon.js Show response
ad-delivery.net/ 1 KB
985 B 27ms
27ms Script
application/x-javascript 13.32.158.181
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-delivery.net/beacon.js
Requested by: Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.158.181 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-158-181.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 31 Jan 2017 15:06:54 GMT
server: AmazonS3
age: 1262
date: Tue, 30 Jul 2019 07:13:03 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA56
x-amz-cf-id: Q9vvnmUxilNTfBBrnr9D4SwFO-CvZ_c0Wo9_hw8_PwUyA0KqU51Bdg==
via: 1.1 3664cc1fd21a07e55327a9c256fa758a.cloudfront.net (CloudFront)

GET av
connatix-d.openx.net/v/1.0/ Frame A5B4 0
0

GET
H/1.1 200
OK r
trk.connatix.com/ Frame A5B4 0
153 B 7722ms
98ms Image
text/plain 23.22.162.56
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/r?connatix_sess=bqHDAhvHNxSHA1_yom-q8Q2_b66FIm7DUErWQ0CZZVpBGX-Q2oHOBcm-HVCbwb-hXrLt56-E_m4Jgd24Bz7cnc-dMfUt7VoE33UhCOW8rbnO2uAuelrs6yaQJ6ciSeHBL6k9JB5WX3eASYDDmA3VjSqD-iJwIVSD6rf1RX2eFbYKqMn9_Dx1X6PIOTo5GxJi&videoID=639404&c_pl=4fVDcPSYlbqC233G0M3kB8taQuOLG6rLNvSOpp8COavmWY8BITptdmq0s-ewvhERCA0oeyipqPPNxFC6VNPhyKeBwDcD6Oj5Jqbj0a6iF1jVU7vZcHgOMNbXn8c-8mxiGQhUpjMkLvHSbQFbfE69MwIL7kcrRUaE0ILWaq-Y0Mz0FQcvrx4tQxtJcviUsZim1Y2mDtqBun6-QX4qb5HALx-VmGfAmEbPaVnDhiQLNdE&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-de&c_v=1625_0_1_0_0&spp=1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.162.56 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-23-22-162-56.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Jul 2019 07:34:12 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 0

GET
H2 404 CookieAccess Show response
api.quantcast.mgr.consensu.org/ 30 B
593 B 296ms
295ms XHR
application/json 13.32.158.208
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.quantcast.mgr.consensu.org/CookieAccess
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.158.208 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-158-208.fra56.r.cloudfront.net
Software: /
Resource Hash: 5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

date: Tue, 30 Jul 2019 07:34:04 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56
x-amzn-requestid: 68801ec1-b29c-11e9-969a-217f0b8ef30e
x-cache: Error from cloudfront
status: 404
x-amz-apigw-id: doLlBFQMIAMFWtg=
content-length: 50
access-control-allow-origin: https://www.bleepingcomputer.com
x-amzn-trace-id: Root=1-5d3ff2ec-7a18ff5aa557072d09498992;Sampled=0
vary: Origin
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 a84a4d90dd581e1a1c18e1bf5992b931.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
x-amz-cf-id: cBZZ4HVOTO8pO9Snm8FEeriLIw3v6hDFJJr6qMEYajt_OaQWt9xwVw==

GET aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 0
0

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 47 B
398 B 58ms
58ms XHR
text/javascript 13.32.221.209
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&pid=3897253127761564472044736&cb=6340172756931564472044788&ws=1600x1200&v=7.32.00&t=1000&slots=%5B%7B%22sd%22%3A%22bleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_1%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_728x90_320x50_InContent_1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%2C%7B%22sd%22%3A%22bleepingcomputer_300x250_300x600_160x600_Right_3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%22%7D%5D&pj=%7B%22apse%22%3A%7B%22chunkRequests%22%3Afalse%2C%22shouldCFRoute%22%3Atrue%2C%22shouldSampleLatency%22%3Afalse%7D%7D&cfgv=0&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.221.209 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-221-209.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 68b75f0a3232f50354a1c56dfa31821dc2e39ff14b01cd96f8b1f979677efade

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

date: Tue, 30 Jul 2019 07:34:04 GMT
via: 1.1 7a04ed7b69e0edefa91e397390fa9ad0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 47
x-amz-cf-id: AfVjxCOkBhAQp0SNMd19GMe6pPovVeoNZ0QjYu8zoS66bO_l1mmGHQ==

GET
H/1.1 200
OK jquery.color-2.1.2.min.js Show response
cluster-na.cdnjquery.com/color/ 136 B
379 B 15888ms
98ms Script
text/javascript 34.195.70.133
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://cluster-na.cdnjquery.com/color/jquery.color-2.1.2.min.js?integrity=sha256_H28SdxWrZ387Ldn0qogCzFiUDDxfPiNIyJX7BECQkDE&checksum=%7B%22cbc%22%3A0%2C%22st%22%3A2%2C%22au%22%3A%5B%5D%2C%22hau%22%3A%5B%5D%2C%22ref%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F%22%2C%22aa%22%3A3%2C%22pgid%22%3A%22dd3763f0-7b7e-84ed-6bd0-e563e7667cb5%22%2C%22v%22%3A1%2C%22format%22%3A%22jsonp%22%7D&o=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F

Requested by

Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.195.70.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-195-70-133.compute-1.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

dfa0fa699e3f4c42bc3b826288970bb930201db50917c3b64d44371db81a71ad

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Tue, 30 Jul 2019 07:34:20 GMT
Content-Encoding: gzip
Server: nginx/1.12.1
ETag: W/"88-y3ju8Rm2pw+zr+zxsgKFdUQtKvI"
X-Frame-Options: DENY
Content-Type: text/javascript; charset=utf-8
Charset: utf8
Connection: keep-alive
Content-Length: 106

GET
H2 200 px.gif
ad-delivery.net/ 43 B
382 B 27ms
27ms Image
image/gif 13.32.158.181
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.634339405193463
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.158.181 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-158-181.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3664cc1fd21a07e55327a9c256fa758a.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2017 18:59:05 GMT
server: AmazonS3
age: 13163
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
x-cache: Hit from cloudfront
content-type: image/gif
status: 200
date: Tue, 30 Jul 2019 04:40:43 GMT
x-amz-cf-pop: FRA56
accept-ranges: bytes
content-length: 43
x-amz-cf-id: 6W4npoKt3cLY_9HzzCzY_2-e8AmnH2I4Ms38ms51leU7_S_ZSDk_Gg==

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 49.45d0d44e9b5e129632e0.js Show response
s7.addthis.com/static/ 281 B
450 B 31ms
31ms Script
application/javascript 2.18.232.15
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s7.addthis.com/static/49.45d0d44e9b5e129632e0.js
Requested by: Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.15 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-15.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 66e0f9a747bdd042fb9d01000d611034c4bdd2351cadb25fda445defec19c603

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:05 GMT
last-modified: Thu, 28 Feb 2019 14:32:49 GMT
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
x-host: s7.addthis.com
accept-ranges: bytes
timing-allow-origin: *
content-length: 281

GET
H2 200 / Show response
graph.facebook.com/ 308 B
379 B 110ms
109ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_hfom0

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

b5df829641918379bb2af2f108c0291b991228b15262272613a43ff8f3716850

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
date: Tue, 30 Jul 2019 07:34:05 GMT
x-fb-rev: 1000998080
content-length: 193
pragma: no-cache
x-fb-debug: sJAtcL7MY0XVLK42BxTm2Tzjhau5jIljZAugSILsrTwvTmFIB4ODoLHH71/d70EsZ0NOdiexB4Penw5PRgGmbA==
x-fb-trace-id: BPHjRhNnz7+
etag: "c5584e042ed6052cdfe7afda0c0d71d4216e0659"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AlEY_I-dC4jIZ75so_OkFWg
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.10
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 info.json Show response
www.reddit.com/api/ 126 B
368 B 208ms
207ms Script
application/javascript 151.101.13.140
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&jsonp=_ate.cbs.rcb_bwod0

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

snooserv /

Resource Hash

daaa5e1ebe38092e80bc7375a758764b4339437e0105eafba6524f86f8f3e2f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:05 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
status: 200
x-cache-hits: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 126
x-xss-protection: 1; mode=block
x-served-by: cache-fra19126-FRA
x-moose: majestic
server: snooserv
x-timer: S1564472045.152397,VS0,VE182
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
expires: -1

GET
H2 200 / Show response
graph.facebook.com/ 147 B
356 B 97ms
96ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_90m90

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

5ffdc58a711cdf4e31ee083584d6a7861b723c89d19470e1351ea1be7ddc9d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
date: Tue, 30 Jul 2019 07:34:05 GMT
x-fb-rev: 1000998080
content-length: 147
pragma: no-cache
x-fb-debug: +GOTOp7foSTQSaur8LG4oyVLHK75tG02TMdixUDlpyzsqCds6OnuVCzxjiBWCRYSLM0djMrTbNqVI/m9SaGeZg==
x-fb-trace-id: C8Tqk3UEDJs
etag: "ed2ff5e9c79897636149d514072ce4be736fab6d"
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AL4Zt5afKvgBvIzhwpBh6Hu
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.10
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 info.json Show response
www.reddit.com/api/ 126 B
260 B 773ms
772ms Script
application/javascript 151.101.13.140
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&jsonp=_ate.cbs.rcb_1rge0

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

snooserv /

Resource Hash

d6f4770b6db189a7cb7357a07984b9eb0ae0caca9892bcf36b52b9456d25d46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:05 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
status: 200
x-cache-hits: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 126
x-xss-protection: 1; mode=block
x-served-by: cache-fra19126-FRA
x-moose: majestic
server: snooserv
x-timer: S1564472045.152837,VS0,VE747
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
expires: -1

GET
H2 200 / Show response
audit.quantcast.mgr.consensu.org/ 80 B
485 B 34ms
33ms XHR
text/html 13.32.158.159
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://audit.quantcast.mgr.consensu.org/?log=;1564472045256;BleepingComputer.com;https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F;;;;;p,off,false,,1,en;Shown,;Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F75.0.3770.142%20Safari%2F537.36
Requested by: Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v23/cmpui-popup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.158.159 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-158-159.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

date: Mon, 29 Jul 2019 20:23:38 GMT
via: 1.1 40b36a86ab4ea993a78087b1ceb80e25.cloudfront.net (CloudFront)
vary: Origin
age: 80534
x-cache: Hit from cloudfront
status: 200
content-length: 80
last-modified: Mon, 11 Jun 2018 22:07:34 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: FRA56
accept-ranges: bytes
x-amz-cf-id: v7RP6Vt5sCvDOIR0QWXKAGi_U2AXEJHCQCVlmyVyZ2IV8t7scXoaBQ==

POST
H2 200 v2 Show response
i.connectad.io/api/ 205 B
703 B 418ms
373ms XHR
application/json 2606:4700:10::6814:8428
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:8428 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b209f7533db1b9935ef33700a2406ef791192036379be67d85a554a19f550d49

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Jul 2019 07:34:06 GMT
content-encoding: gzip
content-type: application/json
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 4fe5a5ed7e15c2ef-FRA
alt-svc: clear
via: 1.1 google

POST prebid
ib.adnxs.com/ut/v3/ 0
0

GET imp
g2.gumgum.com/hbid/ 0
0

GET v1
btlr.sharethrough.com/header-bid/ 0
0

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 522 B
713 B 65ms
22ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 3cc33b181548975ffd31f93f480a1aa3125bcbadee399c8e1f58bfce2bd792d1

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Jul 2019 07:34:05 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 522
expires: 0

OPTIONS v1
dmx.districtm.io/b/ 0
0

POST prebid_display
display.bfmio.com/ 0
0

GET arj
freestar-d.openx.net/w/1.0/ 0
0

POST hb
ssc.33across.com/api/v1/ 0
0

POST auction
tlx.3lift.com/header/ 0
0

POST /
hb.emxdgt.com/ 0
0

POST prebid
ib.adnxs.com/ut/v3/ 0
0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 266 KB
23 KB 534ms
534ms XHR
text/javascript 172.217.23.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3813721708863808&correlator=2101216667057414&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&vrg=2019072601&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190730&iu_parts=15184186%2Cbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_300x250_300x600_160x600_Right_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_1x1%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%2C1x1%2C300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7C%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1564461736&dt=1564472045648&dlt=1564472043716&idt=666&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C436%2C1082%2C1082%2C268%2C800%2C1082&adys=146%2C5878%2C327%2C1158%2C4447%2C6384%2C1683&adks=960084856%2C976516616%2C771041174%2C2389526111%2C4047242158%2C2635258439%2C523518761&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&dssz=55&icsg=598134495387648&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x120%7C1200x90%7C306x250%7C306x250%7C834x90%7C1600x6384%7C306x250&msz=1170x90%7C1170x90%7C306x250%7C306x250%7C834x90%7C1600x1%7C306x250&blev=1&bisch=1&ga_vid=274515886.1564472044&ga_sid=1564472044&ga_hid=173968599&fws=4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

1e54551a0a5fe7187f1a58cf37f18699248a8a6d7b6c39d98ee6ee9c09473a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

date: Tue, 30 Jul 2019 07:34:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 22865
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-1,-1,4769125089,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,-1,-1,138241540478,-1
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019072601.js Show response
securepubads.g.doubleclick.net/gpt/ 67 KB
25 KB 55ms
55ms Script
text/javascript 172.217.23.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

e30fcf77b1e245e0efca3b6aae9837c822deca516dcdf2d2db4da35012b7e96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 27 Jul 2019 00:35:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 25579
x-xss-protection: 0
expires: Tue, 30 Jul 2019 07:34:05 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 0
0

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 47 B
397 B 59ms
58ms XHR
text/javascript 13.32.221.209
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&pid=3897253127761564472044736&cb=2534332387981564472045711&ws=1600x1200&v=7.32.00&t=1000&slots=%5B%7B%22sd%22%3A%22bleepingcomputer_970x90_728x90_320x50_sticky%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_970x90_728x90_320x50_sticky%22%7D%5D&pj=%7B%22apse%22%3A%7B%22chunkRequests%22%3Afalse%2C%22shouldCFRoute%22%3Atrue%2C%22shouldSampleLatency%22%3Afalse%7D%7D&cfgv=0&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.221.209 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-221-209.fra56.r.cloudfront.net
Software: Server /
Resource Hash: ed00038fea1a22fc58d84d63bcdf3d7fe772d8c6f58a81c989d2f72f1d702ebd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

date: Tue, 30 Jul 2019 07:34:05 GMT
via: 1.1 7a04ed7b69e0edefa91e397390fa9ad0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 47
x-amz-cf-id: s9WaDNfjxo1lKp51FzVz8AkUDU2-YZrH2pRkNBmr8pNgJ20zaN2rgw==

GET quant.js
secure.quantserve.com/ 0
0

GET
H2 200 bxl.js Show response
hbx.media.net/ 16 KB
7 KB 7399ms
47ms Script
text/javascript 23.210.250.97
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://hbx.media.net/bxl.js?cid=8CUFH1GPH&dn=www.bleepingcomputer.com&version=&https=1
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.97 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-250-97.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3f527e649e761d31f85afd319f141782718ada9c499585da7d11c36a8963fa11

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:13 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=86400
content-length: 6642
x-mnet-hl2: E
expires: Wed, 31 Jul 2019 07:34:13 GMT

GET beacon.js
sb.scorecardresearch.com/ 0
0

GET load.js
s.ntv.io/serve/ 0
0

GET
H/1.1 200
OK efdb416c-bf6a-4fc0-a79c-dc4d4fe3bbe4 Show response
d.pub.network/rfm/cookie/ 3 B
321 B 114ms
114ms XHR
application/json 35.188.71.214
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/rfm/cookie/efdb416c-bf6a-4fc0-a79c-dc4d4fe3bbe4
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 214.71.188.35.bc.googleusercontent.com
Software: /
Resource Hash: 8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 30 Jul 2019 07:34:05 GMT
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding: chunked
Content-Type: application/json

GET
H/1.1 200
OK classification Show response
d.pub.network/ 3 B
321 B 229ms
115ms XHR
application/json 35.188.71.214
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/classification?siteId=535&pageUrl=https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 214.71.188.35.bc.googleusercontent.com
Software: /
Resource Hash: 8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 30 Jul 2019 07:34:05 GMT
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding: chunked
Content-Type: application/json

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 53 KB
17 KB 22ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 16120
x-xss-protection: 0
pragma: public
x-fb-debug: NAgNwbsbf3DP6hncoIDHxro2eUOgp8lnKO7Th6aenfW3jwX9EbH8Io7hyPaWzf7wWbUSCHwClZ+z9m/Sv3a3uQ==
x-fb-trip-id: 568062040
date: Tue, 30 Jul 2019 07:34:05 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 134240187179576 Show response
connect.facebook.net/signals/config/ 228 KB
60 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/134240187179576?v=2.8.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

8d9c3e3cfba892b2954a9c28ec67162355632750aa8b45d55323b04bc29ae61b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 61414
x-xss-protection: 0
pragma: public
x-fb-debug: yX8PZBTO5byuUP0un82FlgW8Q9pBHPnvAECXgyuLZo5aamIH/ppEGCilmExzmZKnG1+aJZkNj/LHMjXAPPviLw==
x-fb-trip-id: 568062040
date: Tue, 30 Jul 2019 07:34:06 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 1 KB
911 B 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.51

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 772
x-xss-protection: 0
pragma: private
x-fb-debug: vDybN7blc4xWAOOn/2uuiNZ+8WJlQSj+SB/ZQFwzqELP1x4rRlILrL6CrL8R9YxmyOjXlII596Xiw15wX9iZ0Q==
x-fb-trip-id: 568062040
date: Tue, 30 Jul 2019 07:34:06 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
310 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=134240187179576&ev=PageView&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&rl=&if=false&ts=1564472046040&sw=1600&sh=1200&v=2.8.51&r=stable&ec=0&o=30&fbp=fb.1.1564472046039.631815464&it=1564472046000&coo=false&rqm=GET

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 30 Jul 2019 07:34:06 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
200 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=134240187179576&ev=ViewContent&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&rl=&if=false&ts=1564472046042&cd[freestar]=efdb416c-bf6a-4fc0-a79c-dc4d4fe3bbe4&cd[client]=392&cd[site]=535&cd[page]=48ac0147b5642505915b7edf0ca39dd6&sw=1600&sh=1200&v=2.8.51&r=stable&ec=1&o=30&fbp=fb.1.1564472046039.631815464&it=1564472046000&coo=false&rqm=GET

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 30 Jul 2019 07:34:06 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011907152257550/ 20 KB
7 KB 41ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9b3d54d3263fbe240684c9619180be1a3583ceebb22310d9376e9205eda59558

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1162002
status: 200
date: Tue, 16 Jul 2019 20:47:24 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 7364
x-xss-protection: 0
server: sffe
etag: "a11024a6e18f00fe"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 20:47:24 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011907152257550/ Frame BC81 264 KB
72 KB 39ms
24ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4e81d17c86282c2452bb5c896599ebf07a95f5c277dcbbb5292c6709ccf0deb9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 469190
status: 200
date: Wed, 24 Jul 2019 21:14:16 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 73152
x-xss-protection: 0
server: sffe
etag: "2fc936ce1d2a88a9"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 23 Jul 2020 21:14:16 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame BC81 13 KB
6 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c4b6859d770f27ea1f0933c56b235e93c67acd2f8a6ba74659608e3831c96591

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156404
status: 200
date: Tue, 16 Jul 2019 22:20:42 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 4933
x-xss-protection: 0
server: sffe
etag: "cc7e30e629c50a82"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:42 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame BC81 143 KB
39 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6ea9f4eb20123baf3a45b682a96b511a5e00bcadb4e6f01b6df892993750dbe3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156432
status: 200
date: Tue, 16 Jul 2019 22:20:14 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 39866
x-xss-protection: 0
server: sffe
etag: "ff7d3066921af2b0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:14 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame BC81 4 KB
1 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f65a5163f65db06a6da4f9e0df34e8039f9dddbc71c514c78c5ef94a8a8a418f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156414
status: 200
date: Tue, 16 Jul 2019 22:20:32 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1469
x-xss-protection: 0
server: sffe
etag: "b4f3648926108a92"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:32 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame BC81 42 KB
13 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f6688cfa3f8e278cf30958e738af35ed967d4d9b47f8f8dc363f922a04b8022

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156429
status: 200
date: Tue, 16 Jul 2019 22:20:17 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 13586
x-xss-protection: 0
server: sffe
etag: "e4f63fbb021b9939"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:17 GMT

GET
DATA 200
OK truncated
/ Frame BC81 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cba926ea1ca2ad743c154e0dbd06a804ce1a62ac74dfd6247a3b42142972a175

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011907152257550/ Frame 31F4 264 KB
72 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4e81d17c86282c2452bb5c896599ebf07a95f5c277dcbbb5292c6709ccf0deb9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 469190
status: 200
date: Wed, 24 Jul 2019 21:14:16 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 73152
x-xss-protection: 0
server: sffe
etag: "2fc936ce1d2a88a9"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 23 Jul 2020 21:14:16 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame 31F4 13 KB
5 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c4b6859d770f27ea1f0933c56b235e93c67acd2f8a6ba74659608e3831c96591

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156404
status: 200
date: Tue, 16 Jul 2019 22:20:42 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 4933
x-xss-protection: 0
server: sffe
etag: "cc7e30e629c50a82"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:42 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame 31F4 143 KB
39 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6ea9f4eb20123baf3a45b682a96b511a5e00bcadb4e6f01b6df892993750dbe3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156431
status: 200
date: Tue, 16 Jul 2019 22:20:15 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 39866
x-xss-protection: 0
server: sffe
etag: "ff7d3066921af2b0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:15 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame 31F4 4 KB
2 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f65a5163f65db06a6da4f9e0df34e8039f9dddbc71c514c78c5ef94a8a8a418f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156414
status: 200
date: Tue, 16 Jul 2019 22:20:32 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1469
x-xss-protection: 0
server: sffe
etag: "b4f3648926108a92"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:32 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame 31F4 42 KB
13 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f6688cfa3f8e278cf30958e738af35ed967d4d9b47f8f8dc363f922a04b8022

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156429
status: 200
date: Tue, 16 Jul 2019 22:20:17 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 13586
x-xss-protection: 0
server: sffe
etag: "e4f63fbb021b9939"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 31F4 4 KB
631 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

efe95cb2cc312e0132b0ce914c642ecee0534223df3f1d47579cdabe6cc070cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 30 Jul 2019 07:34:06 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 30 Jul 2019 07:34:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 30 Jul 2019 07:34:06 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 31F4 4 KB
677 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

efe95cb2cc312e0132b0ce914c642ecee0534223df3f1d47579cdabe6cc070cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 30 Jul 2019 07:34:06 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 30 Jul 2019 07:34:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 30 Jul 2019 07:34:06 GMT

GET
DATA 200
OK truncated
/ Frame 31F4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78f691e75f646934e03afc71e5695dfa6bce3179cd75d1c4f8daf5898c4ddecd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011907152257550/ Frame 25F7 264 KB
72 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4e81d17c86282c2452bb5c896599ebf07a95f5c277dcbbb5292c6709ccf0deb9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 469190
status: 200
date: Wed, 24 Jul 2019 21:14:16 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 73152
x-xss-protection: 0
server: sffe
etag: "2fc936ce1d2a88a9"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 23 Jul 2020 21:14:16 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame 25F7 13 KB
5 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c4b6859d770f27ea1f0933c56b235e93c67acd2f8a6ba74659608e3831c96591

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156404
status: 200
date: Tue, 16 Jul 2019 22:20:42 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 4933
x-xss-protection: 0
server: sffe
etag: "cc7e30e629c50a82"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:42 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame 25F7 143 KB
39 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6ea9f4eb20123baf3a45b682a96b511a5e00bcadb4e6f01b6df892993750dbe3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156432
status: 200
date: Tue, 16 Jul 2019 22:20:14 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 39866
x-xss-protection: 0
server: sffe
etag: "ff7d3066921af2b0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:14 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame 25F7 4 KB
2 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f65a5163f65db06a6da4f9e0df34e8039f9dddbc71c514c78c5ef94a8a8a418f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156427
status: 200
date: Tue, 16 Jul 2019 22:20:19 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1469
x-xss-protection: 0
server: sffe
etag: "b4f3648926108a92"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:19 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame 25F7 42 KB
13 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f6688cfa3f8e278cf30958e738af35ed967d4d9b47f8f8dc363f922a04b8022

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156432
status: 200
date: Tue, 16 Jul 2019 22:20:14 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 13586
x-xss-protection: 0
server: sffe
etag: "e4f63fbb021b9939"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 25F7 4 KB
631 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

efe95cb2cc312e0132b0ce914c642ecee0534223df3f1d47579cdabe6cc070cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 30 Jul 2019 07:34:06 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 30 Jul 2019 07:34:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 30 Jul 2019 07:34:06 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 25F7 4 KB
631 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

efe95cb2cc312e0132b0ce914c642ecee0534223df3f1d47579cdabe6cc070cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 30 Jul 2019 07:34:06 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 30 Jul 2019 07:34:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 30 Jul 2019 07:34:06 GMT

GET
DATA 200
OK truncated
/ Frame 25F7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a073a70d3952ed18099835ff0004142b08d9b1a995d6991a63d323dea4fdd8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011907152257550/ Frame D225 264 KB
72 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4e81d17c86282c2452bb5c896599ebf07a95f5c277dcbbb5292c6709ccf0deb9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 688686
status: 200
date: Mon, 22 Jul 2019 08:16:00 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 73152
x-xss-protection: 0
server: sffe
etag: "2fc936ce1d2a88a9"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Tue, 21 Jul 2020 08:16:00 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame D225 13 KB
5 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c4b6859d770f27ea1f0933c56b235e93c67acd2f8a6ba74659608e3831c96591

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156404
status: 200
date: Tue, 16 Jul 2019 22:20:42 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 4933
x-xss-protection: 0
server: sffe
etag: "cc7e30e629c50a82"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:42 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame D225 143 KB
39 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6ea9f4eb20123baf3a45b682a96b511a5e00bcadb4e6f01b6df892993750dbe3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156432
status: 200
date: Tue, 16 Jul 2019 22:20:14 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 39866
x-xss-protection: 0
server: sffe
etag: "ff7d3066921af2b0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:14 GMT

GET
H2 200 amp-animation-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame D225 104 KB
29 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-animation-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

78d68f656ce9ccf337f68fb8efe09021c4b5dd752f54ea822ebc0df13ba7d6d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156388
status: 200
date: Tue, 16 Jul 2019 22:20:58 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 29083
x-xss-protection: 0
server: sffe
etag: "e98416e757cc5eb1"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:58 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame D225 4 KB
1 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f65a5163f65db06a6da4f9e0df34e8039f9dddbc71c514c78c5ef94a8a8a418f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156427
status: 200
date: Tue, 16 Jul 2019 22:20:19 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1469
x-xss-protection: 0
server: sffe
etag: "b4f3648926108a92"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:19 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame D225 42 KB
13 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f6688cfa3f8e278cf30958e738af35ed967d4d9b47f8f8dc363f922a04b8022

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156429
status: 200
date: Tue, 16 Jul 2019 22:20:17 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 13586
x-xss-protection: 0
server: sffe
etag: "e4f63fbb021b9939"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:17 GMT

GET
DATA 200
OK truncated
/ Frame D225 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc92463807c8a65c3306c92a67a6f1b845bb552a75a1876512ef9a8ce85520f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 assistant_800_normal.ttf
tpc.googlesyndication.com/sadbundle/2030327263307847427/fonts/ Frame D225 76 KB
76 KB 41ms
16ms Font
application/octet-stream 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/2030327263307847427/fonts/assistant_800_normal.ttf

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8dd753100a744cb309ef95207341ed36368a3692725b4cc793d21144c38a78cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

date: Mon, 22 Jul 2019 07:46:18 GMT
x-content-type-options: nosniff
age: 690468
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 78120
x-xss-protection: 0
last-modified: Fri, 03 May 2019 06:41:14 GMT
server: sffe
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jul 2020 07:46:18 GMT

GET
H2 200 assistant_400_normal.ttf
tpc.googlesyndication.com/sadbundle/2030327263307847427/fonts/ Frame D225 74 KB
74 KB 32ms
7ms Font
application/octet-stream 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/2030327263307847427/fonts/assistant_400_normal.ttf

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1adbd912ae27d038491f9db1c7e6a007b8043c4a1f423009a351b03258756453

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

date: Mon, 29 Jul 2019 11:39:17 GMT
x-content-type-options: nosniff
age: 71689
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 75424
x-xss-protection: 0
last-modified: Fri, 03 May 2019 06:41:14 GMT
server: sffe
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jul 2020 11:39:17 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 14D2 0
184 B 34ms
33ms Fetch
image/gif 172.217.23.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEXLvIK6NbFc-H5lfueTpIhFGYO80Jno0tV3yp7RE9UpGeGtG5aCTfehuXfthvhQQbviMgZB3RCdV3I8Oy8axpMFsCyXv3xWtLmvRs66618d9o_uHQ_zQ7KWJiW9mBLYBJQLK8qYVrybuMFnyb_qRPvrZK0VptmCT3_WpLSF7roMSKSxrsuRcgHPoDvH8Q4gBiNe8bOmhSIUV42a5SLWoquVim79aQ0Z0vpJwt15oPmyH4Uc_yhMSo0p8yJRMJEGD4-7kuLeoqVuYoU64JT1UaGw4T4l3yFZLx&sig=Cg0ArKJSzHBRVhwdwTwjEAE&urlfix=1&adurl=

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Jul 2019 07:34:06 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Tue, 30 Jul 2019 07:34:06 GMT

GET
H2 200 native-loader.js Show response
video.unrulymedia.com/native/ Frame 14D2 9 KB
4 KB 81ms
26ms Script
application/javascript 13.32.145.147
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/native-loader.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.145.147 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-145-147.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e130156173f785d175362c1362c093df04449a3ce2f349139c03c5ef3055ab64

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:26:36 GMT
content-encoding: gzip
x-amz-expiration: expiry-date="Tue, 28 Jul 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Mon, 29 Jul 2019 16:04:23 GMT
server: AmazonS3
age: 452
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=600
x-amz-cf-pop: FRA56
x-amz-cf-id: 4IbzsDvXvGQska0tcWL1UW4FhQwUBHjGzxSs28i9I01DdZuBFdILcg==
via: 1.1 5d4ff22febf83d261f03aa068f5bdc04.cloudfront.net (CloudFront)

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 14D2 74 KB
28 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c7843c865ce86df89f25dd5bf27952a970748b5a212827d6d3a5fcf237866a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1563967017806152"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28266
x-xss-protection: 0
expires: Tue, 30 Jul 2019 07:34:06 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011907152257550/ Frame 4EB2 264 KB
72 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4e81d17c86282c2452bb5c896599ebf07a95f5c277dcbbb5292c6709ccf0deb9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 469190
status: 200
date: Wed, 24 Jul 2019 21:14:16 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 73152
x-xss-protection: 0
server: sffe
etag: "2fc936ce1d2a88a9"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 23 Jul 2020 21:14:16 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame 4EB2 13 KB
5 KB 16ms
10ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c4b6859d770f27ea1f0933c56b235e93c67acd2f8a6ba74659608e3831c96591

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156408
status: 200
date: Tue, 16 Jul 2019 22:20:38 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 4933
x-xss-protection: 0
server: sffe
etag: "cc7e30e629c50a82"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:38 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame 4EB2 143 KB
39 KB 15ms
9ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6ea9f4eb20123baf3a45b682a96b511a5e00bcadb4e6f01b6df892993750dbe3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156431
status: 200
date: Tue, 16 Jul 2019 22:20:15 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 39866
x-xss-protection: 0
server: sffe
etag: "ff7d3066921af2b0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:15 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame 4EB2 4 KB
1 KB 14ms
9ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f65a5163f65db06a6da4f9e0df34e8039f9dddbc71c514c78c5ef94a8a8a418f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156427
status: 200
date: Tue, 16 Jul 2019 22:20:19 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1469
x-xss-protection: 0
server: sffe
etag: "b4f3648926108a92"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:19 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame 4EB2 42 KB
13 KB 14ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f6688cfa3f8e278cf30958e738af35ed967d4d9b47f8f8dc363f922a04b8022

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156429
status: 200
date: Tue, 16 Jul 2019 22:20:17 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 13586
x-xss-protection: 0
server: sffe
etag: "e4f63fbb021b9939"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:17 GMT

GET
DATA 200
OK truncated
/ Frame 4EB2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 170c5ec3cac3fd68c6dda515e33d270ead0f315508c61eab348ba0671e3e2778

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 8182667151366882520
tpc.googlesyndication.com/simgad/ Frame BC81 72 KB
72 KB 17ms
7ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8182667151366882520?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlCC8aMjTKifEZD1uZHTP6VLLC9hg

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6726aef5bec70350f740724ab4eb4bfebe446b50fe7fed6afdbb43a6365ed6fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 00:26:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 Jun 2019 23:20:46 GMT
server: sffe
age: 25673
content-type: image/jpeg
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 73484
x-xss-protection: 0
expires: Wed, 29 Jul 2020 00:26:13 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BC81 2 KB
3 KB 14ms
4ms Image
image/png 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Mon, 29 Jul 2019 20:15:36 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 40710
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 2502
x-xss-protection: 0
expires: Tue, 30 Jul 2019 20:15:36 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BC81 295 B
409 B 12ms
5ms Image
image/png 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 03:58:17 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 12949
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 295
x-xss-protection: 0
expires: Wed, 31 Jul 2019 03:58:17 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BC81 0
0 13ms
13ms Image
text/html 2a00:1450:4001:809::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBK-t6Z0hNjI9ab7MZr98y3_vH2Cqm6JkXaVUeX7yFRUsdOud2QVZyrxz5LcyqWBib6nce5V160EyBZH7swSwu3fzgvQ
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

GET
H2

200

B21469107.249674974;dc_pre=CNn76MSQ3OMCFQon4AodBWkEsw;dc_trk_aid=445853819;dc_trk_cid=103966409;ord=2631460523;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/ Frame BC81
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B21469107.249674974;dc_trk_aid=445853819;dc_trk_cid=103966409;ord=2631460523;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B21469107.249674974;dc_pre=CNn76MSQ3OMCFQon4AodBWkEsw;dc_trk_aid=445853819;dc_trk_cid=103966409;ord=2631460523;dc_lat=;dc_rdid=;tag...

42 B
120 B

46ms
46ms

Image
image/gif

172.217.22.70
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B21469107.249674974;dc_pre=CNn76MSQ3OMCFQon4AodBWkEsw;dc_trk_aid=445853819;dc_trk_cid=103966409;ord=2631460523;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.70 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f70.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2019 07:34:06 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Jul 2019 07:34:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B21469107.249674974;dc_pre=CNn76MSQ3OMCFQon4AodBWkEsw;dc_trk_aid=445853819;dc_trk_cid=103966409;ord=2631460523;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BC81 0
0 36ms
36ms Image
text/html 172.217.23.162
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CghxH7fI_XdXhL9nC7gPmhabID4GAw9tX-Kzj7bsJ9eXlu48OEAEg2tfFOWCRhJ-FjBigAe_1jtsDyAEC4AIAqAMByAMIqgSqAk_QDLfni4o1TnRwpNOdvasA0rozZP029xrhAvxXDiLIzwR70MZzG3hgVE4d0Zf22MrISm5YFEtMwKhbSnSxA0XB9l_6NSj3iE72xG44082yyo_FWzBY1AU2L64BnUwu7kr6Nn9ypgCCGzKhZVjJLy-ESqRoLxmyZq0c8rnSTGD27HwT9Tq4V2uQoWVYw54uj9WYKpDKX4MJ7nbRzAbrZTb92jate_9yivliF8FV4nwRZEmBoiKxilnBCbAZ1R7rNACnj2uofeQeBIGfPuHiQh9UznaU_rfHno3SaHukzh7k2pCFIW-WUdofxUDAyWVD8gjaN-y8UPUGMiQeAlKIDvH8k8BcaXlC6TgrSXume2VQslRuzi5POLThTPVvsKH-siYw84hf88i9YIPABLLG2c2RAuAEAZIFBAgEGAGSBQQIBRgEoAYCgAeetpspqAeOzhuoB9XJG6gHwdMbqAeF1BuoB4HUG6gHgtQbqAeG1BuoB4TUG6gHk9gbqAfg0xuoB7oGqAfZyxuoB8_MG6gHpr4b2AcB8gcFEMbxnAHSCAkIgOGAEBABGA3yCBthZHgtc3Vic3luLTE3NDIyNDk2MDMyODkwODOACgPYEwo&sigh=VS5RpGeRLIU&tpd=AGWhJmsLW4wPhxHDWocFMKFMk720nYyJwx1SBl3gJiZmpQTjNw
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

GET
H2 200 10522670064667738121
tpc.googlesyndication.com/daca_images/simgad/ Frame 31F4 8 KB
8 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10522670064667738121?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIrAIQnQEYASABLQAAAD8wrAI4nQFFAACAPw&rs=AOga4qnthKfqM_5h3qcYul0eKskK2-tE0w

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5e801f2c4db8eb0c94de838e6637ec3d441aca3db8e9814327fc29dca830b29f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 23 Jul 2019 14:02:53 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Sep 2018 23:12:15 GMT
server: sffe
age: 581473
content-type: image/jpeg
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7990
x-xss-protection: 0
expires: Tue, 30 Jul 2019 14:02:53 GMT

GET
H2 200 13975253109379185289
tpc.googlesyndication.com/daca_images/simgad/ Frame 31F4 7 KB
8 KB 6ms
6ms Image
image/png 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13975253109379185289?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qm_KUhx1lzAXUQvNYsak9pQtbE7Rg

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ec410c7bbd9894ba40ac75e4cfb61c737d6cf3f2c7658d3d7e512f49438fce40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Thu, 25 Jul 2019 09:19:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Feb 2018 23:12:57 GMT
server: sffe
age: 425687
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7606
x-xss-protection: 0
expires: Thu, 01 Aug 2019 09:19:19 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 31F4 0
0 36ms
36ms Image
text/html 172.217.23.162
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CsxnM7fI_XY3jL9nC7gPmhabID7XMjshXis6Ry-8Ir-b0_QgQASDa18U5YJGEn4WMGKAB9tnCogPIAQbgAgCoAwHIAwqqBKwCT9Dt-a_sSnFGN-X6nAo7glZVwkT3guKKs6PmfdCZFuk3_5ennd726nadnFf0F-VS5pZbx0YbBJJI7gWH6X6pZlU3Is7bkKr2-ujbZiT2svncFBWlkjOdlm68LWNtC-fGPZmiTl-tbigBHgtrQ0KHDAm9qGl-p1gCRWJOmsnrdW9FK4oUjiRyGe6S6OQk7lkxzDhUQE3BPcjJOaoR_LO1kmmrm7qBwGApq9e6rrqS5jBcd7cYgNuUu1xMuqcyeOnI6ZF3I5k3CW0KSGlZSlQVscIuHBI8vvxvDGC7uK4GKoT2Jx6yUP8yazN8ZYugJ51xTwYJQ2YNVo5Z9bAF5LT8zRKCfuVO93AYof_xYgDDhczuXBvVKnaw5rLwvmNJKJOsW7q_GuTRAR6b9cjFwASy8rijggLgBAGSBQQIBBgBkgUECAUYBKAGN4AH8qW9XagHjs4bqAfVyRuoB8HTG6gHhdQbqAeB1BuoB4LUG6gHhtQbqAeE1BuoB5PYG6gH4NMbqAe6BqgH2csbqAfPzBuoB6a-G9gHAfIHBBDi6yvSCAkIgOGAEBABGA3yCBthZHgtc3Vic3luLTE3NDIyNDk2MDMyODkwODOACgPYEwKIFAE&sigh=JVHpEzFkNvo&template_id=492&tpd=AGWhJmsU10TEqFCycAHWeVFHlfOLv4yMWkYDYxgxRzn9NJ1P9Q
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

GET
H2 204 l
www.google.com/ads/measurement/ Frame 31F4 0
0 13ms
13ms Image
text/html 2a00:1450:4001:809::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQcX8wxjmLIc8peyclM97zRO3lvGUXi4m7YkVEdToBDfKC1GIHAxtQldamqM2o1nQ9mpxwQBN4Lj9nfP5DrtQ7C4g83NQ
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 31F4 2 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Mon, 29 Jul 2019 20:15:36 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 40710
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 2502
x-xss-protection: 0
expires: Tue, 30 Jul 2019 20:15:36 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 31F4 295 B
363 B 6ms
6ms Image
image/png 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 03:58:17 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 12949
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 295
x-xss-protection: 0
expires: Wed, 31 Jul 2019 03:58:17 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8780547454895469989/ Frame 25F7 17 KB
17 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8780547454895469989/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIrAIQnQEYASABLQAAAD8wrAI4nQFFAACAPw&rs=AOga4qm20iFyzHNXdHF_Kk1dPxWpaVWMJA

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

238ef2f3b6b0d96e1aea837ffee915e51b52f62d883ca664a5dba32f2b82c1f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 18:02:06 GMT
x-content-type-options: nosniff
last-modified: Fri, 22 Feb 2019 17:15:40 GMT
server: sffe
age: 135120
content-type: image/jpeg
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 17499
x-xss-protection: 0
expires: Mon, 27 Jul 2020 18:02:06 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14106133660832875984/ Frame 25F7 17 KB
17 KB 9ms
8ms Image
image/png 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14106133660832875984/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qlDcsZyD4922SDzZ1pNjPC-tlcCYw

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

776361c247e87c9420e4c1e38d726a1bc4ad9c5863e473bc78ff304f409e70b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Wed, 19 Jun 2019 17:43:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 18 Feb 2019 14:35:54 GMT
server: sffe
age: 3505847
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 16924
x-xss-protection: 0
expires: Thu, 18 Jun 2020 17:43:19 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 25F7 0
0 35ms
34ms Image
text/html 172.217.23.162
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cv-UN7fI_Xb_kL9nC7gPmhabID8io8s1Up7qfxoUJwI23ARABINrXxTlgkYSfhYwYoAGPlLOXA8gBBuACAKgDAcgDCqoEqAJP0F5LgGB0I_6GK5JXrz-sonlXjzQWa7HvOW4o0l61UwCu8nw9nMMunIKgyCvZcVoEtgZoZbfIY2bkCxdcXqko69eM0QFAWTpepCxZFRBGkVoKjoAQipKUeXBBdZSE99WvIitJO9NkrQ99nMvnycWz3RgnxNJdZ0yAkyQqWZwfwUfd4Qs_CoxZrsALNDjXZZO7HWl2C8BkeYxlYjsKtN5wmXRA84xVd_UhF-1uGCnb-p_POPVS5GxRSbPV9uFQZszbz0dPPTLijxKCBvzs2y3HZKjkR3Dv4H43GajbsOkNbn6WMQWo9EZP9e2P3G2IScnrRwKHJugL5f-6aaghz07XS8b5zR2tyCsljN563gVmkvMQEUGyMKf4ZqAc76WfnfGvh6BMX_v_isAEqKOt1OkB4AQBkgUECAQYAZIFBAgFGASgBjeAB9nrzGioB47OG6gH1ckbqAfB0xuoB4XUG6gHgdQbqAeC1BuoB4bUG6gHhNQbqAeT2BuoB-DTG6gHugaoB9nLG6gHz8wbqAemvhvYBwHyBwQQisMM0ggJCIDhgBAQARgN8ggbYWR4LXN1YnN5bi0xNzQyMjQ5NjAzMjg5MDgzgAoD2BMMiBQB&sigh=94sfEzqUlUk&template_id=492&tpd=AGWhJmvklB6sLclMEM64ixZMfuhyMX_AhuwFfrrwrz395zytvg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 25F7 2 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Mon, 29 Jul 2019 20:15:36 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 40710
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 2502
x-xss-protection: 0
expires: Tue, 30 Jul 2019 20:15:36 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 25F7 295 B
363 B 6ms
5ms Image
image/png 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 03:58:17 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 12949
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 295
x-xss-protection: 0
expires: Wed, 31 Jul 2019 03:58:17 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D225 2 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Mon, 29 Jul 2019 20:15:36 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 40710
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 2502
x-xss-protection: 0
expires: Tue, 30 Jul 2019 20:15:36 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D225 295 B
364 B 6ms
6ms Image
image/png 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 03:58:17 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 12949
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 295
x-xss-protection: 0
expires: Wed, 31 Jul 2019 03:58:17 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D225 0
0 35ms
34ms Image
text/html 172.217.23.162
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ClVKY7fI_Xe7lL9nC7gPmhabID6HuspxVl-iDw-MJv-EeEAEg2tfFOWCRhJ-FjBigAcKQ5_4DyAEJqQK7pveXerGyPuACAKgDAcgDCKoEpwJP0JtsuPDvJx8B5dqoyke6gSmApe41p-NYIT3XnYetT45Sk5khs1YJjZ_CazIodELc-k3lRIXOgo0M-MowOe3PYH72GsBH5V1iBlKZ5o0U0pMt7IeHFCijYwSH6YZEEtl7VKE3tpie82UUuceR4s8_j0y7JyO_sb7X67817mzkXvsX7J-g1-chz36C7E0D9FCf-Yy7c-UAXnITdYKezOYWLFe_kYitUqye751HU5tT5YqX4fDz0eBEE2M9z2AIYPGKD2LiGykxjZq-pCTGR799_q1aHT6emIpAnOy7W5I4LXTVW9mqpdcMnRI0ouF-lYMLi53efWMi6neYYz1LRnGIo9fifRYQfHYqJIibYSX6ZfFIlohAGbiwz4_FLUAEZzmWsTbwWzN14AQBoAYugAem75gBqAeOzhuoB9XJG6gHwdMbqAeF1BuoB4HUG6gHgtQbqAeG1BuoB4TUG6gHk9gbqAfg0xuoB7oGqAfZyxuoB8_MG6gHpr4b2AcA8gcEEOCjJ9IICQiA4YAQEAEYDfIIG2FkeC1zdWJzeW4tMTc0MjI0OTYwMzI4OTA4M4AKA9gTAw&sigh=NHPWpJX1Bf4&template_id=419&tpd=AGWhJmu6kYN7ZZrz6qq5knXNKwbZuoHPMO7jiIqBHrpepQsDcw
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

GET
H2 200 6aa1c930427f74f06116b82155096171.svg
tpc.googlesyndication.com/sadbundle/2030327263307847427/images/ Frame D225 4 KB
1 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/2030327263307847427/images/6aa1c930427f74f06116b82155096171.svg

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9bbb93becfaf11618f6b5e7e57065b2cee934f292f148084164c96384d57400c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Mon, 29 Jul 2019 09:24:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79757
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1398
x-xss-protection: 0
last-modified: Fri, 03 May 2019 06:41:14 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jul 2020 09:24:49 GMT

GET
H2 200 0649dcc84eaee9589a6f1938750fc253.svg
tpc.googlesyndication.com/sadbundle/2030327263307847427/images/ Frame D225 75 KB
9 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/2030327263307847427/images/0649dcc84eaee9589a6f1938750fc253.svg

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7a8b34dc28ce0a145c66185626a442a1bb4211798f9189cd6d2d03968fb597ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Mon, 29 Jul 2019 09:24:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79757
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 9170
x-xss-protection: 0
last-modified: Fri, 03 May 2019 06:41:14 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jul 2020 09:24:49 GMT

GET
H2 200 10974894534753781211
tpc.googlesyndication.com/simgad/ Frame 4EB2 22 KB
22 KB 12ms
6ms Image
image/png 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10974894534753781211?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qktsQlHV5Sn-DUBOfft8vztQGjJjg

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9284fed2a0945fc8aeaeb05ed3859c3a8ccff16532a464c184798c3af52511dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Wed, 26 Jun 2019 18:11:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Nov 2016 02:14:10 GMT
server: sffe
age: 2899337
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 22585
x-xss-protection: 0
expires: Thu, 25 Jun 2020 18:11:49 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4EB2 2 KB
3 KB 10ms
5ms Image
image/png 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Mon, 29 Jul 2019 20:15:36 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 40710
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 2502
x-xss-protection: 0
expires: Tue, 30 Jul 2019 20:15:36 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4EB2 295 B
363 B 11ms
5ms Image
image/png 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 03:58:17 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 12949
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 295
x-xss-protection: 0
expires: Wed, 31 Jul 2019 03:58:17 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4EB2 0
0 33ms
33ms Image
text/html 172.217.23.162
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cf_d27fI_XYvnL9nC7gPmhabID6icwrBV2pmH--kH5tCGyJMMEAEgx4P8AWCRhJ-FjBigAa73mdIDyAECqQKNFsmHWXqpPuACAKgDAcgDCKoEugJP0BhYOdd6dHqaCAAEyD_ys9wHBjLy4rjauwg66gLmo7MCwnwlE-D2-CMiPnA7NCa985S334S8eK41QDZQmBoW-AuI3HlAg62OS5TdxQX6ceVbx6bBGQv1qRDKNZWW3otgvQVxz84FEogiyG1LNVMAJcekMu6jw7v7QfAPSQS5Z1VQImgNG8GOXrY_WQSbLvaAsbw734Mex6kjjtHBPLOK2QQOM-PAq60qxJQfCi8FYvxNhO5w8nTdgFL-SIrdCN_I1al5r0p3p_rCQOVp9OFBMAA1JiL_uBW_BPCwVmEd0ATfrSJr0PTlNmYN2M6ZbzqpUW5af3vmIdJdEyG5IF3T9FKyi051rJxmVWnxbIzXb3Yk9bCWRYKVnI3YOeykBaX4JldxXqHpAtKdpQcO_66x80QJdwpA4hkeV8AEm7qL0IAC4AQBkgUECAQYAZIFBAgFGASgBgKAB7qI5i2oB47OG6gH1ckbqAfB0xuoB4XUG6gHgdQbqAeC1BuoB4bUG6gHhNQbqAeT2BuoB-DTG6gHugaoB9nLG6gHz8wbqAemvhvYBwHyBwQQgf0H0ggJCIDhgBAQARgNgAoB2BMM&sigh=DqvYeB1ChHk&tpd=AGWhJmvG12vtuZ9laIWXGpP_dPh11amxLh0knbtdpNKO7tc_8w
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 31F4 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin: https://www.bleepingcomputer.com

Response headers

date: Wed, 24 Jul 2019 01:25:10 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 540536
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Thu, 23 Jul 2020 01:25:10 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 31F4 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin: https://www.bleepingcomputer.com

Response headers

date: Wed, 24 Jul 2019 01:25:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 540494
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11056
x-xss-protection: 0
expires: Thu, 23 Jul 2020 01:25:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 25F7 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin: https://www.bleepingcomputer.com

Response headers

date: Wed, 24 Jul 2019 01:25:10 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 540536
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Thu, 23 Jul 2020 01:25:10 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 25F7 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin: https://www.bleepingcomputer.com

Response headers

date: Wed, 24 Jul 2019 01:25:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 540494
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11056
x-xss-protection: 0
expires: Thu, 23 Jul 2020 01:25:52 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 31F4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
39ms

Image
text/html

2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Redirect headers

date: Tue, 30 Jul 2019 07:34:06 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 246
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 25F7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
39ms

Image
text/html

2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Redirect headers

date: Tue, 30 Jul 2019 07:34:06 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 246
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame BC81
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

40ms
40ms

Image
text/html

2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Redirect headers

date: Tue, 30 Jul 2019 07:34:06 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 246
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 4EB2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

40ms
38ms

Image
text/html

2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Redirect headers

date: Tue, 30 Jul 2019 07:34:06 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 246
x-xss-protection: 0

POST
H2 200 /
www.facebook.com/tr/ Frame 05FF 0
0 6ms
5ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 5223
pragma: no-cache
cache-control: no-cache
origin: https://www.bleepingcomputer.com
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
accept-encoding: gzip, deflate, br
Origin: https://www.bleepingcomputer.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
server: proxygen-bolt
date: Tue, 30 Jul 2019 07:34:06 GMT

GET
H2 200 et_v1.0.1474-0-g168d541.js Show response
video.unrulymedia.com/native/ Frame A7D6 3 KB
2 KB 3137ms
53ms Script
application/javascript 13.32.145.147
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/et_v1.0.1474-0-g168d541.js
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.145.147 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-145-147.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee210e725e00ee2955ed72f7992280e2d666307f34a74b6414f436a8278c05fe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

date: Tue, 23 Jul 2019 10:53:28 GMT
content-encoding: gzip
age: 592842
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
via: 1.1 94d63cbf92082237b86267ffd4cacc64.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Wed, 22 Jul 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Tue, 23 Jul 2019 10:42:50 GMT
server: AmazonS3
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: max-age=63072000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56
x-amz-cf-id: oMYDVx3DDLd2qx79NWlLy_OgwAO-GZMIyb2myWcjt5z0nHLE4OBZgg==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame A7D6 85 KB
30 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

date: Tue, 09 Jul 2019 05:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1820614
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jul 2020 05:50:32 GMT

GET
H/1.1 200
OK blank.gif
stats3.unrulymedia.com/ Frame 14D2 43 B
568 B 3198ms
32ms Image
image/gif 34.245.32.91
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats3.unrulymedia.com/blank.gif?t=pp_tag_imp&app=native&pid=1101818&id=259626805&d=1564472046596&in_iframe=true&h=v1.0.1474-0-g168d541&compat=BackCompat&pageLoadId=430926963&supplyMode=direct&unr.site.env=html&ts=2019-07-30T07%253A34%253A06.596-%252B02%253A00
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 34.245.32.91 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-245-32-91.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Tue, 30 Jul 2019 07:34:09 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.4.2
X-Unruly-Server: stats3n-eu-052.unrulymedia.com
P3P: CP="CUR IVDo OUR IND"
Cache-Control: no-store,no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
DATA 200
OK truncated
/ Frame 14D2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1ab3e3c98db306c39e93b14624964ccd429f98e74b94270a44d48499bf93b9c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK c Show response
c.pub.network/ 36 B
527 B 2498ms
114ms XHR
text/plain 35.226.36.58
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: 37dcbfb212154d6404a1cd3505af3f82760e3f93aeca968f82a2f164131bf333

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 30 Jul 2019 07:34:09 GMT
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET av
connatix-d.openx.net/v/1.0/ Frame A5B4 0
0

POST prebid
ib.adnxs.com/ut/v3/ 0
0

POST
H2 200 v2 Show response
i.connectad.io/api/ 97 B
393 B 362ms
362ms XHR
application/json 2606:4700:10::6814:8428
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:8428 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fdd50e4ff0e93fbb9a548cc8abfd507a2dbaa8dde24c10979c22b33b3651321

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Jul 2019 07:34:07 GMT
content-encoding: gzip
content-type: application/json
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 4fe5a5f4dc85c2ef-FRA
alt-svc: clear
via: 1.1 google

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

OPTIONS v1
dmx.districtm.io/b/ 0
0

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 194 B
384 B 21ms
21ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: ca241ad74ce2aa30f97af61a0c9dba5f18f0f32bc673571f602a151a1b73b973

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Jul 2019 07:34:06 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 194
expires: 0

GET imp
g2.gumgum.com/hbid/ 0
0

GET arj
freestar-d.openx.net/w/1.0/ 0
0

POST prebid_display
display.bfmio.com/ 0
0

POST hb
ssc.33across.com/api/v1/ 0
0

POST prebid
ib.adnxs.com/ut/v3/ 0
0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
10 KB 398ms
397ms XHR
text/javascript 172.217.23.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

685203db849acf0776e5b1b9d2ecc0e69e903f0d1a932534d35c72ccf14b4740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

date: Tue, 30 Jul 2019 07:34:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10432
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK c Show response
c.pub.network/ 36 B
527 B 2115ms
114ms XHR
text/plain 35.226.36.58
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: 8fa136132a4904c56f6c7a2192fc7c2342b7b78ecbfa6955db3afd21b3a57ced

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 30 Jul 2019 07:34:09 GMT
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011907152257550/ Frame 7328 264 KB
72 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4e81d17c86282c2452bb5c896599ebf07a95f5c277dcbbb5292c6709ccf0deb9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 688687
status: 200
date: Mon, 22 Jul 2019 08:16:00 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 73152
x-xss-protection: 0
server: sffe
etag: "2fc936ce1d2a88a9"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Tue, 21 Jul 2020 08:16:00 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame 7328 13 KB
5 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c4b6859d770f27ea1f0933c56b235e93c67acd2f8a6ba74659608e3831c96591

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156409
status: 200
date: Tue, 16 Jul 2019 22:20:38 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 4933
x-xss-protection: 0
server: sffe
etag: "cc7e30e629c50a82"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:38 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame 7328 143 KB
39 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6ea9f4eb20123baf3a45b682a96b511a5e00bcadb4e6f01b6df892993750dbe3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156432
status: 200
date: Tue, 16 Jul 2019 22:20:15 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 39866
x-xss-protection: 0
server: sffe
etag: "ff7d3066921af2b0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:15 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame 7328 4 KB
2 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f65a5163f65db06a6da4f9e0df34e8039f9dddbc71c514c78c5ef94a8a8a418f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156415
status: 200
date: Tue, 16 Jul 2019 22:20:32 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1469
x-xss-protection: 0
server: sffe
etag: "b4f3648926108a92"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:32 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/011907152257550/v0/ Frame 7328 42 KB
13 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011907152257550/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8f6688cfa3f8e278cf30958e738af35ed967d4d9b47f8f8dc363f922a04b8022

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 1156430
status: 200
date: Tue, 16 Jul 2019 22:20:17 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 13586
x-xss-protection: 0
server: sffe
etag: "e4f63fbb021b9939"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 15 Jul 2020 22:20:17 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7328 2 KB
3 KB 16ms
0ms Image
image/png 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Mon, 29 Jul 2019 20:15:36 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 40711
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 2502
x-xss-protection: 0
expires: Tue, 30 Jul 2019 20:15:36 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7328 295 B
369 B 24ms
5ms Image
image/png 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019072601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 03:58:17 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 12950
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 295
x-xss-protection: 0
expires: Wed, 31 Jul 2019 03:58:17 GMT

GET
DATA 200
OK truncated
/ Frame 7328 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 986b47a25b7424eeec6171e98adcf76cc2787e8d68a114c203092ecb35ff8d5e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 8124215049869959943
tpc.googlesyndication.com/simgad/ Frame 7328 61 KB
61 KB 16ms
7ms Image
image/gif 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8124215049869959943

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

19283cb6fa9e5a044248afeb6114aa886ae422c62aa060e2dbfe70b1437b8499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 05:30:07 GMT
x-content-type-options: nosniff
age: 3981840
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 62808
x-xss-protection: 0
last-modified: Thu, 05 Apr 2018 11:07:19 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jun 2020 05:30:07 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7328 0
0 22ms
13ms Image
text/html 2a00:1450:4001:809::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSx_qfgCoWSXdfB0rkKgN0jnrqxS8SNOM7vOmN1HWWC49GP2sMXhCQ2hLk4KvmFbowwCCzUK05siFEYdrBI-0hAVd-0lQ
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7328 0
0 36ms
35ms Image
text/html 172.217.23.162
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cbayp7vI_XYLAPNPB7gOK9YO4DuvahLRN-MTAsZgJivz8ytkNEAEg2tfFOWCRhJ-FjBigAauQ8-wDyAED4AIAqAMByAMIqgSqAk_QIWhzoSFc1qqr5QK6OSMrat645HiMm2ivr1nqvDMgyN_T917T2c29XeieBAZLccDdVyipZDMF2__Kl3OJ2lo-UVa9My3VdnLlyCf9Pu8N7Qg6ONioKzDu4jqxivtkKqrdWQ2SqOd_W1Md0vIZiz7v9gL9lmxXQCAHSPePjvIRSf7Z61cMzwkj5zqRNClru_1tjm3ZWl0r0seggV8td9mAq8WVUCj3_eMykn3hKcnrbUoKrwt9xIl11-4ap7rIqCHagIfsriijudZur9rG5M6UCX9mosvss7_tntmR2j3ej8Au1QSStRiKANLvIqkAB1a-vMRa_7GxMCibhOWEjcHX2nFKr1DLjjpGDZabIcwAAMVCHsUcAk2VeCidavjo1Ohggkx_TyC9oWnABP_HmbZI4AQBkgUECAQYAZIFBAgFGASgBgOAB73vjBOoB47OG6gH1ckbqAfB0xuoB4XUG6gHgdQbqAeC1BuoB4bUG6gHhNQbqAeT2BuoB-DTG6gHugaoB9nLG6gHz8wbqAemvhvYBwHyBwQQ2vRE0ggJCIDhgBAQARgN8ggbYWR4LXN1YnN5bi0xNzQyMjQ5NjAzMjg5MDgzgAoD2BMC&sigh=fuOLLQIun7I&tpd=AGWhJmt6KPJkJLHnH3wViQ1tLLiV7YcO9hDGQQTAQZbkajeF5A
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/prebid/201907111452/ 27 KB
11 KB 25ms
25ms Script
application/javascript 151.101.113.194
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/prebid/201907111452/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/dvS98IKwDukcG6gPDYBBcCk9sKY/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 093e652297b69857db5c1255537f54ce10075c66214f6c1545f9c49a923f779e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Tue, 30 Jul 2019 07:34:07 GMT
Content-Encoding: gzip
Age: 344
X-Cache: HIT
Connection: keep-alive
Content-Length: 10258
x-amz-id-2: k7SPFO3syyo2tG0EJkFvk5HnYXqj21N3hQ1qxHBHwTcNg6cYC3La089xIZwFVX3ICQqwT8gTLAE=
X-Served-By: cache-hhn4075-HHN
Last-Modified: Thu, 11 Jul 2019 19:41:51 GMT
Server: AmazonS3
X-Timer: S1564472048.589282,VS0,VE0
ETag: "60a75141b2057bc2a378286742d0cef0"
x-amz-request-id: 00C2C4F4D9EBEBAA
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 62

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 31F4 42 B
110 B 34ms
33ms Image
image/gif 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsue3oeJMVVWLQ4n6Jk4p-G9Uv7AbhZeKZs2FhkzveJLNs076WeQVEUr0824yBdFCWyhWEWLyfRyGAN7zRZjD7wfWX3Ru3A7Gk6L2wHtcIsTyhxfYdejgJj8B5b6ARTvVnDcyGRJsVvNRYyd&sai=AMfl-YRQIMPS1HIa1QNwAws7U9ERR4_iZVtswLFh2yTwv6dn0pAMMygwGMIqh3pDwvROV9i3vHUk63uyFD1m19ZtFpW8sPMgCHsItWL2hUlr9hiN7cqXUy83ckVpEUg&sig=Cg0ArKJSzC76DZ-YA6_pEAE&cid=CAASF-RohiW4UeGOCcO72oLc2-86KOoTaya9&id=ampim&o=1082,327&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=229&tls=1230&g=100&h=100&pt=354&tt=1230&rpt=354&rst=1564472046293&r=v&adk=771041174&avms=ampa

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2019 07:34:07 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK c Show response
c.pub.network/ 36 B
527 B 1725ms
114ms XHR
text/plain 35.226.36.58
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: e20160fa121107856236580b0562a41f8e95cfe360ac218aeb32ee97b8c8e07e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 30 Jul 2019 07:34:09 GMT
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7328 42 B
110 B 33ms
31ms Image
image/gif 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGyB8OfSsC22Id_vtyuL8Ev-199J0GYJ76c6T5AzCY0QebaoMzIhd6iQaMXlqMREjTWgnuYinCzKK4a_WqhsLIzkYFuTWajkZVArUXcWOj3b9cEUR7tA&sai=AMfl-YSWXGEZNFYqnQ8Odppve8Z_nQ90Kue_kA_bAD-cujUOZMWsQB_XMy8Qj0C-DPJCDm6zpqyhUDOEj-mfMidD-y-yRB2y5WffC1eFKxwa0o7sGjwRJPvC-EH-KQo&sig=Cg0ArKJSzHr8_GWi35NOEAE&cid=CAASF-RogiKvusYTs8P6gzCHZGCR8ox3xtRk&id=ampim&o=315,1110&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=47&tls=1047&g=100&h=100&pt=89&tt=1047&rpt=89&rst=1564472047351&r=v&adk=3056404191&avms=ampa

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2019 07:34:08 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

302

av Show response
connatix-d.openx.net/v/1.0/ Frame A5B4
Redirect Chain

https://connatix-d.openx.net/v/1.0/av?auid=540193949&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&cb=58c030f4f71f6e8...
https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193949&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&cb=58c030f4f7...

0
-1 B

58ms
22ms

XHR

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193949&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&cb=58c030f4f71f6e8f017e1564472048633&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.147.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 30 Jul 2019 07:34:08 GMT
via: 1.1 google
server: OXGW/16.147.4
access-control-allow-origin: https://www.bleepingcomputer.com
location: https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193949&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&cb=58c030f4f71f6e8f017e1564472048633&vwd=834&vht=470&gdpr=1&gdpr_consent=0
p3p: CP="CUR ADM OUR NOR STA NID"
status: 302
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

Redirect headers

date: Tue, 30 Jul 2019 07:34:08 GMT
via: 1.1 google
server: OXGW/16.147.4
status: 302
location: https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193949&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&cb=58c030f4f71f6e8f017e1564472048633&vwd=834&vht=470&gdpr=1&gdpr_consent=0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2

302

pixel Show response
cm.g.doubleclick.net/ Frame A5B4
Redirect Chain

https://connatix-d.openx.net/v/1.0/av?cc=1&auid=540193949&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&cb=58c030f4f7...
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

0
-1 B

34ms
34ms

XHR
text/xml

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.147.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jul 2019 07:34:08 GMT
via: 1.1 google
server: OXGW/16.147.4
access-control-allow-origin: https://www.bleepingcomputer.com
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
p3p: CP="CUR ADM OUR NOR STA NID", CP="CUR ADM OUR NOR STA NID"
status: 302
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Jul 2019 07:34:08 GMT
via: 1.1 google
server: OXGW/16.147.4
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
p3p: CP="CUR ADM OUR NOR STA NID", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET

sd
us-u.openx.net/w/1.0/ Frame A5B4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJFpa6tkiLkXeEPfv7Gvkkc&google_cver=1

0
0

GET
H2 200 native_v1.0.1474-0-g168d541.js Show response
video.unrulymedia.com/native/ Frame A7D6 55 KB
16 KB 36ms
36ms Script
application/javascript 13.32.145.147
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/native_v1.0.1474-0-g168d541.js
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native-loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.145.147 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-145-147.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 07b941f642e950c24af740351192105cb27751806903b77bf0382f4841cf607e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

date: Tue, 23 Jul 2019 10:53:30 GMT
content-encoding: gzip
age: 592840
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
via: 1.1 94d63cbf92082237b86267ffd4cacc64.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Wed, 22 Jul 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Tue, 23 Jul 2019 10:42:48 GMT
server: AmazonS3
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: max-age=63072000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56
x-amz-cf-id: cdxX_QKc68ukJFSm8KMBUL_H7nuyjzQri1dr4gGGiYuwa0jOJo6--A==

GET
H2 200 skin-1101818.json Show response
video.unrulymedia.com/native/skins/ Frame A7D6 347 B
941 B 27ms
27ms XHR
application/json 13.32.145.147
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/skins/skin-1101818.json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.145.147 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-145-147.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ffd88402bd7da213453634115d1872431f2ff6132e2a7c6aa38644606b3de809

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 05 May 2019 07:02:13 GMT
via: 1.1 94d63cbf92082237b86267ffd4cacc64.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 1899
x-cache: Hit from cloudfront
status: 200
content-length: 347
x-amz-expiration: expiry-date="Sat, 02 May 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Fri, 03 May 2019 20:45:43 GMT
server: AmazonS3
etag: "09362ea19ef8bf59029394bda9399b2f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: max-age=3600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56
accept-ranges: bytes
x-amz-cf-id: XrcBi0hp0LgxkYN_XVxqRC7i6Qy4qenUnjD1IjTGa-r10eMwT2Y9wg==

GET
H2 200 third-party-iframes.html
video.unrulymedia.com/iframes/ Frame 8597 0
0 27ms
26ms Document
text/html 13.32.145.147
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/iframes/third-party-iframes.html?h=v1.0.1474-0-g168d541&siteId=1101818
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/201907111452/wrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.145.147 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-145-147.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: video.unrulymedia.com
:scheme: https
:path: /iframes/third-party-iframes.html?h=v1.0.1474-0-g168d541&siteId=1101818
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

status: 200
content-type: text/html
content-length: 466
date: Tue, 30 Jul 2019 07:02:15 GMT
last-modified: Mon, 29 Jul 2019 16:04:26 GMT
x-amz-expiration: expiry-date="Tue, 28 Jul 2026 00:00:00 GMT", rule-id="Delete after 7 years"
etag: "d2f8954ed14c305a2737b85ad225ef52"
cache-control: max-age=600
accept-ranges: bytes
server: AmazonS3
age: 233
x-cache: Hit from cloudfront
via: 1.1 5d4ff22febf83d261f03aa068f5bdc04.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56
x-amz-cf-id: cqSS2jFZqud-99LtaV-5uKWjxbg7m42AtgSjyR-ffELzL95M_7DePw==

GET
H2 200 chunk-vendors~populatePlacement-465c44968aea1f318a35.js Show response
video.unrulymedia.com/native/chunks/ Frame A7D6 111 KB
30 KB 37ms
37ms Script
application/javascript 13.32.145.147
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/chunks/chunk-vendors~populatePlacement-465c44968aea1f318a35.js
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native_v1.0.1474-0-g168d541.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.145.147 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-145-147.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df6180c4d7f87eef7309332e901e4d3d4619d1ceb038050ee3fdf8bedb5bf44d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

date: Thu, 13 Jun 2019 07:05:30 GMT
content-encoding: gzip
age: 4062520
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
via: 1.1 94d63cbf92082237b86267ffd4cacc64.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Thu, 11 Jun 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Wed, 12 Jun 2019 14:49:12 GMT
server: AmazonS3
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: max-age=63072000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56
x-amz-cf-id: bY5-FMjDhy1XdZmKsHuuXJUBXOdoKrA9DWa9L5MDPTOx5jN0ZyH6vA==

GET
H2 200 chunk-populatePlacement-537d1e3953755f8e4a41.js Show response
video.unrulymedia.com/native/chunks/ Frame A7D6 81 KB
22 KB 59ms
59ms Script
application/javascript 13.32.145.147
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://video.unrulymedia.com/native/chunks/chunk-populatePlacement-537d1e3953755f8e4a41.js
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/native_v1.0.1474-0-g168d541.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.145.147 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-145-147.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1ebf9f0cdb73ad1929e8820521c6e4a80e4fb2685950643b7effbb260819500

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

date: Tue, 23 Jul 2019 10:54:30 GMT
content-encoding: gzip
age: 592779
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
via: 1.1 94d63cbf92082237b86267ffd4cacc64.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Wed, 22 Jul 2026 00:00:00 GMT", rule-id="Delete after 7 years"
last-modified: Tue, 23 Jul 2019 10:42:52 GMT
server: AmazonS3
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: max-age=63072000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56
x-amz-cf-id: K4BF0PcEooYOrVe5Am9WVVmP9yyV9rEPjkn4gXCKo248SYYg_2GCkA==

GET
H2 200 av Show response
connatix-d.openx.net/v/1.0/ Frame A5B4 48 B
234 B 45ms
45ms XHR
text/xml 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://connatix-d.openx.net/v/1.0/av?auid=540193965&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&cb=7bebb7845f77f00166201564472049838&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1625/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.147.4 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

pragma: no-cache
date: Tue, 30 Jul 2019 07:34:09 GMT
via: 1.1 google
server: OXGW/16.147.4
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 48
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 av Show response
connatix-d.openx.net/v/1.0/ Frame A5B4 48 B
231 B 32ms
31ms XHR
text/xml 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://connatix-d.openx.net/v/1.0/av?auid=540193960&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&cb=a318461b09b1c8cd16261564472049902&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1625/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.147.4 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

pragma: no-cache
date: Tue, 30 Jul 2019 07:34:09 GMT
via: 1.1 google
server: OXGW/16.147.4
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 48
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK blank.gif
stats3.unrulymedia.com/ Frame A7D6 43 B
568 B 87ms
32ms Image
image/gif 34.245.32.91
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats3.unrulymedia.com/blank.gif?t=pp_adcall&site.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&site.domain=www.bleepingcomputer.com&placementName=bleepingcomputer.com%20-%20In-Article&adf=inarticle&imp%5B0%5D.placement=3&supplyMode=direct&app=native&pid=1101818&isMobile=false&pageLoadId=430926963&unr.site.env=html&ts=2019-07-30T07%253A34%253A09.955-%252B02%253A00&perf_consent_start=1564472049803&perf_corejs_start=1564472046595&perf_corejs_end=1564472049803&perf_skin_start=1564472049804&perf_skin_end=1564472049834&perf_adAge_start=1564472049952&id=259626805&d=1564472049956&h=v1.0.1474-0-g168d541
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 34.245.32.91 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-245-32-91.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Tue, 30 Jul 2019 07:34:10 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.4.2
X-Unruly-Server: stats3n-eu-052.unrulymedia.com
P3P: CP="CUR IVDo OUR IND"
Cache-Control: no-store,no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
H2 204 2.2 Show response
targeting.unrulymedia.com/openrtb/ Frame A7D6 0
324 B 7388ms
169ms Fetch 54.154.11.177
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/openrtb/2.2?uuid=2e4df11b-0c63-4b2b-88bf-2b5b7002021d&site.page=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&site.domain=www.bleepingcomputer.com&video_width=834&video_height=469&allowDisplay=false&imp%5B0%5D.placement=3&unr.site.env=html&h=v1.0.1474-0-g168d541
Requested by: Host: video.unrulymedia.com
URL: https://video.unrulymedia.com/native/chunks/chunk-populatePlacement-537d1e3953755f8e4a41.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.11.177 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-154-11-177.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

status: 204
date: Tue, 30 Jul 2019 07:34:17 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com
x-unruly-server: c7-unrulyx-eu-76f2.unrulymedia.com
p3p: CP="CUR IVDo OUR IND"

GET
H2 200 av Show response
connatix-d.openx.net/v/1.0/ Frame A5B4 48 B
231 B 32ms
31ms XHR
text/xml 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://connatix-d.openx.net/v/1.0/av?auid=540193964&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&cb=94b94c48008b6319e4581564472049965&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1625/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.147.4 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

pragma: no-cache
date: Tue, 30 Jul 2019 07:34:09 GMT
via: 1.1 google
server: OXGW/16.147.4
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 48
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 av Show response
connatix-d.openx.net/v/1.0/ Frame A5B4 48 B
231 B 33ms
32ms XHR
text/xml 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&cb=f7369dc81af78cde40081564472050003&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1625/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.147.4 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

pragma: no-cache
date: Tue, 30 Jul 2019 07:34:10 GMT
via: 1.1 google
server: OXGW/16.147.4
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 48
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 av Show response
connatix-d.openx.net/v/1.0/ Frame A5B4 48 B
231 B 34ms
34ms XHR
text/xml 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://connatix-d.openx.net/v/1.0/av?auid=540193947&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&cb=02b34d35c685c28bb5a91564472050042&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1625/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.147.4 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

pragma: no-cache
date: Tue, 30 Jul 2019 07:34:10 GMT
via: 1.1 google
server: OXGW/16.147.4
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 48
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 av Show response
connatix-d.openx.net/v/1.0/ Frame A5B4 48 B
231 B 44ms
44ms XHR
text/xml 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://connatix-d.openx.net/v/1.0/av?auid=540193949&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&cb=5e97c3974c69b14fe54a1564472050083&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1625/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.147.4 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

pragma: no-cache
date: Tue, 30 Jul 2019 07:34:10 GMT
via: 1.1 google
server: OXGW/16.147.4
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 48
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK c Show response
c.pub.network/ 36 B
344 B 115ms
114ms XHR
text/plain 35.226.36.58
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: e20160fa121107856236580b0562a41f8e95cfe360ac218aeb32ee97b8c8e07e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Tue, 30 Jul 2019 07:34:10 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H2 200 av Show response
connatix-d.openx.net/v/1.0/ Frame A5B4 48 B
231 B 35ms
34ms XHR
text/xml 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://connatix-d.openx.net/v/1.0/av?auid=540193965&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&cb=bd62148f618efbac8c891564472050137&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1625/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.147.4 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

pragma: no-cache
date: Tue, 30 Jul 2019 07:34:10 GMT
via: 1.1 google
server: OXGW/16.147.4
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 48
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 av Show response
connatix-d.openx.net/v/1.0/ Frame A5B4 48 B
231 B 31ms
29ms XHR
text/xml 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://connatix-d.openx.net/v/1.0/av?auid=540193960&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&cb=800682ab3441047f7efc1564472050185&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1625/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.147.4 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

pragma: no-cache
date: Tue, 30 Jul 2019 07:34:10 GMT
via: 1.1 google
server: OXGW/16.147.4
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 48
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 av Show response
connatix-d.openx.net/v/1.0/ Frame A5B4 48 B
231 B 32ms
31ms XHR
text/xml 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://connatix-d.openx.net/v/1.0/av?auid=540193964&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&cb=e3356ccb2ee3e003dff91564472050229&vwd=834&vht=470&gdpr=1&gdpr_consent=0
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1625/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.147.4 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Origin: https://www.bleepingcomputer.com

Response headers

pragma: no-cache
date: Tue, 30 Jul 2019 07:34:10 GMT
via: 1.1 google
server: OXGW/16.147.4
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 48
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 connectmyusers.php
cdn.connectad.io/ Frame D708 0
0 29ms
21ms Document
text/html 2606:4700:10::6814:8428
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:8428 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.connectad.io
:scheme: https
:path: /connectmyusers.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
accept-encoding: gzip, deflate, br
cookie: __cfduid=d2803168a0f7d20a385606c8312d3b0261564472046; uid=Ib92QvKK0AYEYl7wPbyaUQPjwm9EC89xoFggdkQ4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

status: 200
date: Tue, 30 Jul 2019 07:34:12 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: HIT
age: 6329
expires: Tue, 30 Jul 2019 15:34:12 GMT
cache-control: public, max-age=28800
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 4fe5a61a5813c2ef-FRA
content-encoding: gzip

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame F073 0
0 2354ms
23ms Document
text/html 151.101.13.108
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Fastly-Debug-Digest: e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length: 506
Accept-Ranges: bytes
Date: Tue, 30 Jul 2019 07:34:15 GMT
Age: 30923542
Connection: keep-alive
X-Served-By: cache-jfk8141-JFK, cache-fra19176-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1389064, 2922518
X-Timer: S1564472055.187828,VS0,VE0
Vary: Accept-Encoding

GET
H2

200

sync
eb2.3lift.com/ Frame 8C72
Redirect Chain

https://ib.3lift.com/sync?
https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

0
0

27ms
26ms

Document
text/html

35.157.5.82
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.5.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-5-82.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?&ld=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
accept-encoding: gzip, deflate, br
cookie: tluid=17508775206465255894
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

status: 200
date: Tue, 30 Jul 2019 07:34:16 GMT
content-type: text/html; charset=utf-8
content-length: 538
set-cookie: sync=CgoI4gEQ-7e0jsQtCgkIcxD7t7SOxC0KCgjmARD7t7SOxC0KCQgJEPu3tI7ELQoKCKkBEPu3tI7ELQoJCDoQ-7e0jsQtCgoIvQEQ-7e0jsQtCgoIjgEQ-7e0jsQtCgkIHxD7t7SOxC0KCQhfEPu3tI7ELQ==; Max-Age=7776000; Expires=Mon, 28 Oct 2019 07:34:16 GMT; Path=/sync; Domain=.3lift.com tluid=17508775206465255894; Max-Age=7776000; Expires=Mon, 28 Oct 2019 07:34:16 GMT; Path=/; Domain=.3lift.com
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

status: 302
date: Tue, 30 Jul 2019 07:34:16 GMT
content-length: 0
set-cookie: tluid=17508775206465255894; Max-Age=7776000; Expires=Mon, 28 Oct 2019 07:34:16 GMT; Path=/; Domain=.3lift.com
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 pd
u.openx.net/w/1.0/ Frame 5C33 0
0 2812ms
19ms Document
text/html 173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.149.0 /
Resource Hash

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
accept-encoding: gzip, deflate, br
cookie: i=62dde394-eb14-04cf-1e02-61ef84ab1f64|1564472048; v=1; pd=v2|1564472048|gu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

status: 200
vary: Accept
set-cookie: i=62dde394-eb14-04cf-1e02-61ef84ab1f64|1564472048; Version=1; Expires=Wed, 29-Jul-2020 07:34:15 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1564472048.7|gu.mWkifciymOgi; Version=1; Expires=Wed, 14-Aug-2019 07:34:15 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.149.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 30 Jul 2019 07:34:15 GMT
content-type: text/html
content-encoding: gzip

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 00A6 0
0 2837ms
23ms Document
text/html 104.109.78.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 25 Jul 2019 17:34:18 GMT
Content-Encoding: gzip
Content-Length: 7676
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=55011
Expires: Tue, 30 Jul 2019 22:51:06 GMT
Date: Tue, 30 Jul 2019 07:34:15 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 index.html
cdn.districtm.io/ids/ Frame BABE 0
0 130ms
100ms Document
text/html 2606:4700::6812:1bef
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1bef , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

status: 200
date: Tue, 30 Jul 2019 07:34:12 GMT
content-type: text/html
set-cookie: __cfduid=d9be359784f415fa4ffd60f2bab3e9a551564472052; expires=Wed, 29-Jul-20 07:34:12 GMT; path=/; domain=.districtm.io; HttpOnly
last-modified: Thu, 10 Jan 2019 16:50:48 GMT
cache-control: s-maxage=1209600, max-age=14400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4fe5a61a8fb563cb-FRA
content-encoding: br

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 672E 0
0 2366ms
22ms Document
text/html 151.101.13.108
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Fastly-Debug-Digest: e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length: 506
Accept-Ranges: bytes
Date: Tue, 30 Jul 2019 07:34:15 GMT
Age: 30923542
Connection: keep-alive
X-Served-By: cache-jfk8141-JFK, cache-fra19176-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1389064, 2922519
X-Timer: S1564472055.212009,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 connectmyusers.php
cdn.connectad.io/ Frame FA1E 0
0 16ms
16ms Document
text/html 2606:4700:10::6814:8428
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:8428 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.connectad.io
:scheme: https
:path: /connectmyusers.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
accept-encoding: gzip, deflate, br
cookie: __cfduid=d2803168a0f7d20a385606c8312d3b0261564472046; uid=Ib92QvKK0AYEYl7wPbyaUQPjwm9EC89xoFggdkQ4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

status: 200
date: Tue, 30 Jul 2019 07:34:12 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: HIT
age: 6329
expires: Tue, 30 Jul 2019 15:34:12 GMT
cache-control: public, max-age=28800
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 4fe5a61a5839c2ef-FRA
content-encoding: gzip

GET
H2 200 index.html
cdn.districtm.io/ids/ Frame BC98 0
0 122ms
99ms Document
text/html 2606:4700::6812:1bef
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.districtm.io/ids/index.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1bef , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

status: 200
date: Tue, 30 Jul 2019 07:34:12 GMT
content-type: text/html
set-cookie: __cfduid=d9be359784f415fa4ffd60f2bab3e9a551564472052; expires=Wed, 29-Jul-20 07:34:12 GMT; path=/; domain=.districtm.io; HttpOnly
last-modified: Thu, 10 Jan 2019 16:50:48 GMT
cache-control: s-maxage=1209600, max-age=14400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4fe5a61a8fba63cb-FRA
content-encoding: br

GET
H2 200 v2
de.tynt.com/deb/ Frame 8E26 0
0 1342ms
108ms Document
text/html 208.100.17.186
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=bBb-SI6fGr6iocaKkv7mNO
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.186 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip186.208-100-17.static.steadfastdns.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=bBb-SI6fGr6iocaKkv7mNO
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

status: 200
cache-control: max-age=86400
expires: Wed, 31 Jul 2019 07:34:14 GMT
content-type: text/html
content-length: 75
date: Tue, 30 Jul 2019 07:34:13 GMT
p3p: CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA

GET
H2 200 v2
de.tynt.com/deb/ Frame BFF8 0
0 1342ms
109ms Document
text/html 208.100.17.186
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ddRMkSZxSr6lrlaKkv7mNO
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.186 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip186.208-100-17.static.steadfastdns.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=ddRMkSZxSr6lrlaKkv7mNO
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

status: 200
cache-control: max-age=86400
expires: Wed, 31 Jul 2019 07:34:14 GMT
content-type: text/html
content-length: 75
date: Tue, 30 Jul 2019 07:34:14 GMT
p3p: CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA

GET
H/1.1 200 Cookie set sync_iframe
sync.bfmio.com/ Frame 6439 0
0 7702ms
97ms Document
text/html 34.199.195.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.bfmio.com/sync_iframe?ifg=1&id=92fd6b68-fe21-44c5-bce8-6f519808339c&gdpr=0&gc=&gce=1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.195.7 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-199-195-7.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Host: sync.bfmio.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

Access-Control-Allow-Origin: *
Content-Type: text/html
Date: Tue, 30 Jul 2019 07:34:25 GMT
Set-Cookie: __io_cid=660a4cdd71e9b0e8387ab8aeeaf10d81a59f4708; Domain=.bfmio.com; Expires=Wed, 29-Jul-2020 07:34:26 GMT; Path=/
Content-Length: 217
Connection: keep-alive

GET
H/1.1 200
OK Cookie set check.html
biddr.brealtime.com/ Frame DE4A 0
0 18639ms
21ms Document
text/html 104.17.120.107
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: biddr.brealtime.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

Date: Tue, 30 Jul 2019 07:34:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=daaa0914727ba3844c55492ff907efad81564472071; expires=Wed, 29-Jul-20 07:34:31 GMT; path=/; domain=.brealtime.com; HttpOnly
x-amz-id-2: avkWHamSa/erPUleuk0LWmMdY13rHAUH9XtVYo0zn6Ug6D/WocMJevI/iMkGH//Hs1TrOgDrcJs=
x-amz-request-id: 41EC72810F7ED8D6
x-amz-meta-origin-date-iso8601: 2019-05-30T19:14:20.000Z
Last-Modified: Thu, 30 May 2019 19:21:30 GMT
CF-Cache-Status: HIT
Age: 3363
Expires: Tue, 30 Jul 2019 07:35:31 GMT
Cache-Control: public, max-age=60
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4fe5a68edd88d919-AMS
Content-Encoding: gzip

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 6057 0
0 2376ms
22ms Document
text/html 151.101.13.108
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Fastly-Debug-Digest: e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length: 506
Accept-Ranges: bytes
Date: Tue, 30 Jul 2019 07:34:15 GMT
Age: 30923542
Connection: keep-alive
X-Served-By: cache-jfk8141-JFK, cache-fra19176-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1389064, 2922520
X-Timer: S1564472055.235941,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 pd
u.openx.net/w/1.0/ Frame C1C7 0
0 2785ms
18ms Document
text/html 173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.149.0 /
Resource Hash

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
accept-encoding: gzip, deflate, br
cookie: i=62dde394-eb14-04cf-1e02-61ef84ab1f64|1564472048; v=1; pd=v2|1564472048|gu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

status: 200
vary: Accept
set-cookie: i=62dde394-eb14-04cf-1e02-61ef84ab1f64|1564472048; Version=1; Expires=Wed, 29-Jul-2020 07:34:15 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1564472048.7|gu.mWkifciymOgi; Version=1; Expires=Wed, 14-Aug-2019 07:34:15 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.149.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 30 Jul 2019 07:34:15 GMT
content-type: text/html
content-encoding: gzip

GET
H2 200 v2
de.tynt.com/deb/ Frame 59CC 0
0 1327ms
107ms Document
text/html 208.100.17.186
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=bBb-SI6fGr6iocaKkv7mNO
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.186 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip186.208-100-17.static.steadfastdns.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=bBb-SI6fGr6iocaKkv7mNO
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

status: 200
cache-control: max-age=86400
expires: Wed, 31 Jul 2019 07:34:14 GMT
content-type: text/html
content-length: 75
date: Tue, 30 Jul 2019 07:34:13 GMT
p3p: CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA

GET
H2 200 v2
de.tynt.com/deb/ Frame F189 0
0 1328ms
110ms Document
text/html 208.100.17.186
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ddRMkSZxSr6lrlaKkv7mNO
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.186 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: ip186.208-100-17.static.steadfastdns.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/v2?m=xch&rt=html&id=ddRMkSZxSr6lrlaKkv7mNO
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

status: 200
cache-control: max-age=86400
expires: Wed, 31 Jul 2019 07:34:14 GMT
content-type: text/html
content-length: 75
date: Tue, 30 Jul 2019 07:34:13 GMT
p3p: CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 47F8 0
0 2386ms
22ms Document
text/html 151.101.13.108
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Fastly-Debug-Digest: e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length: 506
Accept-Ranges: bytes
Date: Tue, 30 Jul 2019 07:34:15 GMT
Age: 30923542
Connection: keep-alive
X-Served-By: cache-jfk8141-JFK, cache-fra19176-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1389064, 2922521
X-Timer: S1564472055.258738,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200 Cookie set sync_iframe
sync.bfmio.com/ Frame 2D4E 0
0 7781ms
96ms Document
text/html 34.199.195.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.bfmio.com/sync_iframe?ifg=1&id=92fd6b68-fe21-44c5-bce8-6f519808339c&gdpr=0&gc=&gce=1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-1.33.5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.195.7 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-199-195-7.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Host: sync.bfmio.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

Access-Control-Allow-Origin: *
Content-Type: text/html
Date: Tue, 30 Jul 2019 07:34:25 GMT
Set-Cookie: __io_cid=88dd61290b25b9859314aff13e4ba84b6c2b3563; Domain=.bfmio.com; Expires=Wed, 29-Jul-2020 07:34:26 GMT; Path=/
Content-Length: 217
Connection: keep-alive

GET /
edba.brealtime.com/ 0
0

GET
H2 200 checksync.php
hbx.media.net/ Frame C6D1 0
0 31ms
30ms Document
text/html 23.210.250.97
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C10000&https=1&gdpr=1&gdprconsent=2
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/bxl.js?cid=8CUFH1GPH&dn=www.bleepingcomputer.com&version=&https=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.97 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-250-97.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

:method: GET
:authority: hbx.media.net
:scheme: https
:path: /checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUFH1GPH&prvid=56%2C70%2C77%2C80%2C82%2C97%2C99%2C109%2C111%2C112%2C113%2C139%2C154%2C157%2C159%2C175%2C178%2C10000&https=1&gdpr=1&gdprconsent=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
accept-encoding: gzip, deflate, br
cookie: gdpr_status=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/

Response headers

status: 200
server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Fri, 31 Jan 2020 07:34:13 GMT; domain=.media.net; Path=/; visitor-id=2074736530711901000V10; Expires=Wed, 29 Jul 2020 07:34:13 GMT; domain=.media.net; Path=/;
x-mnet-hl2: E
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=27882
expires: Tue, 30 Jul 2019 15:18:55 GMT
date: Tue, 30 Jul 2019 07:34:13 GMT
content-length: 6518

GET
H/1.1 200
OK g Show response
rtb.connatix.com/ 191 B
336 B 1610ms
134ms Script
text/plain 52.200.29.29
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.connatix.com/g?c_pw=834&c_ph=470&c_tk=C018218D-4AD0-4E01-8158-045425E65946&c_bu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&c_ivt=0&connatix_sess=bqHDAhvHNxSHA1_yom-q8Q2_b66FIm7DUErWQ0CZZVpBGX-Q2oHOBcm-HVCbwb-hXrLt56-E_m4Jgd24Bz7cnc-dMfUt7VoE33UhCOW8rbnO2uAuelrs6yaQJ6ciSeHBL6k9JB5WX3eASYDDmA3VjSqD-iJwIVSD6rf1RX2eFbYKqMn9_Dx1X6PIOTo5GxJi&notServed=false&xplr=true&c_s=false&c_pl=4fVDcPSYlbqC233G0M3kB8taQuOLG6rLNvSOpp8COavmWY8BITptdmq0s-ewvhERCA0oeyipqPPNxFC6VNPhyKeBwDcD6Oj5Jqbj0a6iF1jVU7vZcHgOMNbXn8c-8mxiGQhUpjMkLvHSbQFbfE69MwIL7kcrRUaE0ILWaq-Y0Mz0FQcvrx4tQxtJcviUsZim1Y2mDtqBun6-QX4qb5HALx-VmGfAmEbPaVnDhiQLNdE&gdpr=1&med_id=639404&request_guid=626c4505cb5264685b501564472054485&req_no=1&v=1&c_pt=1&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-de&c_v=1625_0_1_0_0&spp=1&callback=cnxJSONP_67aa0dbc3c8eba7a5be51564472054485
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1625/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.29.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-200-29-29.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 6a8a7c5f6dc90fe30a293ca4f33201d6419f542edb61249f22984b090237d858

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Jul 2019 07:34:16 GMT
Content-Encoding: gzip
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 157

GET
H/1.1 200
OK blank.gif
stats3.unrulymedia.com/ Frame A7D6 43 B
456 B 34ms
33ms Image
image/gif 34.245.32.91
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats3.unrulymedia.com/blank.gif?t=no_ads&placementName=bleepingcomputer.com%20-%20In-Article&adf=inarticle&imp%5B0%5D.placement=3&supplyMode=direct&message=Empty%20VAST%20Response&app=native&pid=1101818&isMobile=false&pageLoadId=430926963&unr.site.env=html&ts=2019-07-30T07%253A34%253A17.357-%252B02%253A00&perf_consent_start=1564472049803&perf_corejs_start=1564472046595&perf_corejs_end=1564472049803&perf_skin_start=1564472049804&perf_skin_end=1564472049834&perf_adAge_start=1564472049952&perf_vast_0_start=1564472049960&id=259626805&d=1564472057358&h=v1.0.1474-0-g168d541
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 34.245.32.91 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-245-32-91.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Tue, 30 Jul 2019 07:34:17 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.4.2
X-Unruly-Server: stats3n-eu-052.unrulymedia.com
P3P: CP="CUR IVDo OUR IND"
Cache-Control: no-store,no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
H/1.1 200
OK g Show response
rtb.connatix.com/ 131 B
313 B 138ms
137ms Script
text/plain 52.200.29.29
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.connatix.com/g?c_pw=834&c_ph=470&c_tk=C018218D-4AD0-4E01-8158-045425E65946&c_bu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&c_ivt=0&connatix_sess=bqHDAhvHNxSHA1_yom-q8Q2_b66FIm7DUErWQ0CZZVpBGX-Q2oHOBcm-HVCbwb-hXrLt56-E_m4Jgd24Bz7cnc-dMfUt7VoE33UhCOW8rbnO2uAuelrs6yaQJ6ciSeHBL6k9JB5WX3eASYDDmA3VjSqD-iJwIVSD6rf1RX2eFbYKqMn9_Dx1X6PIOTo5GxJi&notServed=false&xplr=true&c_s=false&c_pl=4fVDcPSYlbqC233G0M3kB8taQuOLG6rLNvSOpp8COavmWY8BITptdmq0s-ewvhERCA0oeyipqPPNxFC6VNPhyKeBwDcD6Oj5Jqbj0a6iF1jVU7vZcHgOMNbXn8c-8mxiGQhUpjMkLvHSbQFbfE69MwIL7kcrRUaE0ILWaq-Y0Mz0FQcvrx4tQxtJcviUsZim1Y2mDtqBun6-QX4qb5HALx-VmGfAmEbPaVnDhiQLNdE&gdpr=1&med_id=639404&request_guid=1e5890e006c38e43ced21564472069524&req_no=2&v=1&c_pt=1&c_f=[{id:11731,r:2,i:0,fpb:[]},{id:11857,r:2,i:0,fpb:[]},{id:11858,r:2,i:0,fpb:[]},{id:11860,r:2,i:0,fpb:[]},{id:12388,r:2,i:0,fpb:[]},{id:12389,r:2,i:0,fpb:[]},{id:12393,r:2,i:0,fpb:[]},{id:12427,r:2,i:0,fpb:[]},{id:12555,r:2,i:0,fpb:[]},{id:12556,r:2,i:0,fpb:[]},{id:12516,r:2,i:0,fpb:[]},{id:12517,r:2,i:0,fpb:[]},{id:12518,r:2,i:0,fpb:[]},{id:13586,r:2,i:0,fpb:[]},{id:13588,r:2,i:0,fpb:[]},{id:13706,r:2,i:0,fpb:[]},{id:13707,r:2,i:0,fpb:[]}]&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-de&c_v=1625_0_1_0_0&spp=1&callback=cnxJSONP_315e5250f18a816f83ea1564472069525
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1625/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.29.29 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-200-29-29.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: c501937f03c1e1a5a0050b20e811f39fd164e9090dc6f74d565e97c8f5296433

Request headers

Referer: https://www.bleepingcomputer.com/news/security/new-trickbot-version-focuses-on-microsofts-windows-defender/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 30 Jul 2019 07:34:29 GMT
Content-Encoding: gzip
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 134

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: connatix-d.openx.net
URL: https://connatix-d.openx.net/v/1.0/av?auid=540193942&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&cb=aaa0291321bb2e5cca3d1564472044467&vwd=834&vht=469&gdpr=1&gdpr_consent=0

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: g2.gumgum.com
URL: https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&

Domain: g2.gumgum.com
URL: https://g2.gumgum.com/hbid/imp?si=14288&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&

Domain: g2.gumgum.com
URL: https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&

Domain: g2.gumgum.com
URL: https://g2.gumgum.com/hbid/imp?si=14288&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&

Domain: g2.gumgum.com
URL: https://g2.gumgum.com/hbid/imp?t=zztu1szx&pi=2&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&

Domain: g2.gumgum.com
URL: https://g2.gumgum.com/hbid/imp?si=14290&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&

Domain: g2.gumgum.com
URL: https://g2.gumgum.com/hbid/imp?t=zztu1szx&pi=2&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&

Domain: g2.gumgum.com
URL: https://g2.gumgum.com/hbid/imp?si=14290&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&

Domain: g2.gumgum.com
URL: https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&

Domain: g2.gumgum.com
URL: https://g2.gumgum.com/hbid/imp?t=zztu1szx&pi=2&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&

Domain: g2.gumgum.com
URL: https://g2.gumgum.com/hbid/imp?si=14290&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/header-bid/v1?bidId=28a928a6a69badd&placement_key=GrVComq83JzCSLK1pi9waoyR&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/header-bid/v1?bidId=29c2585ce114074&placement_key=wDH8n844o8J5LF7qDwHQ7sj5&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/header-bid/v1?bidId=30083862c6915a1&placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/header-bid/v1?bidId=318e2bbc8897cf3&placement_key=GrVComq83JzCSLK1pi9waoyR&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/header-bid/v1?bidId=323e8db9713c482&placement_key=wDH8n844o8J5LF7qDwHQ7sj5&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/header-bid/v1?bidId=3395c6004ac0bbd&placement_key=L7rKdgz52e7UZ4fMkwkYmaxf&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/header-bid/v1?bidId=346073bb9670ae5&placement_key=DSthphoQqH66AkQXPDoXn74b&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/header-bid/v1?bidId=356b0cfb3d72744&placement_key=Y2PwNBba8FyKXESSc72DFF25&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/header-bid/v1?bidId=3674ef74ff2063e&placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/header-bid/v1?bidId=377b406ec947ddc&placement_key=DSthphoQqH66AkQXPDoXn74b&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/header-bid/v1?bidId=3870da30feea5a&placement_key=Y2PwNBba8FyKXESSc72DFF25&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/header-bid/v1?bidId=39d2ee27b2e8f8a&placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/header-bid/v1?bidId=4011d20b67cc9a&placement_key=GrVComq83JzCSLK1pi9waoyR&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/header-bid/v1?bidId=4194b72eaf16c7c&placement_key=Ggh1aXSgpQAvBpkxoyAsBJPd&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/header-bid/v1?bidId=425a2a3bbe9eb9c&placement_key=DSthphoQqH66AkQXPDoXn74b&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/header-bid/v1?bidId=43e60ed85127543&placement_key=Y2PwNBba8FyKXESSc72DFF25&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/header-bid/v1?bidId=442b30a12e2839d&placement_key=Kwm6ycRx3Uk3CYRoM3xEqtjr&hbVersion=1.32.0&strVersion=3.0.1&hbSource=prebid&consent_required=false&

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&tk_flint=pbjs_lite_v1.32.0&x_source.tid=3b9d5865-8f0d-4ada-bca7-3ae0e5b3e72b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.1386741028802232

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&tk_flint=pbjs_lite_v1.32.0&x_source.tid=70f691e3-ec7a-4471-9246-e3dfa12b559f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3923402785231531

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&tk_flint=pbjs_lite_v1.32.0&x_source.tid=44696aa8-abb6-42c6-b9cf-8b5419464c46&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.05511787995848416

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&tk_flint=pbjs_lite_v1.32.0&x_source.tid=148ebfd9-f3d2-46b8-9005-3d5735dcafc8&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.1521330236543621

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&tk_flint=pbjs_lite_v1.32.0&x_source.tid=9a8426fd-352d-45f1-944b-1f89f4377e6d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.030388377216867157

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&tk_flint=pbjs_lite_v1.32.0&x_source.tid=d0782626-f9d9-4bfe-88b7-47a4e444f896&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2715272180346813

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: display.bfmio.com
URL: https://display.bfmio.com/prebid_display

Domain: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.5&dddid=3b9d5865-8f0d-4ada-bca7-3ae0e5b3e72b%2C70f691e3-ec7a-4471-9246-e3dfa12b559f%2C44696aa8-abb6-42c6-b9cf-8b5419464c46%2C148ebfd9-f3d2-46b8-9005-3d5735dcafc8%2C9a8426fd-352d-45f1-944b-1f89f4377e6d%2Cd0782626-f9d9-4bfe-88b7-47a4e444f896&nocache=1564472045635&x_gdpr_f=1&pubcid=d1af8cfa-1cb0-432e-933d-cf7f5501be95&aus=728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250%7C300x250%2C300x600%7C300x250%2C300x600%7C728x90%7C300x250%2C300x600&divIds=bleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_300x250_300x600_160x600_Right_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&auid=539181725%2C539181725%2C539181725%2C539181725%2C539181725%2C539181725&

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: tlx.3lift.com
URL: https://tlx.3lift.com/header/auction?lib=prebid&v=1.32.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&tmax=1200

Domain: hb.emxdgt.com
URL: https://hb.emxdgt.com/?t=1200&ts=1564472045638

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html

Domain: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js

Domain: sb.scorecardresearch.com
URL: https://sb.scorecardresearch.com/beacon.js

Domain: s.ntv.io
URL: https://s.ntv.io/serve/load.js

Domain: connatix-d.openx.net
URL: https://connatix-d.openx.net/v/1.0/av?auid=540193947&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&cb=41d086e7a7ec29a00e891564472046600&vwd=834&vht=470&gdpr=1&gdpr_consent=0

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55&p_pos=unknown&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&tk_flint=pbjs_lite_v1.32.0&x_source.tid=1391dad4-5481-4525-ac7c-2d77f939bdd1&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6999068111742839

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: g2.gumgum.com
URL: https://g2.gumgum.com/hbid/imp?si=14287&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&

Domain: g2.gumgum.com
URL: https://g2.gumgum.com/hbid/imp?si=14288&pi=3&gdprApplies=undefined&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&

Domain: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-trickbot-version-focuses-on-microsofts-windows-defender%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.5&dddid=1391dad4-5481-4525-ac7c-2d77f939bdd1&nocache=1564472046854&x_gdpr_f=1&pubcid=d1af8cfa-1cb0-432e-933d-cf7f5501be95&aus=728x90%2C970x90&divIds=bleepingcomputer_970x90_728x90_320x50_sticky&auid=539181725&

Domain: display.bfmio.com
URL: https://display.bfmio.com/prebid_display

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: ssc.33across.com
URL: https://ssc.33across.com/api/v1/hb

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJFpa6tkiLkXeEPfv7Gvkkc&google_cver=1

Domain: edba.brealtime.com
URL: https://edba.brealtime.com/

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://quantcast.mgr.consensu.org/cmp.js(Line 1) Message: Dependency check failed for Publisher Purpose Legitimate Interest IDs: Publisher Purpose Legitimate Interest IDs must be an array containing only purpose IDs contained in the Publisher Purpose IDs array, the following purpose IDs will be ignored: 1, 4, 5
console-api	warning	URL: https://static.quantcast.mgr.consensu.org/v23/cmpui-popup.js(Line 1) Message: Unable to get NonIab Vendor list.
console-api	log	URL: https://freestar-io.videoplayerhub.com/gallery.js(Line 13) Message: Video gallery initializing
console-api	info	URL: https://cdn.ampproject.org/rtv/011907152257550/amp4ads-v0.js(Line 542) Message: Powered by AMP ⚡ HTML – Version 1907152257550
console-api	info	URL: https://cdn.ampproject.org/rtv/011907152257550/amp4ads-v0.js(Line 542) Message: Powered by AMP ⚡ HTML – Version 1907152257550
console-api	info	URL: https://cdn.ampproject.org/rtv/011907152257550/amp4ads-v0.js(Line 542) Message: Powered by AMP ⚡ HTML – Version 1907152257550
console-api	info	URL: https://cdn.ampproject.org/rtv/011907152257550/amp4ads-v0.js(Line 542) Message: Powered by AMP ⚡ HTML – Version 1907152257550
console-api	info	URL: https://cdn.ampproject.org/rtv/011907152257550/amp4ads-v0.js(Line 542) Message: Powered by AMP ⚡ HTML – Version 1907152257550
console-api	info	URL: https://cdn.ampproject.org/rtv/011907152257550/amp4ads-v0.js(Line 542) Message: Powered by AMP ⚡ HTML – Version 1907152257550

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.quantcast.mgr.consensu.org
audit.quantcast.mgr.consensu.org
biddr.brealtime.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.pub.network
cdn.ampproject.org
cdn.connatix.com
cdn.connectad.io
cdn.districtm.io
cdns.connatix.com
ck.connatix.com
cluster-na.cdnjquery.com
confiant-integrations.global.ssl.fastly.net
connatix-d.openx.net
connect.facebook.net
core.connatix.com
cse.google.com
d.pub.network
de.tynt.com
display.bfmio.com
dmx.districtm.io
eb2.3lift.com
edba.brealtime.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
g2.gumgum.com
googleads.g.doubleclick.net
graph.facebook.com
hb.emxdgt.com
hbx.media.net
i.connatix.com
i.connectad.io
ib.3lift.com
ib.adnxs.com
pagead2.googlesyndication.com
privacy-api-gateway.quantcast.com
quantcast.mgr.consensu.org
rtb.connatix.com
s.ntv.io
s7.addthis.com
s9.addthis.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssc.33across.com
static.quantcast.mgr.consensu.org
stats3.unrulymedia.com
sync.bfmio.com
targeting.unrulymedia.com
tlx.3lift.com
tpc.googlesyndication.com
trk.connatix.com
u.openx.net
us-u.openx.net
v1.addthisedge.com
video.unrulymedia.com
web.hb.ad.cpe.dotomi.com
www.bleepingcomputer.com
www.bleepstatic.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.reddit.com
btlr.sharethrough.com
c.amazon-adsystem.com
connatix-d.openx.net
display.bfmio.com
dmx.districtm.io
edba.brealtime.com
fastlane.rubiconproject.com
freestar-d.openx.net
g2.gumgum.com
hb.emxdgt.com
ib.adnxs.com
s.ntv.io
sb.scorecardresearch.com
secure.quantserve.com
ssc.33across.com
tlx.3lift.com
tpc.googlesyndication.com
us-u.openx.net
104.109.78.125
104.17.120.107
104.20.60.209
104.24.0.61
13.32.145.147
13.32.158.114
13.32.158.123
13.32.158.159
13.32.158.181
13.32.158.208
13.32.158.226
13.32.221.209
151.101.113.194
151.101.13.108
151.101.13.140
172.217.22.70
172.217.23.162
173.241.240.143
18.207.76.63
2.18.232.15
208.100.17.186
23.210.250.97
23.22.162.56
2600:9000:20bb:3e00:9:46dc:4700:93a1
2600:9000:20bb:4c00:9:46dc:4700:93a1
2606:4700:10::6814:8428
2606:4700:20::6819:bf72
2606:4700::6812:1bef
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::2008
2a00:1450:4001:808::200a
2a00:1450:4001:809::2004
2a00:1450:4001:817::200e
2a00:1450:4001:819::2001
2a00:1450:4001:819::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:81f::2002
2a00:1450:4001:825::200a
2a02:fa8:8806:16::1460
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::645
2a04:4e42:3::645
34.195.70.133
34.199.195.7
34.245.32.91
34.95.120.147
35.157.5.82
35.188.71.214
35.226.36.58
52.200.29.29
54.154.11.177
0401552f2a8baada175f687c202716b22ae97a18ac9f8f10ac8579b23e222b8e
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07b941f642e950c24af740351192105cb27751806903b77bf0382f4841cf607e
0891f85ccd1c9db593424b9838b0c2500e71ad92ebbd5d060d6331d9b2483518
093e652297b69857db5c1255537f54ce10075c66214f6c1545f9c49a923f779e
0bc92463807c8a65c3306c92a67a6f1b845bb552a75a1876512ef9a8ce85520f
0c435e09612018a22500e8ed7cbe02eeeaae7c98ca1501f7ab0e3b2175bc7302
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
170c5ec3cac3fd68c6dda515e33d270ead0f315508c61eab348ba0671e3e2778
19283cb6fa9e5a044248afeb6114aa886ae422c62aa060e2dbfe70b1437b8499
197a9c26e969604e977626f4724b03758916685d54e4018706da7e96e4fb07a5
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
19e1dbba639ba68ceb71cdada9621e11d0aec6edba410971f1937d6cc4935b32
1adbd912ae27d038491f9db1c7e6a007b8043c4a1f423009a351b03258756453
1e54551a0a5fe7187f1a58cf37f18699248a8a6d7b6c39d98ee6ee9c09473a8e
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b
238ef2f3b6b0d96e1aea837ffee915e51b52f62d883ca664a5dba32f2b82c1f1
27b4a8972a40ca7aaa04c89393fda09453c51a926ad9d234c489fc3c9418f954
2824ad2d0c13770e07cfac4e49b7bccafd3afc9a2a2b05972bd5cd640c59b1d3
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590
356bfe696c4953e3315bb5e3f945ca48d7d718007ef7e9f903716b56018dbe32
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
371e60eaea3df0bf53403a81ca0d49fad4e0c08dca679cf6a85300da15bf3208
37dcbfb212154d6404a1cd3505af3f82760e3f93aeca968f82a2f164131bf333
391f3da7f65ac83416f1319ddfca7c315be8abde245867c297a4d6c78e3ca1ab
3b6a84a416edfb98ed7608dad8cd26ffd7123e54bce2bb13a4a3394e0b948382
3cc33b181548975ffd31f93f480a1aa3125bcbadee399c8e1f58bfce2bd792d1
3f527e649e761d31f85afd319f141782718ada9c499585da7d11c36a8963fa11
46f054a5c98b253c46ff84547ce118625668349700a0730724df4bb25bcf5f78
4a6ac1e8519aa132772c1f732514d4a2cbcd2143a90710b7656bc23024b4c85c
4bb3aaeb6bd2ba6d6c88f1497a5b86b2dba5ed0a39dcdbe82ee94dd06990e146
4e656b00aee730e6a7b7988247614f8de9700b158bd7c8f666185086183d53d2
4e81d17c86282c2452bb5c896599ebf07a95f5c277dcbbb5292c6709ccf0deb9
4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313
52c076a4a2dcc234393575563406598546bf30e0f521560aa78e8c7952977499
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
559ddd5af0665c44301056fab0b8c66153cb6a380314f41a6dd7fc541ae4d2ad
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e801f2c4db8eb0c94de838e6637ec3d441aca3db8e9814327fc29dca830b29f
5fe405e64b42b49a5813c2c7b8e48ccf290310c5eb351d2b15966856d1a2f06e
5ffdc58a711cdf4e31ee083584d6a7861b723c89d19470e1351ea1be7ddc9d08
61cb7a1fefe87904c7b02aa16c88d4b42805526d63f9d20f2f797380713e4577
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
66e0f9a747bdd042fb9d01000d611034c4bdd2351cadb25fda445defec19c603
6726aef5bec70350f740724ab4eb4bfebe446b50fe7fed6afdbb43a6365ed6fa
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
67f6ff539de92fdceb2afebcd32af8a3db2970d5ad82d8a718ddfa4331c45e3c
681e69ba98efde182514479b508744ac7e593b9e5c06ac31ad14797b208c06d3
685203db849acf0776e5b1b9d2ecc0e69e903f0d1a932534d35c72ccf14b4740
68b75f0a3232f50354a1c56dfa31821dc2e39ff14b01cd96f8b1f979677efade
6a8a7c5f6dc90fe30a293ca4f33201d6419f542edb61249f22984b090237d858
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
6ea9f4eb20123baf3a45b682a96b511a5e00bcadb4e6f01b6df892993750dbe3
714298b6251bc9f6bb390cb871a096ea383abf7e5928a9438c23291768c1dbbb
776361c247e87c9420e4c1e38d726a1bc4ad9c5863e473bc78ff304f409e70b3
77c1c49f6ae3ec59f2e2926b800050a54dac4c2b0449c5fbc585ace16f57ee52
781c5596f9a65325ecfa652e4fe12760d429b1cf3070be38eb5d42ce6d83eb6d
78d68f656ce9ccf337f68fb8efe09021c4b5dd752f54ea822ebc0df13ba7d6d1
78f691e75f646934e03afc71e5695dfa6bce3179cd75d1c4f8daf5898c4ddecd
7969ff920d3a575faf02dcb6f341e27d6d13b3ba52f1762d9c4083ddfa820a06
7a8b34dc28ce0a145c66185626a442a1bb4211798f9189cd6d2d03968fb597ca
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39
7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f
7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e
7e9edd4ec2318eb025e01ea67a4f6f3b75bd173bdb32a0dcf9a37f893169baec
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fdd50e4ff0e93fbb9a548cc8abfd507a2dbaa8dde24c10979c22b33b3651321
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991
828dee36e1cad92793c92ca76c25a8786f85e1a6a30966932406ec46103d1da1
82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21
82f3d77276cf01fe491779f356613120b9e2cea8d70193a752cbf10c7996a9f8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e
8a56e644a617b2d1e4e7d808dfc334a7ea8622979f22999dc9eccd21c61958b3
8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211
8d9c3e3cfba892b2954a9c28ec67162355632750aa8b45d55323b04bc29ae61b
8dd753100a744cb309ef95207341ed36368a3692725b4cc793d21144c38a78cc
8eb95bcbc154530931e15fc418c8b1fe991095671409552099ea1aa596999ede
8f6688cfa3f8e278cf30958e738af35ed967d4d9b47f8f8dc363f922a04b8022
8fa136132a4904c56f6c7a2192fc7c2342b7b78ecbfa6955db3afd21b3a57ced
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9284fed2a0945fc8aeaeb05ed3859c3a8ccff16532a464c184798c3af52511dd
9737768746f590e294399babcefe90db3b079779b4fabd64a9f348b5aa1e7e92
982f3a34f5f84bbdd6b6449c87aa9ee3cfbdb54d66d591f41f8d94f4ec422a79
986b47a25b7424eeec6171e98adcf76cc2787e8d68a114c203092ecb35ff8d5e
9b3d54d3263fbe240684c9619180be1a3583ceebb22310d9376e9205eda59558
9bbb93becfaf11618f6b5e7e57065b2cee934f292f148084164c96384d57400c
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9db8799c8383641b18aaeb987074ecd580a81e9766d5128b998474996f0485f1
9e220f799ed1b3036d63ce02b5ffa4482994d526522821b4771b404e0ba08a32
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
a6d4ea4e2f95dcd77bc3acb8408f8ed9c2d9453aeafef8af9387b04e6c9a8ff9
aaa73509b44d09f9af09c497bb99d57433e8ae896ff36b50cacab6f9359f3051
b1ebf9f0cdb73ad1929e8820521c6e4a80e4fb2685950643b7effbb260819500
b209f7533db1b9935ef33700a2406ef791192036379be67d85a554a19f550d49
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1
b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad
b3f0cf3618bc701038fbf1d26c6832a9fb0674f9e18935ffe36f70245bdface3
b5df829641918379bb2af2f108c0291b991228b15262272613a43ff8f3716850
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b870c2ac68a0695e7d2216307d9dd43dafdf18f121cd350fa659b0d10243b5fa
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e
c3034d0370c5faa09e7a8d7b0c48925afa0371cf17e4827dde23059f56019dae
c4b6859d770f27ea1f0933c56b235e93c67acd2f8a6ba74659608e3831c96591
c501937f03c1e1a5a0050b20e811f39fd164e9090dc6f74d565e97c8f5296433
c7843c865ce86df89f25dd5bf27952a970748b5a212827d6d3a5fcf237866a3d
c9e727b37a735a7983ea8bdad06a38b246261c239bb80b86cc0ff3663c910adb
ca241ad74ce2aa30f97af61a0c9dba5f18f0f32bc673571f602a151a1b73b973
cba926ea1ca2ad743c154e0dbd06a804ce1a62ac74dfd6247a3b42142972a175
cbeea4a919f5c330ef718804a166e4d784b99841cc3d5e96859ba3fc1e1d1850
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d229886fc63edf6b95865ad6a9e90b589ca7585d2203bc61b69f73f61f746830
d4a073a70d3952ed18099835ff0004142b08d9b1a995d6991a63d323dea4fdd8
d5e4440c13ee4404761d8e1abbe3684e4ea4a036bcb82b7f03e65aa6fe4c8e84
d6d408ceb31cfae3d3d87971b82e522a331aa2eb042a793223b7ec19e419c564
d6f4770b6db189a7cb7357a07984b9eb0ae0caca9892bcf36b52b9456d25d46f
daaa5e1ebe38092e80bc7375a758764b4339437e0105eafba6524f86f8f3e2f7
db76ea1e164f349fc5078dbf67563dc394441d086825046b5670c6778fade9b0
df6180c4d7f87eef7309332e901e4d3d4619d1ceb038050ee3fdf8bedb5bf44d
dfa0fa699e3f4c42bc3b826288970bb930201db50917c3b64d44371db81a71ad
e130156173f785d175362c1362c093df04449a3ce2f349139c03c5ef3055ab64
e1ab3e3c98db306c39e93b14624964ccd429f98e74b94270a44d48499bf93b9c
e20160fa121107856236580b0562a41f8e95cfe360ac218aeb32ee97b8c8e07e
e28ab550c0ea1f71cc178fced9f39e36e65d44d948bd278fc2e7562710ae3c28
e30fcf77b1e245e0efca3b6aae9837c822deca516dcdf2d2db4da35012b7e96b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85
ec410c7bbd9894ba40ac75e4cfb61c737d6cf3f2c7658d3d7e512f49438fce40
eccbddaa87bff2bb2d9697571fcccc9be778f8c17dafb4a1dfcbc0e999fd558b
ed00038fea1a22fc58d84d63bcdf3d7fe772d8c6f58a81c989d2f72f1d702ebd
ee210e725e00ee2955ed72f7992280e2d666307f34a74b6414f436a8278c05fe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe95cb2cc312e0132b0ce914c642ecee0534223df3f1d47579cdabe6cc070cd
f65a5163f65db06a6da4f9e0df34e8039f9dddbc71c514c78c5ef94a8a8a418f
f8bcf7007fb92dc3ea21b999ff73f52344091d2f56782ff0d537b23ea5bb2f7c
f9278e008fc4edcd157a9a7b3f5dfbd75c167f405d11296e19c313dc5d052cc2
ffd88402bd7da213453634115d1872431f2ff6132e2a7c6aa38644606b3de809

www.bleepingcomputer.com Open in urlscan Pro 104.20.60.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

312 Requests

78 %HTTPS

41 %IPv6

45 Domains

77 Subdomains

54 IPs

6 Countries

3507 kBTransfer

9442 kBSize

0 Cookies

14 Outgoing links

Redirected requests

312 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bleepingcomputer.com Open in urlscan Pro
104.20.60.209 Public Scan

Screenshot
Live screenshot

Full Image

312
Requests

78 %
HTTPS

41 %
IPv6

45
Domains

77
Subdomains

54
IPs

6
Countries

3507 kB
Transfer

9442 kB
Size

0
Cookies

312 HTTP transactions
13 data transactions