www.zdnet.com Open in urlscan Pro
2a04:4e42:3::444 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/E4v3YKq1aj
Effective URL:
https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
Submission: On November 17 via api (November 17th 2020, 6:34:48 pm UTC) from US

Summary HTTP 198 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 39 IPs in 5 countries across 30 domains to perform 198 HTTP transactions. The main IP is 2a04:4e42:3::444, located in Ascension Island and belongs to FASTLY, US. The main domain is www.zdnet.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on January 24th 2020. Valid for: a year.

This is the only time www.zdnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1 1	67.199.248.13 67.199.248.13	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 18	2a04:4e42:3::444 2a04:4e42:3::444	54113 (FASTLY) (FASTLY)
14	2a04:4e42:1b:... 2a04:4e42:1b::444	54113 (FASTLY) (FASTLY)
6	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:6c0... 2a02:26f0:6c00:181::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:1901:1:c... 2600:1901:1:c36::	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.193.188 151.101.193.188	54113 (FASTLY) (FASTLY)
3	151.101.13.194 151.101.13.194	54113 (FASTLY) (FASTLY)
21	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE)
1	34.102.213.242 34.102.213.242	15169 (GOOGLE) (GOOGLE)
1 3	172.217.22.38 172.217.22.38	15169 (GOOGLE) (GOOGLE)
37	104.111.216.96 104.111.216.96	16625 (AKAMAI-AS) (AKAMAI-AS)
22	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	34.251.197.102 34.251.197.102	16509 (AMAZON-02) (AMAZON-02)
2	99.80.114.7 99.80.114.7	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:1b:... 2a04:4e42:1b::645	54113 (FASTLY) (FASTLY)
2	2a02:26f0:6c0... 2a02:26f0:6c00:287::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
2	162.247.243.146 162.247.243.146	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1 1	23.55.110.17 23.55.110.17	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.55.110.31 23.55.110.31	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba13	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.28.196.64 52.28.196.64	16509 (AMAZON-02) (AMAZON-02)
3	2.16.177.50 2.16.177.50	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:31:... 2a04:4e42:31::444	54113 (FASTLY) (FASTLY)
2	65.9.96.26 65.9.96.26	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.93.101 13.224.93.101	16509 (AMAZON-02) (AMAZON-02)
8	3.227.69.189 3.227.69.189	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1	3.126.224.165 3.126.224.165	16509 (AMAZON-02) (AMAZON-02)
1	13.224.93.102 13.224.93.102	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:3::720 2a04:4e42:3::720	54113 (FASTLY) (FASTLY)
2	52.200.8.120 52.200.8.120	14618 (AMAZON-AES) (AMAZON-AES)
198	39

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.13 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: cname.bitly.com

zd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a04:4e42:3::444 (Ascension Island) 1 redirects

ASN54113 (FASTLY, US)

www.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet1.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cmg1.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet3.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet4.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a04:4e42:1b::444 (Ascension Island)

ASN54113 (FASTLY, US)

zdnet3.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet2.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:181::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:1:c36:: (United States)

ASN15169 (GOOGLE, US)

open.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.188 (United States)

ASN54113 (FASTLY, US)

at.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f34.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.213.242 (United States)

ASN15169 (GOOGLE, US)
PTR: 242.213.102.34.bc.googleusercontent.com

urs.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.22.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f38.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 104.111.216.96 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-96.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cbsdfp5832910442.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f0d90e3ebc7e9709526048f2b1aae216.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d872043b835698be376806abe9914757.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.197.102 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-197-102.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.114.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-114-7.eu-west-1.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::645 (Ascension Island)

ASN54113 (FASTLY, US)

vidtech.cbsinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:287::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

684dd307.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.146 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.55.110.17 (United States) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-55-110-17.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.55.110.31 (United States)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-55-110-31.deploy.static.akamaitechnologies.com

kjtbf2yxg5xbcx5uc63q-pwzxv5-96365efd5-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba13 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba19 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

fiaqj6abeejrukqce3ygyaaaabp3if5x-pwzxv5-5ee19e707-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.196.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-196-64.eu-central-1.compute.amazonaws.com

www.summerhamster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.177.50 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-177-50.deploy.static.akamaitechnologies.com

clipcentric-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:31::444 (Ascension Island)

ASN54113 (FASTLY, US)

rev.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.96.26 (Seattle, United States)

ASN16509 (AMAZON-02, US)

native.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.93.101 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-101.zrh50.r.cloudfront.net

ad.clipcentric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.227.69.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-69-189.compute-1.amazonaws.com

tr.clipcentric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.224.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-224-165.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.93.102 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-102.zrh50.r.cloudfront.net

static.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::720 (Ascension Island)

ASN54113 (FASTLY, US)

str-assets.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.200.8.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-8-120.compute-1.amazonaws.com

b.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	cbsistatic.com zdnet3.cbsistatic.com zdnet1.cbsistatic.com cmg1.cbsistatic.com zdnet2.cbsistatic.com zdnet4.cbsistatic.com	552 KB
26	googlesyndication.com f0d90e3ebc7e9709526048f2b1aae216.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com d872043b835698be376806abe9914757.safeframe.googlesyndication.com	337 KB
25	doubleclick.net 1 redirects securepubads.g.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net	270 KB
22	moatads.com z.moatads.com mb.moatads.com geo.moatads.com px.moatads.com	829 KB
18	moatpixel.com cbsdfp5832910442.s.moatpixel.com	4 KB
10	ampproject.org cdn.ampproject.org	193 KB
10	googletagservices.com www.googletagservices.com	273 KB
9	clipcentric.com ad.clipcentric.com tr.clipcentric.com	1 KB
7	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net kjtbf2yxg5xbcx5uc63q-pwzxv5-96365efd5-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net fiaqj6abeejrukqce3ygyaaaabp3if5x-pwzxv5-5ee19e707-clienttons-s.akamaihd.net clipcentric-a.akamaihd.net	69 KB
6	sharethrough.com native.sharethrough.com btlr.sharethrough.com static.sharethrough.com b.sharethrough.com	169 KB
6	cookielaw.org cdn.cookielaw.org	106 KB
6	zdnet.com 1 redirects www.zdnet.com urs.zdnet.com	265 KB
5	google.com 1 redirects adservice.google.com www.google.com	341 B
4	cbsi.com at.cbsi.com rev.cbsi.com	9 KB
3	fastly.net confiant-integrations.global.ssl.fastly.net	116 KB
3	go-mpulse.net c.go-mpulse.net	53 KB
2	gstatic.com fonts.gstatic.com	29 KB
2	nr-data.net bam-cell.nr-data.net	1 KB
2	akstat.io 684dd307.akstat.io	708 B
1	imgix.net str-assets.imgix.net	2 KB
1	google.de adservice.google.de	169 B
1	googleapis.com fonts.googleapis.com	680 B
1	summerhamster.com www.summerhamster.com	182 B
1	newrelic.com js-agent.newrelic.com	10 KB
1	cbsinteractive.com vidtech.cbsinteractive.com	280 KB
1	google.fr adservice.google.fr	169 B
1	onetrust.com geolocation.onetrust.com	355 B
1	spotify.com open.spotify.com
1	zd.net 1 redirects zd.net	305 B
1	t.co t.co	365 B
198	30

	Domain	Requested by
21	securepubads.g.doubleclick.net	zdnet3.cbsistatic.com securepubads.g.doubleclick.net t.co www.zdnet.com www.googletagservices.com
18	cbsdfp5832910442.s.moatpixel.com
16	tpc.googlesyndication.com	www.zdnet.com securepubads.g.doubleclick.net tpc.googlesyndication.com cdn.ampproject.org
11	px.moatads.com	www.zdnet.com
10	cdn.ampproject.org	confiant-integrations.global.ssl.fastly.net
10	www.googletagservices.com	t.co securepubads.g.doubleclick.net rev.cbsi.com
9	zdnet2.cbsistatic.com	www.zdnet.com zdnet1.cbsistatic.com zdnet3.cbsistatic.com
8	tr.clipcentric.com	www.zdnet.com
8	z.moatads.com	zdnet3.cbsistatic.com t.co securepubads.g.doubleclick.net
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
7	zdnet1.cbsistatic.com	www.zdnet.com zdnet3.cbsistatic.com zdnet2.cbsistatic.com
7	zdnet3.cbsistatic.com	www.zdnet.com zdnet3.cbsistatic.com zdnet2.cbsistatic.com
6	cdn.cookielaw.org	www.zdnet.com cdn.cookielaw.org
5	www.zdnet.com	1 redirects t.co zdnet3.cbsistatic.com www.zdnet.com
3	www.google.com	1 redirects www.zdnet.com
3	clipcentric-a.akamaihd.net	t.co www.zdnet.com
3	zdnet4.cbsistatic.com	zdnet2.cbsistatic.com zdnet3.cbsistatic.com
3	ad.doubleclick.net	1 redirects www.zdnet.com
3	confiant-integrations.global.ssl.fastly.net	zdnet3.cbsistatic.com confiant-integrations.global.ssl.fastly.net
3	c.go-mpulse.net	www.zdnet.com c.go-mpulse.net zdnet1.cbsistatic.com
2	b.sharethrough.com
2	fonts.gstatic.com	fonts.googleapis.com
2	native.sharethrough.com	t.co confiant-integrations.global.ssl.fastly.net
2	rev.cbsi.com	t.co
2	bam-cell.nr-data.net	js-agent.newrelic.com
2	684dd307.akstat.io	zdnet1.cbsistatic.com c.go-mpulse.net
2	geo.moatads.com	z.moatads.com
2	f0d90e3ebc7e9709526048f2b1aae216.safeframe.googlesyndication.com	securepubads.g.doubleclick.net confiant-integrations.global.ssl.fastly.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	at.cbsi.com	zdnet3.cbsistatic.com
1	str-assets.imgix.net	www.zdnet.com
1	static.sharethrough.com	www.zdnet.com
1	d872043b835698be376806abe9914757.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	btlr.sharethrough.com	native.sharethrough.com
1	googleads.g.doubleclick.net
1	ad.clipcentric.com	clipcentric-a.akamaihd.net
1	fonts.googleapis.com	confiant-integrations.global.ssl.fastly.net
1	www.summerhamster.com
1	fiaqj6abeejrukqce3ygyaaaabp3if5x-pwzxv5-5ee19e707-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	kjtbf2yxg5xbcx5uc63q-pwzxv5-96365efd5-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	js-agent.newrelic.com	www.zdnet.com
1	vidtech.cbsinteractive.com	zdnet2.cbsistatic.com
1	mb.moatads.com	z.moatads.com
1	adservice.google.fr	securepubads.g.doubleclick.net
1	urs.zdnet.com	zdnet2.cbsistatic.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	open.spotify.com	www.zdnet.com
1	cmg1.cbsistatic.com	www.zdnet.com
1	zd.net	1 redirects
1	t.co
198	53

This site contains links to these domains. Also see Links.

Domain
www.zdnet.fr
www.zdnet.de
www.zdnet.co.kr
japan.zdnet.com
www.techrepublic.com
downloads.zdnet.com
krebsonsecurity.com
us-cert.cisa.gov
gist.github.com
www.reuters.com
www.ncsc.gov.uk
www.cyber.gov.au
www.youtube.com
www.cnet.com
redventures.com
www.facebook.com
twitter.com
www.linkedin.com
narratives.zdnet.com
privacyportal.onetrust.com
cbsi.secure.force.com
academy.zdnet.com
onetrust.com

Subject Issuer	Validity	Valid
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.zdnet.com DigiCert SHA2 High Assurance Server CA	`2020-01-24` - `2021-06-18`	a year	crt.sh
*.cbsistatic.com DigiCert SHA2 High Assurance Server CA	`2019-02-22` - `2021-02-26`	2 years	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
*.spotify.com DigiCert SHA2 Secure Server CA	`2020-06-23` - `2021-09-02`	a year	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2020-05-21` - `2022-07-27`	2 years	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-21` - `2021-04-22`	a year	crt.sh
*.at.cbsi.com DigiCert SHA2 High Assurance Server CA	`2019-12-17` - `2021-12-21`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.google.fr GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.moatads.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-06-10`	2 years	crt.sh
vidtech.cbsinteractive.com DigiCert SHA2 High Assurance Server CA	`2018-12-13` - `2020-12-17`	2 years	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-23` - `2021-05-07`	6 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.summerhamster.com Let's Encrypt Authority X3	`2020-11-02` - `2021-01-31`	3 months	crt.sh
aka.clipcentric.com Let's Encrypt Authority X3	`2020-09-26` - `2020-12-25`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
rev.cbsi.com DigiCert SHA2 High Assurance Server CA	`2020-04-22` - `2022-04-27`	2 years	crt.sh
*.sharethrough.com Amazon	`2020-09-09` - `2021-10-11`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
clipcentric.com Amazon	`2020-03-05` - `2021-04-05`	a year	crt.sh
imgix.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-08-06` - `2021-08-07`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
Frame ID: 102EE4ABB80DE6EC9950CAE8307603F0
Requests: 109 HTTP requests in this frame

Frame: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Frame ID: FAB91520A50091B7500A0FEECD241288
Requests: 4 HTTP requests in this frame

Frame: https://open.spotify.com/embed-podcast/episode/7Cu2KXWjzqamgiwY2ihAfD
Frame ID: 4EE6CAC00C11F6CD5D131FB49F9CED4A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpOMr2iBqwhcLu1d4SVIQajBiOZvWvJqB0y5fZsCv4LSoAa5P4kStitAf5f7ZtCxrpMAHVyaZHzHVnmQ6YCO__zqwlyaIrUSFt44xCJFUr2vNREHQiCXav87PQHngwmYEmzCUEdhsh1hMOfStrjHsAaEG4kpOtlH-FLXLMlxzpTw9qJ-6F8AsGzh7BzNgDr7vpcQQAErgSlWyXpx85kyBdf-qppFqmse0d2eshPxXDmF7ar_v2pxRW7DsEGQvqSrd6KCtr2jIObw0dQg&sig=Cg0ArKJSzLiQNlwLCPOZEAE&urlfix=1&adurl=
Frame ID: A26290B36229CFF9903C48BEDBF55092
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 76DFFC52241C304690B43F80D9753813
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucI15hBxw_subKAPYmaxgZyh9qsbbDzHMsTGEnhXSBd16s3IlXAKWiq-6_aBhe9jHj7pqJ7qd5q65VPefURhr941uLrEPSzyHeJbNxRhWYKjJANjDDNwzIRuM9fXeZg47EqlfWgNmPRO8i_rbp4ZfdFVojw6GRRQ_M9qhwqAhUoHGD0_UfW1kYMI-uAJS1casuTPh-AngdkesxMkCMywS4ENlcDlf_3zH_ll-bmBQ07bpHf3iW0D0n-XCUGe-4JJYDuliQ35c7IoGVaw&sig=Cg0ArKJSzMl86rU9lRooEAE&urlfix=1&adurl=
Frame ID: 8D5CB17B8B9D3E43B1D75D3928BD86F6
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: A9A3DDB1741F56B2E79E45C44D79ACDC
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpQZf1IXdd94pqeOihwWCjYSs9mnIUBivclFQsv1ZxWWJfJSTYuX6jI-ykvNMztHX-VcgNczINbTL3nKjKGm48vqsQyIDmLM-ELJc9Utc4fAb4K5oJlnYKojmclrf8Z2RONZmGKeAWb33lo5syfePtmMcXktVfAYZUcMI2rd5paJdu6GuoMR3Hy7PhJ8QUaKyiAtOx9EUQkQeJGoE0FWlawoW90gwVkY5kS-tGskG-wTaPDGgo6vwYwQKQTuDN9VT-1HDluOET&sig=Cg0ArKJSzLEnAh_-JXIlEAE&urlfix=1&adurl=
Frame ID: DF808204D8BBF00589396F3BDDD8BDEF
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvD8Jd09-28QTuqQd0WUZsRP5jH_Piic8i7Gt5_D7Ol5uRo4XyJEWW2tBbxUYzQxj63WoQ2Bm7qXmX8zzju7d1R8Iw8SaOZjxOfiT9D0HBEz1vlkvfHdqcLaqAnE5u8l8fx_UiuUhAkcOqM2bM32kUxKLcfodQH3S2NVih0l8LbezCQBxkQAeRZ3VFCoDxNZEUAHay-H1ueHmpRr-Ep39i_23s7zibCP3PNP9nePCWyWjDN5ik3pBJuFF_piqBbeqsZEHGMErqdOOqCOA&sig=Cg0ArKJSzEWp2u0EdRa3EAE&urlfix=1&adurl=
Frame ID: 89B6F8EF240D6728C7F0BF93A74A0269
Requests: 6 HTTP requests in this frame

Frame: https://f0d90e3ebc7e9709526048f2b1aae216.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: F924E580B5AA839D4E78D0A7DC708972
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv1C3keC15GFurteTuGh7omw4rUNrg1WdBXAyZO-UaEknQXwCO1RxQUcJio8Y-kqFFmD0tDYsiM3nW-HDE8MIbSPbuzJ1n6XKGsdd0ucz5vUcds5Ccmf-XgC5-1MRRmmZghItqCF6GhuBBeZQc_tSFI2PzP_drtNUIuXJpGzkDuI-q39lCMjlle01CrxLlyCgvKz0SBSfgXEbQ6JTVGAwW2NfXlthcrecr7d00oSPXbb4CBt-7AbMGCD7QnXveiUjjuZmGLGnuw&sig=Cg0ArKJSzC6nCzwl2iXNEAE&urlfix=1&adurl=
Frame ID: A6AD2A7E0B3C30759A3A7A87FE3E690E
Requests: 4 HTTP requests in this frame

Frame: https://ad.clipcentric.com/user-9/resources/store.phtml?v200530
Frame ID: 39866CE54E41795B74E4BA18D4856134
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 150622F315A3FADF6E49795A1CC37B72
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: F1546F39DD97C4AC3D3630164A8B756E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstifYrsQt0YAGrpxfFr8lPEaJOcjVH4wF6_RNIXAwgNn6EnfELcf7N-wNK0P_BGSmlTz6X-K5Te3N9x-upSoA-P2qUF2ZEbA0o5z8rZIeP3B2rzlPbZ8MiCYmjaAY7YBWbLxlwA9RkrL121vumJLC2GAfvNkHN4l45Utx-qag5r3ICz4Wp7GP9AEdHwi5IaXFXI7FK0T505MG0MZjavxY5hODUdYvvLPQWbogB9cWWx8q7jdxmaRzNLw2ysUhrvt1ww0dT9TPEb&sig=Cg0ArKJSzB-YcbZNVtOiEAE&urlfix=1&adurl=
Frame ID: 867D04A8983391F1E5A382090B3B94E8
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMaleXt4_yWuYPYnjYjH17r5HeuwDz8TEQm9kFQwQJrAaM_4EtQz27uUsT8lChIpOmek0uuIlKCykqKF4dFzpDURan_wH01z6GPl7pOFa-VflY7UQgfNPh4skMTLW0K19M28Lr5C0TkqtiknEBueMnAo-N9UnIin4ZroR3Igh3GPHzek4Jq1qUm23wIOYAl8MMIJU3HSEr-jIx7WNdn9Un8e1xGKHEq-eHMnpxG5tXQtPolsHCHX2EaMUaAMpLWaTellQkADIX&sig=Cg0ArKJSzPc3HrzpG-9aEAE&urlfix=1&adurl=
Frame ID: 47C72F826EDDEA26CB464C4211054DAC
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 973267E0095FBE42723448543C12E4FC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.co/E4v3YKq1aj Page URL
https://zd.net/3n803IZ HTTP 301
https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hos... HTTP 301
https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hos... Page URL

Page Statistics

198
Requests

100 %
HTTPS

48 %
IPv6

30
Domains

53
Subdomains

39
IPs

5
Countries

3571 kB
Transfer

10145 kB
Size

14
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: http://www.zdnet.fr/
Title: ZDNet France

Search URL Search Domain Scan URL

URL: http://www.zdnet.de/
Title: ZDNet Germany

Search URL Search Domain Scan URL

URL: http://www.zdnet.co.kr/
Title: ZDNet Korea

Search URL Search Domain Scan URL

URL: http://japan.zdnet.com/
Title: ZDNet Japan

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/resource-library/whitepapers/
Title: White Papers

Search URL Search Domain Scan URL

URL: https://downloads.zdnet.com/
Title: Downloads

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/forums/
Title: TechRepublic Forums

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/resource-library/downloads/security-awareness-and-training-policy/?ftag=CMG-01-10aaa1b
Title: Security Awareness and Training policy

Search URL Search Domain Scan URL

URL: https://krebsonsecurity.com/2020/10/fbi-dhs-hhs-warn-of-imminent-credible-ransomware-threat-against-u-s-hospitals/
Title: according to krebsonsecurity.com

Search URL Search Domain Scan URL

URL: https://us-cert.cisa.gov/ncas/alerts/aa20-302a
Title: CISA said in the alert

Search URL Search Domain Scan URL

URL: https://gist.github.com/aaronst/6aa7f61246f53a8dd4befea86e832456
Title: today released a set of indicators of compromise

Search URL Search Domain Scan URL

URL: https://www.reuters.com/article/us-usa-healthcare-cyber/fbi-probes-string-of-recent-ransomware-attacks-on-us-hospitals-idUSKBN27D35U
Title: reports

Search URL Search Domain Scan URL

URL: https://www.ncsc.gov.uk/news/ryuk-advisory
Title: warned British businesses about Ryuk ransomware attacks

Search URL Search Domain Scan URL

URL: https://www.cyber.gov.au/acsc/view-all-content/advisories/advisory-2020-017-resumption-emotet-malware-campaign
Title: the ACSC wrote in its alert

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=1eOEoNIlYi0&t=13s
Title: Lessons cybersecurity teams need to learn from hackers to beat them at their own game (ZDNet YouTube)

Search URL Search Domain Scan URL

URL: https://www.cnet.com/how-to/top-cheap-home-security-devices-in-2020-amazon-echo-smart-cam-wyze/?ftag=CMG-01-10aaa1b
Title: Top 6 cheap home security devices in 2020 (CNET)

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/article/cybersecurity-best-practices-an-open-letter-to-end-users/?ftag=CMG-01-10aaa1b
Title: Cybersecurity best practices: An open letter to end users (TechRepublic)

Search URL Search Domain Scan URL

URL: https://redventures.com/CMG-terms-of-use.html
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://redventures.com/privacy-policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ZDNet/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/zdnet
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/zdnet-com
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCr9QWb5RKLfaunjKHJZAdQQ
Title:

Search URL Search Domain Scan URL

URL: http://narratives.zdnet.com/
Title: Sponsored Narratives

Search URL Search Domain Scan URL

URL: https://privacyportal.onetrust.com/webform/79ba7c84-ebc2-4740-8d11-bf1cc4501e59/ae88e03f-2b16-4276-9980-27124ba4b2c1
Title: Do Not Sell My Information

Search URL Search Domain Scan URL

URL: https://cbsi.secure.force.com/CBSi/knowledgehome?referer=zdnet.com
Title: Site Assistance

Search URL Search Domain Scan URL

URL: https://academy.zdnet.com/
Title: ZDNet Academy

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/E4v3YKq1aj Page URL
https://zd.net/3n803IZ HTTP 301
https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals?es_p=12945819 HTTP 301
https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pwzxv5qtq HTTP 302
https://kjtbf2yxg5xbcx5uc63q-pwzxv5-96365efd5-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 71

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pwzxv5qtq HTTP 302
https://fiaqj6abeejrukqce3ygyaaaabp3if5x-pwzxv5-5ee19e707-clienttons-s.akamaihd.net/eum/results.txt

Request Chain 77

https://ad.doubleclick.net/ddm/trackimp/N7384.3861580VIACOMCBS/B24946233.286791742;dc_trk_aid=480369388;dc_trk_cid=140485965;ord=939574068;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N7384.3861580VIACOMCBS/B24946233.286791742;dc_pre=CImGtfebiu0CFYn4dwodZXAC_w;dc_trk_aid=480369388;dc_trk_cid=140485965;ord=939574068;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Request Chain 148

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

198 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 E4v3YKq1aj Show response
t.co/ 221 B
365 B 146ms
146ms Document
text/html 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/E4v3YKq1aj

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c9134a191c170e5812281354ac99696427919091074235e13cc4d251b6bf3145

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

:method: GET
:authority: t.co
:scheme: https
:path: /E4v3YKq1aj
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: private,max-age=300
content-encoding: gzip
content-length: 175
content-type: text/html; charset=utf-8
date: Tue, 17 Nov 2020 18:34:30 GMT
expires: Tue, 17 Nov 2020 18:39:30 GMT
server: tsa_o
set-cookie: muc=1c8b2af7-9b35-4ea9-a768-1763732d8c3e; Max-Age=63072000; Expires=Thu, 17 Nov 2022 18:34:30 GMT; Domain=t.co; Secure; SameSite=None
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: e0be27f1576838186822015aa81a8366
x-response-time: 116
x-xss-protection: 0

GET
H2

200

Primary Request / Show response
www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/
Redirect Chain

https://zd.net/3n803IZ
https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals?es_p=12945819
https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

516 KB
149 KB

224ms
224ms

Document
text/html

2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Requested by

Host: t.co
URL: https://t.co/E4v3YKq1aj

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

93b73183052e5573c1684e2e71a66baf2221f33032fea8c28625d91a38b6a974

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.zdnet.com
:scheme: https
:path: /article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://t.co/E4v3YKq1aj
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fly_geo={"countryCode": "de"}; fly_device=desktop; fly_preferred_edition=eu; fly_default_edition=eu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://t.co/E4v3YKq1aj

Response headers

status: 200
content-encoding: gzip
content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-type: text/html; charset=UTF-8
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
last-modified: Tue, 17 Nov 2020 18:22:17 GMT
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-tx-id: 508fbdc0-6ffd-47a2-872b-85e6b790fce3
x-xss-protection: 1; mode=block
date: Tue, 17 Nov 2020 18:34:30 GMT
cache-control: max-age=5400, private
expires: Tue, 17 Nov 2020 19:52:17 GMT
vary: Accept-Encoding, User-Agent
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 151750

Redirect headers

status: 301
content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com;
content-type: text/html; charset=UTF-8
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
last-modified: Tue, 17 Nov 2020 18:34:30 GMT
location: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-tx-id: 418df95c-3f20-43c4-8686-d1d17e293a59
x-xss-protection: 1; mode=block
date: Tue, 17 Nov 2020 18:34:30 GMT
cache-control: max-age=5400, private
expires: Tue, 17 Nov 2020 20:04:30 GMT
set-cookie: fly_geo={"countryCode": "de"}; max-age=604800; path=/; domain=.zdnet.com; Secure; fly_device=desktop; max-age=604800; path=/; domain=.zdnet.com; Secure; fly_preferred_edition=eu; path=/; domain=.zdnet.com; Secure; fly_default_edition=eu; path=/; domain=.zdnet.com; Secure;
vary: Accept-Encoding, User-Agent
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 9395

GET
H2 200 main-8913b9f2d8-rev.css
zdnet3.cbsistatic.com/fly/css/core/ 352 KB
58 KB 7ms
6ms Stylesheet
text/css 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/css/core/main-8913b9f2d8-rev.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

dfc9406a623938ac69670411f1f627e7c19cf9ebfc0715921c07a76fe53023e6

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91504
status: 200
vary: Accept-Encoding, Accept
content-length: 59502
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Nov 2020 17:08:28 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "b912ebd9f130b3c3ea5eecade8d3eb83"
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Nov 2020 17:09:24 GMT

GET
H2 200 controls-8a2007188f-rev.css
zdnet1.cbsistatic.com/fly/css/video/htmlPlayerControls/ 19 KB
4 KB 6ms
6ms Stylesheet
text/css 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/css/video/htmlPlayerControls/controls-8a2007188f-rev.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

c6637b899589b2adf195e72aec7fda7985cfb382a7b129acf242a22984d9a380

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91503
status: 200
vary: Accept-Encoding, Accept
content-length: 3959
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Nov 2020 17:08:29 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "c0349221cd096b00c0de4e2e9e015963"
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Nov 2020 17:09:24 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 13 KB
4 KB 13ms
13ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d0d33ff3cbe6054d46a549c75a09323fc711113b82fde575003df837cb9f4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 17 Nov 2020 18:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: lztHLkvcGPqUR1UL9im3jQ==
age: 2522
status: 200
vary: Accept-Encoding
content-length: 4134
cf-request-id: 067915ba5a00001f45880fb000000001
x-ms-lease-status: unlocked
last-modified: Tue, 17 Nov 2020 17:42:05 GMT
server: cloudflare
etag: 0x8D88B2019ACB7C6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 60d6d0eb-601e-016b-680a-bdc3e5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f3b8bd6ffd71f45-FRA

GET
H2 200 optanon-v1.1.0.js Show response
cmg1.cbsistatic.com/privacy/optanon/ 36 KB
36 KB 6ms
6ms Script
text/javascript 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cmg1.cbsistatic.com/privacy/optanon/optanon-v1.1.0.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a0a97a5a7dc2b30e9a76ff211332f36d435293c19ed91ca1ad6a66adc1dc50cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=900
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:30 GMT
x-content-type-options: nosniff
age: 1038790
status: 200
content-length: 36582
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 05 Nov 2020 17:51:25 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "46e2aa30cbebb708b5fc468d57d56d8b"
strict-transport-security: max-age=900
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 05 Nov 2020 19:01:20 GMT

GET
H2 200 liam-tung.jpg
zdnet1.cbsistatic.com/hub/i/r/2014/07/22/b17789dd-1174-11e4-9732-00505685119a/thumbnail/40x40/7db233422b5c72e22796dcb9ac04bcb6/ 713 B
898 B 8ms
7ms Image
image/jpeg 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2014/07/22/b17789dd-1174-11e4-9732-00505685119a/thumbnail/40x40/7db233422b5c72e22796dcb9ac04bcb6/liam-tung.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

32b42614baf919797af1ba9d02749f940b8a721495dbb37d4ee3b3c7b488d28e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 685167
status: 200
vary: Accept-Encoding, Accept
content-length: 660
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Aug 2020 17:10:21 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"4b46121011249fcebfc502cf871d1560"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Jan 2021 20:15:04 GMT

GET
H2 200 cybersecurity-huge-rise-in-ransomware-pu-5f5b43bc71c30002b05d7dc5-1-sep-11-2020-11-29-34-poster.jpg
zdnet1.cbsistatic.com/hub/i/r/2020/09/11/9b02120e-2fe8-4819-b490-3b0ab49baa53/thumbnail/570x322/cb268c64380b19db3f6e31faa6dbebb8/ 16 KB
16 KB 9ms
8ms Image
image/jpeg 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2020/09/11/9b02120e-2fe8-4819-b490-3b0ab49baa53/thumbnail/570x322/cb268c64380b19db3f6e31faa6dbebb8/cybersecurity-huge-rise-in-ransomware-pu-5f5b43bc71c30002b05d7dc5-1-sep-11-2020-11-29-34-poster.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

1a003bbccafc6432ce46f8ae82ff847e0f87989cccd30669565e6d1a5c962d5b

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 682510
status: 200
vary: Accept-Encoding, Accept
content-length: 15761
x-xss-protection: 1; mode=block
last-modified: Fri, 11 Sep 2020 12:03:45 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"b79d32d871560d9c834e9a88e94a1366"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Jan 2021 20:59:21 GMT

GET
H2 200 advertisement.js Show response
zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/utils/ 53 B
204 B 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/utils/advertisement.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

07b69027231d985f5bdcd4d5a539f120d26003feef6e9dc0a6b77a4b43a9b21f

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 466267
status: 200
vary: Accept-Encoding, Accept
content-length: 83
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Nov 2020 20:12:12 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "988cc84f2ad73bf753e7482ec113ff89"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Nov 2020 09:03:22 GMT

GET
H2 200 aids-info-demand-500.png
zdnet1.cbsistatic.com/hub/i/r/2017/03/03/e079b30e-5c20-4bf5-8241-b37af38b7b52/resize/220x165/faca4adb0ed1bfb18b21bbec6d3861a0/ 39 KB
39 KB 9ms
9ms Image
image/png 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2017/03/03/e079b30e-5c20-4bf5-8241-b37af38b7b52/resize/220x165/faca4adb0ed1bfb18b21bbec6d3861a0/aids-info-demand-500.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0c64eb1e00b75d93ce07756ef8ff9c6ace42c75a22886e52915c9e6a3c4130b6

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 685150
status: 200
vary: Accept-Encoding, Accept
content-length: 39448
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Aug 2020 20:36:47 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"b459b3af663292971f86a3d2af675f49"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Jan 2021 20:15:20 GMT

GET
H2 200 require-2.1.2.js Show response
zdnet2.cbsistatic.com/fly/js/libs/ 16 KB
6 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112560
status: 200
vary: Accept-Encoding, Accept
content-length: 6169
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Nov 2020 17:25:26 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "d67038926a6f5a2bc74cca4ddefabdd9"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Nov 2020 11:18:30 GMT

GET
H/1.1 200
OK YZ2TK-PC7PJ-K64DL-L53CR-P2G4E Show response
c.go-mpulse.net/boomerang/ Frame FAB9 202 KB
51 KB 10ms
9ms Script
application/javascript 2a02:26f0:6c00:181::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:181::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Akamai Resource Optimizer /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 17 Nov 2020 18:34:30 GMT
Content-Encoding: br
Last-Modified: Mon, 12 Oct 2020 00:02:25 GMT
Server: Akamai Resource Optimizer
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, s-maxage=604800
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 51580

GET
DATA 200
OK truncated
/ 31 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 917 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 mag-white01.png
zdnet1.cbsistatic.com/fly/1605546328-asset/bundles/zdnetcss/images/core/ 1 KB
1 KB 9ms
5ms Image
image/png 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/fly/1605546328-asset/bundles/zdnetcss/images/core/mag-white01.png

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/css/core/main-8913b9f2d8-rev.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet3.cbsistatic.com/fly/css/core/main-8913b9f2d8-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:30 GMT
x-content-type-options: nosniff
age: 91496
status: 200
vary: Accept-Encoding, Accept
content-length: 1265
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Nov 2020 17:08:37 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Nov 2020 17:09:29 GMT

GET
H2 200 ring-animated.svg
zdnet2.cbsistatic.com/fly/1605546328-asset/bundles/zdnetcss/images/video/ 704 B
507 B 14ms
11ms Image
image/svg+xml 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/fly/1605546328-asset/bundles/zdnetcss/images/video/ring-animated.svg

Requested by

Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/css/video/htmlPlayerControls/controls-8a2007188f-rev.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0025565f0cddfceb7ebdbc4b21d2552c894998e443153f97a6e8b353dfd9bebd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet1.cbsistatic.com/fly/css/video/htmlPlayerControls/controls-8a2007188f-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91497
status: 200
vary: Accept-Encoding, Accept
content-length: 364
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Nov 2020 17:08:36 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5f87ac7f571b5a0b1cdc101b49cdc8de"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Nov 2020 17:09:27 GMT

GET
H2 200 Semibold.woff2
zdnet3.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/ 20 KB
20 KB 9ms
6ms Font
font/woff2 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/Semibold.woff2

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/css/core/main-8913b9f2d8-rev.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

21c9c7889404394d4e4c780022b56b5fa39e83b19c34eb0508561a115a1dcc6a

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.zdnet.com
Referer: https://zdnet3.cbsistatic.com/fly/css/core/main-8913b9f2d8-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:30 GMT
x-content-type-options: nosniff
age: 22826069
status: 200
vary: Accept-Encoding, Accept
content-length: 20344
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Feb 2020 13:35:38 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5e57c5aa-4f78"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Feb 2021 13:59:59 GMT

GET
H2 200 Regular.woff2
zdnet3.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/ 20 KB
20 KB 9ms
7ms Font
font/woff2 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/Regular.woff2

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/css/core/main-8913b9f2d8-rev.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.zdnet.com
Referer: https://zdnet3.cbsistatic.com/fly/css/core/main-8913b9f2d8-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:30 GMT
x-content-type-options: nosniff
age: 22826072
status: 200
vary: Accept-Encoding, Accept
content-length: 20256
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Feb 2020 13:35:38 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5e57c5aa-4f20"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Feb 2021 13:59:59 GMT

GET
H2 200 7Cu2KXWjzqamgiwY2ihAfD
open.spotify.com/embed-podcast/episode/ Frame 4EE6 0
0 322ms
321ms Document
text/html 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://open.spotify.com/embed-podcast/episode/7Cu2KXWjzqamgiwY2ihAfD

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: open.spotify.com
:scheme: https
:path: /embed-podcast/episode/7Cu2KXWjzqamgiwY2ihAfD
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Response headers

status: 200
server: envoy
date: Tue, 17 Nov 2020 18:34:31 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: sp_t=7e021285e3c3625d24ea8a665566388e; path=/; expires=Sat, 16 Jan 2021 18:34:30 GMT; domain=.spotify.com; samesite=none; secure sp_landing=https%3A%2F%2Fopen.spotify.com%2Fembed-podcast%2Fepisode%2F7Cu2KXWjzqamgiwY2ihAfD; path=/; expires=Wed, 18 Nov 2020 18:34:30 GMT; domain=.spotify.com; samesite=none; secure; httponly
content-encoding: br
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H2 200 logo.png
zdnet3.cbsistatic.com/fly/1605546328-asset/bundles/zdnetcss/images/core/ 4 KB
4 KB 6ms
6ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/fly/1605546328-asset/bundles/zdnetcss/images/core/logo.png

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/css/core/main-8913b9f2d8-rev.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet3.cbsistatic.com/fly/css/core/main-8913b9f2d8-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:30 GMT
x-content-type-options: nosniff
age: 91501
status: 200
vary: Accept-Encoding, Accept
content-length: 4105
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Nov 2020 17:08:38 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Nov 2020 17:09:23 GMT

GET
H2 200 e70f246a-fd9b-4805-9fd4-fcd89020aca5.json Show response
cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/ 3 KB
1 KB 18ms
18ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/e70f246a-fd9b-4805-9fd4-fcd89020aca5.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0844bd3c4baeabefa82df5e7dab5789c384a63f93799d25d325923c87941b79b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 17 Nov 2020 18:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /OEOyq06PFOqP2wdlgJHyA==
age: 749
status: 200
vary: Accept-Encoding
content-length: 1219
cf-request-id: 067915bab600002b413d82e000000001
x-ms-lease-status: unlocked
last-modified: Thu, 29 Oct 2020 19:43:56 GMT
server: cloudflare
etag: 0x8D87C42F9703542
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6713cf80-201e-010a-3869-b6873a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f3b8bd78e6f2b41-FRA

GET
H2 200 main.default.js Show response
zdnet3.cbsistatic.com/fly/94fa68-fly/js/ 753 KB
227 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/94fa68-fly/js/main.default.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

4d665c2f6fc1aeed23cbaace823f8f7ed5100c317fff8917d1b6cc8022fdd231

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91503
status: 200
vary: Accept-Encoding, Accept
content-length: 231709
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Nov 2020 17:08:19 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "12fc46da6258e596cd684fc82074053c"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Nov 2020 17:09:24 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
355 B 54ms
53ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0cc0930a1ab7e9ae754783576228f3c32caa07605236711cf81035f3f45f0ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:31 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5f3b8bd7ae03e007-FRA
cf-request-id: 067915bacc0000e00755a1e000000001

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame FAB9 2 KB
1 KB 117ms
116ms XHR
application/json 2a02:26f0:6c00:181::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&d=www.zdnet.com&t=5352127&v=1.632.0&if=&sl=0&si=0igw78frq6pa-qjye9j&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=
Requested by: Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:181::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 944edb8b57d8a9f7df23544c0121398c38f5319be2f46928fc4e3a2735183e56

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 17 Nov 2020 18:34:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 847

OPTIONS
H2 200 diff
at.cbsi.com/lib/api/v1/zdnet/prod/config/ Frame 0
0 130ms
130ms Other
text/html 151.101.193.188
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://at.cbsi.com/lib/api/v1/zdnet/prod/config/diff

Protocol

Server

151.101.193.188 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cat,content-type,variant,version
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
content-type: text/html; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.zdnet.com
access-control-allow-headers: *
allow: GET,HEAD
etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
x-cloud-trace-context: 9f67d4b57dd33d2ba74a5e371c92cb55
server: Google Frontend
accept-ranges: bytes
date: Tue, 17 Nov 2020 18:34:31 GMT
via: 1.1 varnish
x-served-by: cache-cdg20737-CDG
x-cache: MISS
x-cache-hits: 0
x-timer: S1605638071.075418,VS0,VE115
vary: Accept-Encoding
x-abtest: none
strict-transport-security: max-age=300
content-length: 8

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/ 178 KB
39 KB 25ms
24ms Script
text/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Requested by: Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/94fa68-fly/js/main.default.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: afd1513bdb44089f085888e1cbec14d37d25ec081f9fd8fb9fe98855115b1056

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 17 Nov 2020 18:34:31 GMT
Content-Encoding: gzip
Age: 3213
X-Cache: HIT
Connection: keep-alive
Content-Length: 39830
x-amz-id-2: d4+QVFx0dxi9ZH5Vu7O9B7FKnlY/8dSXj1yhaSqjn+f6j6iDWBNSN6uBT8GXt6oXveC6+zEf4rQ=
X-Served-By: cache-fra19158-FRA
Last-Modified: Tue, 17 Nov 2020 17:18:51 GMT
Server: AmazonS3
X-Timer: S1605638071.071320,VS0,VE0
ETag: "e36e674d4e8b6bbc6ae311105bcc80de"
x-amz-request-id: 1T7R2S7PBYBR1PAY
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 185

GET
H2 200 diff Show response
at.cbsi.com/lib/api/v1/zdnet/prod/config/ 17 KB
4 KB 15ms
15ms Fetch
application/json 151.101.193.188
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://at.cbsi.com/lib/api/v1/zdnet/prod/config/diff

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/94fa68-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.188 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

f70b6824d3c81ae7816f1ebdd73a3a7e1cca7975a7e5b2baaf2ef3bd5de2df96

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
cat: FaINTTd9d
Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
version: v2.19.2
variant: core
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

x-abtest: none
date: Tue, 17 Nov 2020 18:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201
x-dns-prefetch-control: off
x-cache: HIT
status: 200
ttl: 900s
content-length: 3674
x-xss-protection: 1; mode=block
x-served-by: cache-cdg20737-CDG
access-control-allow-origin: https://www.zdnet.com
server: Google Frontend
x-timer: S1605638071.205704,VS0,VE0
x-frame-options: SAMEORIGIN
etag: W/31f42029342657632db7bc00b66fd0562bfef37c
x-download-options: noopen
vary: Accept-Encoding, Origin
strict-transport-security: max-age=300
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 05b64719c69d3fa15109bb76912f7287
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 2

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 54 KB
18 KB 64ms
63ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/94fa68-fly/js/main.default.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

sffe /

Resource Hash

4214ee4c13225eb6a1c420bb6332bb56d1d6932653a12bf1c9794940a2642438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "696 / 385 of 1000 / last-modified: 1605615595"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18263
x-xss-protection: 0
expires: Tue, 17 Nov 2020 18:34:31 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.7.0/ 338 KB
72 KB 12ms
11ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1e3d87e5966b1193f8e51bec035a9de6de1c02243deb8f2b9bd280a67715112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 17 Nov 2020 18:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 39GJ8QXxSjBaTmaIgt+tLg==
age: 2498
status: 200
vary: Accept-Encoding
content-length: 73268
cf-request-id: 067915bb3800001f45b805f000000001
x-ms-lease-status: unlocked
last-modified: Fri, 09 Oct 2020 06:35:45 GMT
server: cloudflare
etag: 0x8D86C1D8DA49AF8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1bed58e2-101e-0049-4551-b6eb86000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f3b8bd85ac81f45-FRA

GET
H2 200 urs.js Show response
urs.zdnet.com/sdk/ 50 KB
50 KB 120ms
120ms Script
application/javascript 34.102.213.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://urs.zdnet.com/sdk/urs.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.213.242 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

242.213.102.34.bc.googleusercontent.com

Software

Resource Hash

fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:31 GMT
via: 1.1 google
last-modified: Mon, 13 Apr 2020 17:57:02 GMT
etag: "5e94a7ee-c803"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
status: 200
accept-ranges: bytes
alt-svc: clear
content-length: 51203

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gpt/202011151531/ 166 KB
53 KB 25ms
25ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011151531/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e78292682bf2d0e07b972e0f67cdf7873510ec20c4723b3ae032476c192ed463

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 17 Nov 2020 18:34:31 GMT
Content-Encoding: gzip
Age: 475
X-Cache: HIT
Connection: keep-alive
Content-Length: 54104
x-amz-id-2: Rz+hZTtNjptpE3aef5agDhVCO0gpyHYZCaJC1hgsbRPuaNRjNwmiLKmkSdDzMqewEB5P5paSXdw=
X-Served-By: cache-fra19158-FRA
Last-Modified: Mon, 16 Nov 2020 17:02:18 GMT
Server: AmazonS3
X-Timer: S1605638071.122800,VS0,VE0
ETag: "8f5f215a7ff1677e72e00cf4a5cd57c2"
x-amz-request-id: DN7M0Z6J3SEKDW0T
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 561

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/prebid/202011151531/ 68 KB
23 KB 26ms
25ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202011151531/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d647677a813dde40b27e0bcf582d72e2bc89f8a8127426e48684fff64156b0af

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 17 Nov 2020 18:34:31 GMT
Content-Encoding: gzip
Age: 475
X-Cache: HIT
Connection: keep-alive
Content-Length: 23314
x-amz-id-2: HQo7CcizWUl5Ljp2HHKhi404hNm7QWK7vug+5Zw5rCIKsaAtmhSmt1pUU5HVZFIUwKnbgb8FVAo=
X-Served-By: cache-fra19155-FRA
Last-Modified: Mon, 16 Nov 2020 17:02:20 GMT
Server: AmazonS3
X-Timer: S1605638071.124913,VS0,VE0
ETag: "7722fa6050667f36212b038e0a5564ef"
x-amz-request-id: 19A2A3E04F4F116F
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 638

GET
H2 200 mpulse-1.0.2.js Show response
zdnet1.cbsistatic.com/fly/js/libs/ 61 KB
12 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ea7373d7059ab32d4304249b48a91311f91d2dce5e1ebf10450f33f9a8c5f5ec

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377693
status: 200
vary: Accept-Encoding, Accept
content-length: 12449
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Nov 2020 17:25:26 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "cd7625dd77cd56b78f10a8fc0c1ba9fd"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Nov 2020 09:39:37 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/a652efb7-f570-4ba9-a221-2753b7eb30e8/ 60 KB
14 KB 16ms
16ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/e70f246a-fd9b-4805-9fd4-fcd89020aca5/a652efb7-f570-4ba9-a221-2753b7eb30e8/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ce8d3bfed7339952b7f3a4143df2e3867ab6ea6555d95d3bd44087d4f672bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 17 Nov 2020 18:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zmR4HzWDnD/K8NKWX2k29A==
age: 195
status: 200
vary: Accept-Encoding
content-length: 14179
cf-request-id: 067915bb6700002b413d84f000000001
x-ms-lease-status: unlocked
last-modified: Thu, 29 Oct 2020 19:43:59 GMT
server: cloudflare
etag: 0x8D87C42FB4B3E93
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 49f866d8-c01e-0144-5e0a-b442df000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f3b8bd8ab4f2b41-FRA

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/v2/ 2 KB
1 KB 37ms
36ms XHR
application/json 2a02:26f0:6c00:181::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/v2/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&t=1605638071146&s=b8da2d2506803fc4598c47a7049ac0e0846ffc97a6a4fbb65e54ef96f0c03a31
Requested by: Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:181::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: cac0bff393b7185cc80dc8e9ea02ee73005729e4515115fdaec12f8bd87f7c26

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 17 Nov 2020 18:34:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 790

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.7.0/assets/ 12 KB
3 KB 19ms
18ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.7.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06b10167b8d0ac41c1b681a2cce2977f08c4bb49f3261d7ff2fce60b0e59f7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 17 Nov 2020 18:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 6g5s6eICehvPXWb9nycIcQ==
age: 5685
status: 200
vary: Accept-Encoding
content-length: 3328
cf-request-id: 067915bb8500002b41ef264000000001
x-ms-lease-status: unlocked
last-modified: Fri, 09 Oct 2020 06:35:38 GMT
server: cloudflare
etag: 0x8D86C1D890DBAF3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6f0ee0a3-601e-0046-6d17-b30670000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f3b8bd8dc392b41-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.7.0/assets/v2/ 45 KB
11 KB 32ms
32ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.7.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.7.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c269c820bb1f57a535cbc2b61ddbd902ef33364e5fd1f827ecaccbd1831c1d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 17 Nov 2020 18:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: VdPW9mUL+ZgJ7oO59gDKyw==
age: 1278
status: 200
vary: Accept-Encoding
content-length: 11094
cf-request-id: 067915bb8600002b41ec051000000001
x-ms-lease-status: unlocked
last-modified: Fri, 09 Oct 2020 06:35:40 GMT
server: cloudflare
etag: 0x8D86C1D8A75F320
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 743ef2b2-401e-0037-71d4-b47449000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5f3b8bd8dc412b41-FRA

GET
H3-Q050 200 pubads_impl_2020111601.js Show response
securepubads.g.doubleclick.net/gpt/ 277 KB
97 KB 64ms
64ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068760

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

sffe /

Resource Hash

c442ff155dca60045b1a65d836acc2e876fd92ed4ad2e1b61272940530839837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99683
x-xss-protection: 0
last-modified: Mon, 16 Nov 2020 09:37:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Nov 2020 18:34:31 GMT

GET
H2 200 ;ord=1605638071275
ad.doubleclick.net/ddm/ad/qrdtuhurtlc/qfeuwyiweav/hfds/zm/tsabinirld/ 43 B
202 B 37ms
36ms Image
image/gif 172.217.22.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/ad/qrdtuhurtlc/qfeuwyiweav/hfds/zm/tsabinirld/;ord=1605638071275?

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f38.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/cbsprebidheader506831276743/ 227 KB
78 KB 28ms
27ms Script
application/x-javascript 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Requested by: Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/94fa68-fly/js/main.default.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 602fab312dd82ffb14508d0e186e809e1e27c55a6e62adf5769a9318dc84ce2f

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:31 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 21:33:52 GMT
server: AmazonS3
x-amz-request-id: A116A0BCFEB1ED44
etag: "6854e8f5c7ee7172d6d2fe20d9d27f10"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=41294
accept-ranges: bytes
content-length: 79827
x-amz-id-2: LrxYof5YTsukS1I7ly5TdwlPH99cfVt8CYvHzVznL7pj2PV98+XZEE53Pk1mD0xi4vrfs+IGyw4=

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 109 B
169 B 16ms
15ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Nov 2020 18:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 15ms
14ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Nov 2020 18:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 229 KB
52 KB 600ms
600ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1148853881722571&correlator=337469787086510&output=ldjh&impl=fifs&eid=21068730%2C21068760%2C21068418&vrg=2020111601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201117&iu_parts=8264%2Cuk-zdnet%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=5x5%2C728x90%7C970x250%7C970x66%2C300x250%7C300x600%7C300x1050%2C300x250%2C371x771%2C320x50%7C11x11%2C300x250%2C728x90%7C970x250%7C970x66&fluid=0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0&prev_scp=pos%3Dnav%26sl%3Dnav-ad%253FT-1000%7Cpos%3Dtop%26sl%3Dleader-plus-top%253FT-1000%7Cpos%3Dtop%26sl%3Dmpu-plus-top%253FT-1000%7Cpos%3Dmiddle%26sl%3Dmpu-middle%253FT-1000%7Cpos%3Dtop%26sl%3Ddynamic-showcase-top%253FT-1000%7Cpos%3Dtop%26strnativekey%3D8ec3a4f3%26sl%3Dsharethrough-top%253FT-1000%7Cpos%3Dbottom%26sl%3Dmpu-bottom%253FT-1000%7Cpos%3Dbottom%26sl%3Dleader-plus-bottom%253FT-1000&eri=1&cust_params=buyingcycle%3Ddiscover%26topic%3Dsecurity%252Ccxo%252Cgovernment-us%252Cmicrosoft%252Cwindows%252Cwindows-10%26mfr%3Dmicrosoft%252Cfbi%252Csymantec%252Ceset-llc%26tag%3Dransomware%252Ccyber-security%252Cmicrosoft%252Cmalware%252Csecurity%252Cwindows%252Cwindows-10%26pid%3Dwindows-10%252Cmicrosoft-windows-10%252Cd-link-dns%252Ceset-cyber-security%26prodtype%3Dwindows-10%26device%3Ddesktop%26ptype%3Darticle%26cid%3Dfbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%26env%3Dprod%26user%3Danon%26userGroup%3Dfirst_impression%252Csocial_user%26type%3Dgpt%26region%3Duk%26subses%3D5%26session%3Dc%26pv%3D1%26vguid%3D0fba2834-a6e2-4c5e-94b6-4200d4238815&cookie_enabled=1&bc=31&abxe=1&lmt=1605637337&dt=1605638071467&dlt=1605638070843&idt=572&frm=20&biw=1600&bih=1200&oid=3&adxs=0%2C-20%2C1050%2C1050%2C1015%2C215%2C1050%2C436&adys=0%2C285%2C405%2C2424%2C1623%2C1761%2C3306%2C4170&adks=2072725681%2C3581870410%2C1925781520%2C3289239044%2C3970605601%2C2484431570%2C3509234736%2C519614694&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&ref=https%3A%2F%2Ft.co%2FE4v3YKq1aj&dssz=33&icsg=134218400&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x4630%7C1600x90%7C370x250%7C370x250%7C370x771%7C770x11%7C370x250%7C1210x90&msz=1600x5%7C1600x90%7C370x250%7C370x250%7C370x771%7C770x11%7C370x250%7C1210x90&ga_vid=1785854873.1605638071&ga_sid=1605638071&ga_hid=1908337582&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068760

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

762c54fff1954017241be39342dc63b7efc635bc9975d1caa00b12a22c5e7e36

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11903519821775468938/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11903519821775468938/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIGmlPebiu0CFQP2dwodhVkDTw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11903519821775468938/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11903519821775468938/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11903519821775468938/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIGmlPebiu0CFQP2dwodhVkDTw&gqi=&layout=/sadbundle/%24csp%253Der3%24/11903519821775468938/index.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
google-creative-id: 138330866815,-1,138329746587,-1,138247024569,138315320936,-1,138239338269
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52226
x-xss-protection: 0
google-lineitem-id: 5536907755,-1,5526751081,-1,4825966980,5245653073,-1,4745696286
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Tue, 17 Nov 2020 18:34:32 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
f0d90e3ebc7e9709526048f2b1aae216.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 74ms
40ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f0d90e3ebc7e9709526048f2b1aae216.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068760
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 article-ea6d078f02-rev.js Show response
zdnet4.cbsistatic.com/fly/js/pages/ 145 KB
38 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/js/pages/article-ea6d078f02-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

e6e583553cbb5a7bdf3446558cdf29802cda247ce1d63693633b3d74eb749d8e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 604798
status: 200
vary: Accept-Encoding, Accept
content-length: 39119
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Nov 2020 12:48:19 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "fa479a2c5b31a35520ae848f1921bc43"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Nov 2020 18:34:31 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 314 B
489 B 50ms
49ms Script
text/html 34.251.197.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&pcode=cbsprebidheader506831276743&callback=MoatNadoAllJsonpRequest_44486325
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.197.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-197-102.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 0a850817530f89463dbfca39455d6a7b6b88d4b76a92814b6e5b9cea47de8502

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:31 GMT
server: TornadoServer/4.5.3
etag: "5a7f76f645a65ac3f42d3d0a40f0f54775bd2cf7"
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=900
timing-allow-origin: *
content-length: 314

GET
H2 200 n.js Show response
geo.moatads.com/ 112 B
285 B 39ms
39ms Script
text/html 99.80.114.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&pcode=cbsprebidheader506831276743&ql=&qo=0&i=CBS_PREBID_HEADER1&hp=1&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=https%3A%2F%2Ft.co&t=1605638071511&de=847944126078&rx=799663173974&m=0&ar=a63e245-clean&iw=b2c8261&q=1&cb=0&cu=1605638071511&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&id=1&ii=4&bo=undefined&bd=undefined&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A745%3A745%3A0%3A764&fs=186589&na=1465944844&cs=0&callback=DOMlessLLDcallback_44486325
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.114.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-114-7.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: eb7edc6afafbfc1e04bdaec2b959c0b3f8c2f96cff74ed9e865e96e4657f5f1b

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:31 GMT
server: TornadoServer/4.5.3
etag: "00ece44ad2eb2e27e313d2ec5fbe2ef74871792c"
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=900
timing-allow-origin: *
content-length: 112

GET
H2 200 n.js Show response
geo.moatads.com/ 114 B
288 B 48ms
47ms Script
text/html 99.80.114.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&pcode=cbsprebidheader506831276743&ql=&qo=0&i=CBS_PREBID_HEADER1&hp=1&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=https%3A%2F%2Ft.co&t=1605638071511&de=847944126078&rx=799663173974&m=0&ar=a63e245-clean&iw=b2c8261&q=2&cb=0&cu=1605638071511&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&id=1&ii=4&bo=undefined&bd=undefined&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A745%3A745%3A0%3A764&fs=186589&na=1085965011&cs=0&callback=MoatDataJsonpRequest_44486325
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.114.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-114-7.eu-west-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 49d6e6d8f2ee207ca44c8518190e7d11061a6f9c7c0bdeac8645a92b4825d57f

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:31 GMT
server: TornadoServer/4.5.3
etag: "9081e4158c3a61e82e62c3aad90f9b739e400876"
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=900
timing-allow-origin: *
content-length: 114

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 27ms
27ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&t=1605638071511&de=773176134012&d=CBS_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&ar=a63e245-clean&iw=b2c8261&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=zdnet.com&bd=zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals&ac=1&bq=11&f=0&na=1307517503&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:31 GMT

GET
H2 200 CBSI-PLAYER.js Show response
vidtech.cbsinteractive.com/uvpjs/0.42.297/ 1 MB
280 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidtech.cbsinteractive.com/uvpjs/0.42.297/CBSI-PLAYER.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1df152c5f79010dd701eceeabbf5fae49f8b375b625f2a5d7f8a8fbe11b92f2b

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:31 GMT
content-encoding: gzip
age: 2284715
x-cache: HIT, HIT
status: 200
content-length: 286838
x-amz-id-2: n53ElNB5hVnkR9qh4cUlg2SOjOhm/ieDwTiWMKEbKvjjvzF40ZAJ27jUeh6G5dcSTKOWVVqV9Rw=
x-served-by: cache-dca17777-DCA, cache-hhn4070-HHN
last-modified: Fri, 01 Feb 2019 18:20:56 GMT
server: AmazonS3
x-timer: S1605638072.581257,VS0,VE0
etag: "eb5dd4ed3dcb7641ebbcb604d7ddb038"
vary: Accept-Encoding
x-amz-request-id: 798034E8713D8B8D
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 6

GET
H/1.1 204
No Content / Show response
684dd307.akstat.io/ 0
354 B 74ms
52ms XHR
image/gif 2a02:26f0:6c00:287::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd307.akstat.io/?h.pg=article&when=1605638071620&cdim.Site_View=desktop&t_other=custom4%7C655&d=zdnet.com&h.key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&h.d=zdnet.com&h.cr=71f784926575013d34af3f78c7ff2e00d8d6b572&h.t=1605638071165&http.initiator=api&rt.start=api&rt.si=193bfde1-3fb8-408f-b1bf-963a3b38c259&rt.ss=1605638072097&rt.sl=0&api=1&api.v=2&api.l=js&api.lv=0.0.1

Requested by

Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:287::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Nov 2020 18:34:31 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Tue, 17 Nov 2020 18:34:31 GMT

GET
H2 200 nr-1184.min.js Show response
js-agent.newrelic.com/ 27 KB
10 KB 24ms
24ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1184.min.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:31 GMT
content-encoding: gzip
x-amz-request-id: A21809B1C987C063
x-cache: HIT
status: 200
content-length: 10624
x-amz-id-2: 5/0iWHe8AbcxZN6Jo3BmJ2Q+tztfRSNwr+lcNTrsM79nJm6KurTN6rNwf14f8ELquc1TIDOjlf4=
x-served-by: cache-hhn4047-HHN
last-modified: Mon, 28 Sep 2020 16:34:45 GMT
server: AmazonS3
x-timer: S1605638072.701164,VS0,VE0
etag: "3d7f312be60d08a2568e311e4762f3af"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 41705

GET
H2 200 / Show response
www.zdnet.com/components/breaking-news/xhr/ 1 KB
672 B 118ms
117ms XHR
application/json 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/components/breaking-news/xhr/?slug=breaking-news-banner

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/94fa68-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0f23b5aa801f07d12dc9cba856f397b1327527947a2eae1aa4150ae1567d02cb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Nov 2020 18:33:04 GMT
x-frame-options: SAMEORIGIN
date: Tue, 17 Nov 2020 18:34:31 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
vary: Accept-Encoding, User-Agent
x-tx-id: acb27b40-b01f-4a01-940b-ea5fe19f1f94
content-type: application/json
cache-control: max-age=5400, private
accept-ranges: bytes
expires: Tue, 17 Nov 2020 20:03:04 GMT

GET
H2 200 disqus-loader-e3cab293df-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 1 KB
810 B 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/disqus-loader-e3cab293df-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

2b1068aa007abf0e405b0840844c67718204a0073dc392337d78427a0dba6854

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24615
status: 200
vary: Accept-Encoding, Accept
content-length: 667
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Nov 2020 17:08:32 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "eac3a26f962835dccb7790960dc0a8fb"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Nov 2020 11:44:16 GMT

GET
H2 200 developersistock-1005631142a.jpg
zdnet2.cbsistatic.com/hub/i/r/2020/11/17/244d3e2c-3cef-47d1-a143-7eb856162204/thumbnail/170x128/60f12a9e496655c079255b8f4c6cdc47/ 7 KB
7 KB 7ms
6ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2020/11/17/244d3e2c-3cef-47d1-a143-7eb856162204/thumbnail/170x128/60f12a9e496655c079255b8f4c6cdc47/developersistock-1005631142a.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

09fd1f5916bea81bceed646e6d89e9cd77a525ebf2e1afdadc51987a3441bdcd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:31 GMT
x-content-type-options: nosniff
age: 9243
status: 200
vary: Accept-Encoding, Accept
content-length: 7243
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Nov 2020 16:00:21 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"4676ef642d4e5af7316d7d6a53df556d"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Jan 2021 16:00:29 GMT

GET
H2 200 developerglassesistock-1065782064.jpg
zdnet2.cbsistatic.com/hub/i/r/2020/11/17/d24091e9-3d69-462c-9f6b-550e891db0d3/thumbnail/170x128/dc9c893c963ed3255ffc9d17342d75ef/ 8 KB
8 KB 7ms
6ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2020/11/17/d24091e9-3d69-462c-9f6b-550e891db0d3/thumbnail/170x128/dc9c893c963ed3255ffc9d17342d75ef/developerglassesistock-1065782064.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

9a8d8bb357f997b3f6b98338c9a3e4bf04b17e2b675c23e13a29da1655e59ad4

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:31 GMT
x-content-type-options: nosniff
age: 16441
status: 200
vary: Accept-Encoding, Accept
content-length: 8198
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Nov 2020 14:00:28 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"608404aae9bbc2b536463fc091140048"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Jan 2021 14:00:28 GMT

GET
H2 200 computerusersnetworkistock-1194430783a.jpg
zdnet2.cbsistatic.com/hub/i/r/2020/11/17/91dcd7b8-fa09-4505-8fda-17ae1d0bae0a/thumbnail/170x128/59e608b2e0ae2799518930c38f5154f7/ 10 KB
10 KB 8ms
7ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2020/11/17/91dcd7b8-fa09-4505-8fda-17ae1d0bae0a/thumbnail/170x128/59e608b2e0ae2799518930c38f5154f7/computerusersnetworkistock-1194430783a.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ac9a9e666959ade8b25fadbe232fe74c3a27e5bd5ea139d6a1fd178e2a26ec46

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:31 GMT
x-content-type-options: nosniff
age: 27580
status: 200
vary: Accept-Encoding, Accept
content-length: 10571
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Nov 2020 10:54:50 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"8e4e4d496f72df696adefb7b98e3f40a"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Jan 2021 10:54:56 GMT

GET
H2 200 awindowslondon141.jpg
zdnet4.cbsistatic.com/hub/i/r/2019/03/29/5b831216-c24c-4637-96c3-c6998cb83347/thumbnail/170x128/a9c3793bb3ce3f421e80f75821fc6ce8/ 7 KB
7 KB 8ms
7ms Image
image/jpeg 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/03/29/5b831216-c24c-4637-96c3-c6998cb83347/thumbnail/170x128/a9c3793bb3ce3f421e80f75821fc6ce8/awindowslondon141.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

abbe172c2b7dbefee3980f7634ded950b4ee7d635b78468f854f64e1b8aa1b1f

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:31 GMT
x-content-type-options: nosniff
age: 104432
status: 200
vary: Accept-Encoding, Accept
content-length: 7309
x-xss-protection: 1; mode=block
last-modified: Thu, 03 Sep 2020 06:42:47 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"aa7a0e0d06a1872824f8d7daddcaf15c"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Jan 2021 13:33:49 GMT

GET
H2 200 / Show response
www.zdnet.com/newsletter/xhr/widget-login/ 2 KB
896 B 155ms
154ms XHR
application/json 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/newsletter/xhr/widget-login/?topic=security

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/94fa68-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4ee003b43ec31646ec8162c08e06d98814d9c237c6e119e50b760d9238f8bfe7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Tue, 17 Nov 2020 18:34:31 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
x-frame-options: SAMEORIGIN
x-tx-id: 5cddb0ad-5162-4bb1-9855-66c949f2c180
content-type: application/json
status: 200
cache-control: no-cache
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-xss-protection: 1; mode=block

GET
H2 200 front-door-carousel-d989216481-rev.js Show response
zdnet1.cbsistatic.com/fly/js/components/ 5 KB
2 KB 9ms
6ms Script
application/javascript 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/components/front-door-carousel-d989216481-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a0aa48808ddef7604ba969db62e4af3a2ba001b7a8751823cf0ab2d430308ea5

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430397
status: 200
vary: Accept-Encoding, Accept
content-length: 1542
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Nov 2020 17:25:32 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "3ea100e71bb5dac766aaac16ab9a51bf"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Nov 2020 19:01:14 GMT

GET
H/1.1 200
OK NRJS-04e0f5db0886b3b33ff Show response
bam-cell.nr-data.net/1/ 57 B
651 B 175ms
175ms Script
text/javascript 162.247.243.146
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/NRJS-04e0f5db0886b3b33ff?a=450235099&v=1184.ab39b52&to=ZFMHbUMCXktYWxJZX10ZJFpFCl9WFlkURFlQWgBmQgpeX1Vd&rst=1573&ck=1&ref=https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/&ap=577&be=657&fe=1492&dc=764&perf=%7B%22timing%22:%7B%22of%22:1605638070195,%22n%22:0,%22f%22:416,%22dn%22:416,%22dne%22:416,%22c%22:416,%22ce%22:416,%22rq%22:417,%22rp%22:641,%22rpe%22:654,%22dl%22:648,%22di%22:764,%22ds%22:764,%22de%22:764,%22dc%22:1492,%22l%22:1492,%22le%22:1510%7D,%22navigation%22:%7B%7D%7D&fp=745&fcp=745&at=SBQQGwsYTRQbWUQKS05L&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 17 Nov 2020 18:34:31 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 5f3b8bdc9a0d0877-CDG
cf-request-id: 067915bde100000877f8bec000000001
Expires: Thu, 01 Jan 1970 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2020/11/17/244d3e2c-3cef-47d1-a143-7eb856162204/thumbnail/170x128/60f12a9e496655c079255b8f4c6cdc47/developersistock-1005631142a.jpg

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/94fa68-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

09fd1f5916bea81bceed646e6d89e9cd77a525ebf2e1afdadc51987a3441bdcd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:31 GMT
x-content-type-options: nosniff
age: 9243
status: 200
vary: Accept-Encoding, Accept
content-length: 7243
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Nov 2020 16:00:21 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"4676ef642d4e5af7316d7d6a53df556d"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Jan 2021 16:00:29 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2020/11/17/d24091e9-3d69-462c-9f6b-550e891db0d3/thumbnail/170x128/dc9c893c963ed3255ffc9d17342d75ef/developerglassesistock-1065782064.jpg

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/94fa68-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

9a8d8bb357f997b3f6b98338c9a3e4bf04b17e2b675c23e13a29da1655e59ad4

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:31 GMT
x-content-type-options: nosniff
age: 16441
status: 200
vary: Accept-Encoding, Accept
content-length: 8198
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Nov 2020 14:00:28 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"608404aae9bbc2b536463fc091140048"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Jan 2021 14:00:28 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2020/11/17/91dcd7b8-fa09-4505-8fda-17ae1d0bae0a/thumbnail/170x128/59e608b2e0ae2799518930c38f5154f7/computerusersnetworkistock-1194430783a.jpg

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/94fa68-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ac9a9e666959ade8b25fadbe232fe74c3a27e5bd5ea139d6a1fd178e2a26ec46

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:31 GMT
x-content-type-options: nosniff
age: 27580
status: 200
vary: Accept-Encoding, Accept
content-length: 10571
x-xss-protection: 1; mode=block
last-modified: Tue, 17 Nov 2020 10:54:50 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"8e4e4d496f72df696adefb7b98e3f40a"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Jan 2021 10:54:56 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/03/29/5b831216-c24c-4637-96c3-c6998cb83347/thumbnail/170x128/a9c3793bb3ce3f421e80f75821fc6ce8/awindowslondon141.jpg

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/94fa68-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

abbe172c2b7dbefee3980f7634ded950b4ee7d635b78468f854f64e1b8aa1b1f

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:31 GMT
x-content-type-options: nosniff
age: 104432
status: 200
vary: Accept-Encoding, Accept
content-length: 7309
x-xss-protection: 1; mode=block
last-modified: Thu, 03 Sep 2020 06:42:47 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"aa7a0e0d06a1872824f8d7daddcaf15c"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Jan 2021 13:33:49 GMT

GET
H2 200 show-hide-1.0-7bf562809f-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 2 KB
1012 B 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/show-hide-1.0-7bf562809f-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

cd715c0fa7d69e85432e8b08d0a02b9613edf40212cca2040bde31670167638e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468962
status: 200
vary: Accept-Encoding, Accept
content-length: 671
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Nov 2020 20:12:07 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "661e5b99e8e1cbb929061e7c3a6568a4"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Nov 2020 08:18:27 GMT

GET
H/1.1

200
OK

results.txt Show response
kjtbf2yxg5xbcx5uc63q-pwzxv5-96365efd5-clientnsv4-s.akamaihd.net/eum/ Frame FAB9
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pwzxv5qtq
https://kjtbf2yxg5xbcx5uc63q-pwzxv5-96365efd5-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

96ms
23ms

XHR
text/plain

23.55.110.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://kjtbf2yxg5xbcx5uc63q-pwzxv5-96365efd5-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.55.110.31 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-55-110-31.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 17 Nov 2020 18:34:32 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://kjtbf2yxg5xbcx5uc63q-pwzxv5-96365efd5-clientnsv4-s.akamaihd.net/eum/results.txt
Date: Tue, 17 Nov 2020 18:34:31 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fiaqj6abeejrukqce3ygyaaaabp3if5x-pwzxv5-5ee19e707-clienttons-s.akamaihd.net/eum/ Frame FAB9
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pwzxv5qtq
https://fiaqj6abeejrukqce3ygyaaaabp3if5x-pwzxv5-5ee19e707-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

79ms
6ms

XHR
text/plain

2a02:26f0:6c00::210:ba19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaqj6abeejrukqce3ygyaaaabp3if5x-pwzxv5-5ee19e707-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba19 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 17 Nov 2020 18:34:32 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaqj6abeejrukqce3ygyaaaabp3if5x-pwzxv5-5ee19e707-clienttons-s.akamaihd.net/eum/results.txt
Date: Tue, 17 Nov 2020 18:34:31 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H2 200 bcn
www.summerhamster.com/ 43 B
182 B 86ms
27ms Image
image/gif 52.28.196.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.summerhamster.com/bcn?fe=1605638071941&y=2.0.1105&elg=72040947&flg=68&x=zzz.cgqhw.frp%2Fduwlfoh%2Fiel-zduqlqj-wulfnerw-dqg-udqvrpzduh-dwwdfnhuv-sodq-elj-klw-rq-xv-krvslwdov%2F&vqwo=1&deo=0&g0=vg%3A%3Aer%2Cxd%3A%3Aqexd%3A%3Aqsu%7Cvg%3A%3Ask%3A%3Aqsk%3A%3Aqsu%7Cgisl%3A%3Alp%2Clqi%2Cqh%3A%3Aqoe%3A%3Aqsu%3A%3Axuo%3D%2F%2Fdg.grxeohfolfn.qhw%2Fggp%2Fdg%2Ftugwxkxuwof%2Ftihxzblzhdy%2Fkigv%2Fcp%2Fwvdelqluog%2F%3Brug%3D1605638071275%3F%7Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.sodlqDg%7Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.sodlqDg%7Cddg%2Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.des_re_halvw%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Csu%3A%3Aid%3A%3Auivv%3A%3Aqsu&hu=0&g2=0%3A%3A0%3A%3A0%3A%3A0%3A%3A0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.196.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-196-64.eu-central-1.compute.amazonaws.com
Software: Jetty(9.2.10.v20150310) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 17 Nov 2020 18:34:32 GMT
server: Jetty(9.2.10.v20150310)
access-control-allow-origin: *
content-length: 43
access-control-allow-methods: *
content-type: image/gif

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A262 0
0 37ms
37ms Fetch
image/gif 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpOMr2iBqwhcLu1d4SVIQajBiOZvWvJqB0y5fZsCv4LSoAa5P4kStitAf5f7ZtCxrpMAHVyaZHzHVnmQ6YCO__zqwlyaIrUSFt44xCJFUr2vNREHQiCXav87PQHngwmYEmzCUEdhsh1hMOfStrjHsAaEG4kpOtlH-FLXLMlxzpTw9qJ-6F8AsGzh7BzNgDr7vpcQQAErgSlWyXpx85kyBdf-qppFqmse0d2eshPxXDmF7ar_v2pxRW7DsEGQvqSrd6KCtr2jIObw0dQg&sig=Cg0ArKJSzLiQNlwLCPOZEAE&urlfix=1&adurl=

Requested by

Host: t.co
URL: https://t.co/E4v3YKq1aj

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Nov 2020 18:34:32 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 ad.js Show response
clipcentric-a.akamaihd.net/ad/B=244/F=1068986/C=105721/P=22/A=105720/L=21/V=23/S=TOaLnfSR/ Frame A262 135 KB
37 KB 33ms
31ms Script
text/javascript 2.16.177.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://clipcentric-a.akamaihd.net/ad/B=244/F=1068986/C=105721/P=22/A=105720/L=21/V=23/S=TOaLnfSR/ad.js?q=1604705524
Requested by: Host: t.co
URL: https://t.co/E4v3YKq1aj
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.177.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-177-50.deploy.static.akamaitechnologies.com
Software: Apache/2.2.34 /
Resource Hash: 6f61194871255096b51c078ecffd02a93699b2cda3bc71c8c48cea2a5511a5b2

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:32 GMT
content-encoding: br
last-modified: Thu Jan 1 00:00:00 1970
server: Apache/2.2.34
content-type: text/javascript
status: 200
cache-control: max-age=3600
content-length: 37902

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A262 75 KB
29 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: t.co
URL: https://t.co/E4v3YKq1aj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

167e7c3c736fa71524437138f82e22185f38b626b4f8f92291ae20d6fe5f0518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605529771095600"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame A262 320 KB
107 KB 29ms
28ms Script
application/x-javascript 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: t.co
URL: https://t.co/E4v3YKq1aj
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9291d9d87d61a0608d3a6b508cb92fa452e2ad612696a66716201dffdf968927

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:32 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 21:24:39 GMT
server: AmazonS3
x-amz-request-id: A1A0B3F940F1DAC9
etag: "6a6dcf414007d90f491fd34c0ded6f44"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=41318
accept-ranges: bytes
content-length: 108768
x-amz-id-2: UR43//usmS5qM1+drhO+VGGwyXg2cnXCFBwLWVAMph1p2VgbAm2TDGDUM47RWoyL9kOfX+yVfbU=

GET
H3-Q050

200

B24946233.286791742;dc_pre=CImGtfebiu0CFYn4dwodZXAC_w;dc_trk_aid=480369388;dc_trk_cid=140485965;ord=939574068;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N7384.3861580VIACOMCBS/ Frame A262
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N7384.3861580VIACOMCBS/B24946233.286791742;dc_trk_aid=480369388;dc_trk_cid=140485965;ord=939574068;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/trackimp/N7384.3861580VIACOMCBS/B24946233.286791742;dc_pre=CImGtfebiu0CFYn4dwodZXAC_w;dc_trk_aid=480369388;dc_trk_cid=140485965;ord=939574068;dc_lat=;dc_rdid=;tag_for...

42 B
65 B

56ms
56ms

Image
image/gif

172.217.22.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N7384.3861580VIACOMCBS/B24946233.286791742;dc_pre=CImGtfebiu0CFYn4dwodZXAC_w;dc_trk_aid=480369388;dc_trk_cid=140485965;ord=939574068;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f38.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:32 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 17 Nov 2020 18:34:32 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N7384.3861580VIACOMCBS/B24946233.286791742;dc_pre=CImGtfebiu0CFYn4dwodZXAC_w;dc_trk_aid=480369388;dc_trk_cid=140485965;ord=939574068;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7193a6ae7349709641cdd713db8351d7361ed1ef6bed9ee8fb7631ab4c06453e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605529771095600"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 76DF 180 KB
50 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011151531/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 274679
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 76DF 13 KB
5 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011151531/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 274679
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 76DF 90 KB
27 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011151531/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 274679
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 76DF 3 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011151531/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 274674
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:38 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 76DF 41 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011151531/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 274679
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 76DF 3 KB
680 B 34ms
33ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011151531/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 17 Nov 2020 16:43:02 GMT
server: ESF
date: Tue, 17 Nov 2020 18:34:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4904719575183869110/ Frame 76DF 33 KB
33 KB 6ms
5ms Image
image/jpeg 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4904719575183869110/downsize_200k_v1?w=600&h=314

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba40fd1884e10a1c53b986d8bd7e9d4ad7396aa7e6c8f8e4a1604c80a5b3a6e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 19:44:26 GMT
x-content-type-options: nosniff
age: 427806
x-dns-prefetch-control: off
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33442
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 10:08:30 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Nov 2021 19:44:26 GMT

GET
DATA 200
OK truncated
/ Frame 76DF 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 76DF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 286950675b8e86af9da95f8887056bff1c3748b92363028bb3d7a06f8dc1a5b9

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8D5C 0
0 42ms
38ms Fetch
image/gif 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucI15hBxw_subKAPYmaxgZyh9qsbbDzHMsTGEnhXSBd16s3IlXAKWiq-6_aBhe9jHj7pqJ7qd5q65VPefURhr941uLrEPSzyHeJbNxRhWYKjJANjDDNwzIRuM9fXeZg47EqlfWgNmPRO8i_rbp4ZfdFVojw6GRRQ_M9qhwqAhUoHGD0_UfW1kYMI-uAJS1casuTPh-AngdkesxMkCMywS4ENlcDlf_3zH_ll-bmBQ07bpHf3iW0D0n-XCUGe-4JJYDuliQ35c7IoGVaw&sig=Cg0ArKJSzMl86rU9lRooEAE&urlfix=1&adurl=

Requested by

Host: t.co
URL: https://t.co/E4v3YKq1aj

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Nov 2020 18:34:32 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D5C 75 KB
29 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: t.co
URL: https://t.co/E4v3YKq1aj

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

167e7c3c736fa71524437138f82e22185f38b626b4f8f92291ae20d6fe5f0518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605529771095600"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 8D5C 320 KB
107 KB 30ms
28ms Script
application/x-javascript 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: t.co
URL: https://t.co/E4v3YKq1aj
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9291d9d87d61a0608d3a6b508cb92fa452e2ad612696a66716201dffdf968927

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:32 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 21:24:39 GMT
server: AmazonS3
x-amz-request-id: A1A0B3F940F1DAC9
etag: "6a6dcf414007d90f491fd34c0ded6f44"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=41318
accept-ranges: bytes
content-length: 108768
x-amz-id-2: UR43//usmS5qM1+drhO+VGGwyXg2cnXCFBwLWVAMph1p2VgbAm2TDGDUM47RWoyL9kOfX+yVfbU=

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame A9A3 180 KB
50 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011151531/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 274679
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame A9A3 13 KB
5 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011151531/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 274679
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame A9A3 90 KB
27 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011151531/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 274679
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame A9A3 3 KB
1 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011151531/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 274674
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:38 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame A9A3 41 KB
13 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011151531/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 274679
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Sat, 14 Nov 2020 14:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Nov 2021 14:16:33 GMT

GET
DATA 200
OK truncated
/ Frame A9A3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89f4ddedd67e398f49389bd66a498b3b2e608c68cc77e716ae2ede0269824e37

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame DF80 0
0 48ms
39ms Fetch
image/gif 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpQZf1IXdd94pqeOihwWCjYSs9mnIUBivclFQsv1ZxWWJfJSTYuX6jI-ykvNMztHX-VcgNczINbTL3nKjKGm48vqsQyIDmLM-ELJc9Utc4fAb4K5oJlnYKojmclrf8Z2RONZmGKeAWb33lo5syfePtmMcXktVfAYZUcMI2rd5paJdu6GuoMR3Hy7PhJ8QUaKyiAtOx9EUQkQeJGoE0FWlawoW90gwVkY5kS-tGskG-wTaPDGgo6vwYwQKQTuDN9VT-1HDluOET&sig=Cg0ArKJSzLEnAh_-JXIlEAE&urlfix=1&adurl=

Requested by

Host: t.co
URL: https://t.co/E4v3YKq1aj

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Nov 2020 18:34:32 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 adKit.min.js Show response
rev.cbsi.com/common/js/ Frame DF80 6 KB
2 KB 166ms
155ms Script
application/javascript 2a04:4e42:31::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://rev.cbsi.com/common/js/adKit.min.js?183053362

Requested by

Host: t.co
URL: https://t.co/E4v3YKq1aj

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:31::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2bf78db102c9d6e84c8e86cd2bd6134383688ae866a991028728b62f482358ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:32 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 0
x-cache: MISS
status: 200
content-length: 2149
x-served-by: cache-ewr18153-EWR
access-control-allow-origin: *
last-modified: Thu, 16 Apr 2020 15:02:48 GMT
server: AmazonS3
x-timer: S1605638072.245215,VS0,VE57
etag: "e524dc608d5c7c30eef57b6ed95dc6a8"
strict-transport-security: max-age=300
content-type: application/javascript
via: 1.1 varnish
accept-ranges: bytes
x-cache-hits: 0

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF80 75 KB
29 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: t.co
URL: https://t.co/E4v3YKq1aj

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

167e7c3c736fa71524437138f82e22185f38b626b4f8f92291ae20d6fe5f0518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605529771095600"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame DF80 320 KB
107 KB 34ms
25ms Script
application/x-javascript 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: t.co
URL: https://t.co/E4v3YKq1aj
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9291d9d87d61a0608d3a6b508cb92fa452e2ad612696a66716201dffdf968927

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:32 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 21:24:39 GMT
server: AmazonS3
x-amz-request-id: A1A0B3F940F1DAC9
etag: "6a6dcf414007d90f491fd34c0ded6f44"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=41318
accept-ranges: bytes
content-length: 108768
x-amz-id-2: UR43//usmS5qM1+drhO+VGGwyXg2cnXCFBwLWVAMph1p2VgbAm2TDGDUM47RWoyL9kOfX+yVfbU=

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 89B6 0
0 45ms
38ms Fetch
image/gif 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvD8Jd09-28QTuqQd0WUZsRP5jH_Piic8i7Gt5_D7Ol5uRo4XyJEWW2tBbxUYzQxj63WoQ2Bm7qXmX8zzju7d1R8Iw8SaOZjxOfiT9D0HBEz1vlkvfHdqcLaqAnE5u8l8fx_UiuUhAkcOqM2bM32kUxKLcfodQH3S2NVih0l8LbezCQBxkQAeRZ3VFCoDxNZEUAHay-H1ueHmpRr-Ep39i_23s7zibCP3PNP9nePCWyWjDN5ik3pBJuFF_piqBbeqsZEHGMErqdOOqCOA&sig=Cg0ArKJSzEWp2u0EdRa3EAE&urlfix=1&adurl=

Requested by

Host: t.co
URL: https://t.co/E4v3YKq1aj

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Nov 2020 18:34:32 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 sfp-set-targeting.js Show response
native.sharethrough.com/assets/ Frame 89B6 56 KB
20 KB 53ms
46ms Script
application/javascript 65.9.96.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://native.sharethrough.com/assets/sfp-set-targeting.js
Requested by: Host: t.co
URL: https://t.co/E4v3YKq1aj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f93b7f8bfe83053a825253196d0ea1eb82890abaca9265952abaf2310e37e540

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 17:41:35 GMT
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 17:41:32 GMT
server: AmazonS3
age: 3178
etag: W/"b8fa39cb0be9cbc84b2d8ae549b74984"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=3600
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: C72uHHKeEcB_KXmbQgayBRkg9KTtHuupHrM5MmGsIpP-tEW7j7pIbg==
via: 1.1 41b7bdf4fb536a6c72b9f49d9b6affe9.cloudfront.net (CloudFront)
expires: Tue, 17 Nov 2020 18:41:30 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 89B6 75 KB
29 KB 21ms
16ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: t.co
URL: https://t.co/E4v3YKq1aj

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

167e7c3c736fa71524437138f82e22185f38b626b4f8f92291ae20d6fe5f0518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605529771095600"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 89B6 320 KB
107 KB 34ms
27ms Script
application/x-javascript 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: t.co
URL: https://t.co/E4v3YKq1aj
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9291d9d87d61a0608d3a6b508cb92fa452e2ad612696a66716201dffdf968927

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:32 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 21:24:39 GMT
server: AmazonS3
x-amz-request-id: A1A0B3F940F1DAC9
etag: "6a6dcf414007d90f491fd34c0ded6f44"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=41318
accept-ranges: bytes
content-length: 108768
x-amz-id-2: UR43//usmS5qM1+drhO+VGGwyXg2cnXCFBwLWVAMph1p2VgbAm2TDGDUM47RWoyL9kOfX+yVfbU=

GET
H3-Q050 200 container.html
f0d90e3ebc7e9709526048f2b1aae216.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame F924 0
0 35ms
20ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f0d90e3ebc7e9709526048f2b1aae216.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011151531/wrap.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f0d90e3ebc7e9709526048f2b1aae216.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Tue, 17 Nov 2020 18:34:31 GMT
expires: Wed, 17 Nov 2021 18:34:31 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A6AD 0
0 40ms
39ms Fetch
image/gif 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv1C3keC15GFurteTuGh7omw4rUNrg1WdBXAyZO-UaEknQXwCO1RxQUcJio8Y-kqFFmD0tDYsiM3nW-HDE8MIbSPbuzJ1n6XKGsdd0ucz5vUcds5Ccmf-XgC5-1MRRmmZghItqCF6GhuBBeZQc_tSFI2PzP_drtNUIuXJpGzkDuI-q39lCMjlle01CrxLlyCgvKz0SBSfgXEbQ6JTVGAwW2NfXlthcrecr7d00oSPXbb4CBt-7AbMGCD7QnXveiUjjuZmGLGnuw&sig=Cg0ArKJSzC6nCzwl2iXNEAE&urlfix=1&adurl=

Requested by

Host: t.co
URL: https://t.co/E4v3YKq1aj

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Nov 2020 18:34:32 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A6AD 75 KB
29 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: t.co
URL: https://t.co/E4v3YKq1aj

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

167e7c3c736fa71524437138f82e22185f38b626b4f8f92291ae20d6fe5f0518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605529771095600"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame A6AD 320 KB
107 KB 34ms
29ms Script
application/x-javascript 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: t.co
URL: https://t.co/E4v3YKq1aj
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9291d9d87d61a0608d3a6b508cb92fa452e2ad612696a66716201dffdf968927

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:32 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 21:24:39 GMT
server: AmazonS3
x-amz-request-id: A1A0B3F940F1DAC9
etag: "6a6dcf414007d90f491fd34c0ded6f44"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=41318
accept-ranges: bytes
content-length: 108768
x-amz-id-2: UR43//usmS5qM1+drhO+VGGwyXg2cnXCFBwLWVAMph1p2VgbAm2TDGDUM47RWoyL9kOfX+yVfbU=

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 76DF 2 KB
2 KB 11ms
7ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 11:08:58 GMT
x-content-type-options: nosniff
age: 26734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
server: cafe
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 18 Nov 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 76DF 295 B
325 B 12ms
8ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 22:32:01 GMT
x-content-type-options: nosniff
age: 72151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
server: cafe
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 17 Nov 2020 22:32:01 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 76DF 0
0 17ms
13ms Image
text/html 2a00:1450:4001:81b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTAZB75egtLZWMRLDnQ0W3-_19XK1DsZcymY3mdWOw7c_FsMlGi9IIvoE57SrWr6va6mVfbCMBWzfnRdOUC9cfVg50ozw
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 76DF 0
0 43ms
39ms Image
text/html 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNs3Xtxe0X7zuI4Ps3wOFs434BLqrvtBfgqy-0tYL2_zqggEQASDMka4iYPuBgICICqAB55HA1APIAQmpAsNTgknp7LM-4AIAqAMByAMKqgTEAk_QPUt1Y8xqG1w43d8IFS1MRjlpMhiohQp-X7jyewKVIdl-Ax12Jxb26TFhiLb1kDOyYij2VAPGD90dgvgM6VIcPRkGh-bbQFCkS8w0GvpRI-QfvEqWxbCv7NWd5BG4kgcDQE6r7e2_jknW2o7I9E4RT5fMZ_QEIOZpP1Y8DTZxzmPtvaCutFYcQ-EvX9S7N-Nipq-2m7AKrDR9pvS2xsLKxLPvua_k7KqGNARZ3mYi4Yc4q7W8ceXtlzedQsNPO_P-UuLNoeUXI4dlb6WieHlL3i5LRk5O69a-lXFsfidUQ6Q8vpv-a9eJ6lzW7CRF-lBGvg9K-m8nGZjAyigF2tx3V40gs0Q32x5G5wJDB85ZZeXm_ykxBpVsz9-tiwD5I73Xcfj5YUctWcZUHA3oPIy1yi4PwrX41J7H4S5D2rfH915ykcAEvN71k5sD4AQBkgUECAQYAZIFBAgFGASgBi6AB4yzrI4BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEENrmPtIICQiA4YAQEAEYHYAKA8gLAdgTAogUBLIXGgoYCAESFHB1Yi0xOTkxNjc5NjI0MzMxMzY5&sigh=gkwObs960tU&template_id=5000&tpd=AGWhJmtM25nTIMzOnXFpw1TfH9exhSlwKX9djS2QACK-CtqO-g
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s12-in-f34.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 14655958281695633732
tpc.googlesyndication.com/simgad/ Frame 8D5C 22 KB
22 KB 11ms
8ms Image
image/jpeg 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14655958281695633732?

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

230babd80f98a4c948536c8cc393e120493e14c1aa4ca05d73f9d903108ddff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 11:20:35 GMT
x-content-type-options: nosniff
age: 112437
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22864
x-xss-protection: 0
last-modified: Mon, 09 Nov 2020 11:05:18 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Nov 2021 11:20:35 GMT

GET
H3-Q050 200 13118476356702453636
tpc.googlesyndication.com/simgad/ Frame A9A3 123 KB
123 KB 13ms
10ms Image
image/gif 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13118476356702453636

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4691d2d9bbf29b666d996e8cb483e60fa6f3e071f1091a57c2b3ac4413216b24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:31:54 GMT
x-content-type-options: nosniff
age: 86558
x-dns-prefetch-control: off
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125745
x-xss-protection: 0
last-modified: Wed, 28 Oct 2020 10:19:08 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Nov 2021 18:31:54 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A9A3 2 KB
2 KB 10ms
8ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 11:08:58 GMT
x-content-type-options: nosniff
age: 26734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
server: cafe
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 18 Nov 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A9A3 295 B
320 B 10ms
8ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 22:32:01 GMT
x-content-type-options: nosniff
age: 72151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
server: cafe
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 17 Nov 2020 22:32:01 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A9A3 0
0 18ms
15ms Image
text/html 2a00:1450:4001:81b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ2ovWDandEYj5Fy5eYODiY9dWYnVuJrnnwpfyXALSE11MlGq2wFHVJE8vm1GQzrUJg1gc7UV7EUJcAQAoxTIsaQmGdYQ
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A9A3 0
0 43ms
41ms Image
text/html 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CKRrutxe0X8DuI4Ps3wOFs434BKa395hgkfDs9sgM8-uLnKwJEAEgzJGuImD7gYCAiAqgAa3ciogDyAED4AIAqAMByAMIqgTGAk_QYrTLeraRN8D93xVPbQJet7ECBAF5ivb5vtS6ffnPSkD8ozawDynnQu1cJkfOmsSh8BC8uT8Vqv-lB9Z7Cfx_e1pWkDYmU3Fo7biLfNWcP7nh5oUWxPDzGZO_cqJLBBnfoBhRYUmAZbp6bpa-E0nfAE0xCodh1MnGv4D2dNiDL5woPnedNDD7CYg9jsrHH0yfm55dY-g-SoHKVEIvoTfP5HyCPTWXCIWLqwIIDiaLoz2XwKtu65sZGcvT98dSH3z_Z8k8aPgP8rFCvOPVxsg2BU37jjS6FwYMFkKd9fk_UQpxSi-nr_slA4hlOVqpvXewS1LoFW1WuXhtKKD5IMnKHGZQNR4nS8dV-3cl1Lj_BaZCEhbbQDc_Y4U5FzWggSbcesN8AE13mSmlMNxuqnbOrXY3nKYqWYiSvDYmSZ3fU2oaj4omwAT55NyH-wLgBAGSBQQIBBgBkgUECAUYBKAGA4AH2oDHa6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHAxCJL9IICQiA4YAQEAEYHYAKA8gLAdgTDLIXGgoYCAESFHB1Yi0xOTkxNjc5NjI0MzMxMzY5&sigh=JxBYBkj80Bc&tpd=AGWhJmuesOhOJqTJbHGRAoltp3pf_8IOTcRyoM5mtxlWU_JyvQ
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s12-in-f34.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 29ms
28ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBS_PREBID_HEADER1&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=https%3A%2F%2Ft.co&t=1605638071511&de=13384738106&rx=799663173974&m=0&ar=a63e245-clean&iw=b2c8261&q=3&cb=0&cu=1605638071511&ll=2&lm=0&ln=0&em=0&en=0&d=25365849%3A465723849%3A4676441751%3A138290752599&zMoatAType=content_article&zMoatTest=zdnet&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&id=1&ii=4&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A745%3A745%3A0%3A764&fs=186589&na=828632400&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 20ms
20ms XHR
application/json 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

843150e3e7cb6ca5bdd0906c58e6519a77b619bc8de6c13db08f537edd2ca813

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Nov 2020 18:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6441
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A262 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce0f12757c602e467e0ba992fe21d50f108ae3572b79b8c48a7c00bbf285abee

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 76DF 14 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.zdnet.com
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 20:29:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:17 GMT
server: sffe
age: 511507
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14816
x-xss-protection: 0
expires: Thu, 11 Nov 2021 20:29:25 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 76DF 14 KB
14 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.zdnet.com
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 20:28:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:06 GMT
server: sffe
age: 511557
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14608
x-xss-protection: 0
expires: Thu, 11 Nov 2021 20:28:35 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068760

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8D5C 0
22 B 40ms
40ms Image
image/gif 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstk7ODxmLO4wN4L7fMfUtFI0kjMooaz9RxKGAd4FJNNw4j3B8m9k7p5UGONQaOcBSowkFfrO2hW9rWaOhFCWzKnliufCVmj0onVjl5dNOCXQuWsN0tLEp5pPPeHRtUkzjsR6bFrFYcLo4bGFQ_z7lnx8GrlHltwPxlX6qs31G6t8Oz5lS1RJC7jk5-755LAGRmVwtKW3UDJ3tv3D9FMD3EYe8RCG7XtOwdoCC9DUOuNaeolt1uhK1ck-EHKBtUc6SQsmAt_z3d3Nw0HtZHe&sig=Cg0ArKJSzMOpwN6GwyVqEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Nov 2020 18:34:32 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 sfp.js Show response
native.sharethrough.com/assets/ 277 KB
85 KB 46ms
46ms Script
application/javascript 65.9.96.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://native.sharethrough.com/assets/sfp.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202011151531/wrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 070beb03a0b3c092d13d33b3ed55202f04ebe6063cc924372e49a80ff869a011

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 17:41:36 GMT
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 17:41:32 GMT
server: AmazonS3
age: 3177
etag: W/"bffc80b480647868698a7ab7183cbac5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=3600
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: 6fMzjUgAv_Fo6am_leLMNozJ_xlI0AbexVrO1t6sChXhA5EoIKUq9w==
via: 1.1 41b7bdf4fb536a6c72b9f49d9b6affe9.cloudfront.net (CloudFront)
expires: Tue, 17 Nov 2020 18:41:30 GMT

GET
DATA 200
OK truncated
/ Frame 89B6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3cbd8800cd1657aa39c91babfe2b8a776cf2ef5deeca144d6b08998f04a02a67

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 89B6 0
22 B 39ms
38ms Image
image/gif 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvA9WhSvFcRtMmNJ9mCOu91iRAVWS7RdPfCb0BL-V6U0EPxaqQY4WxV-sWUGR_yinXj5SJ5WNyx04r-GMH9RnjG3NziV5ZwMVD8PWFD-dsX1KjOpNWsSV8HW5PNWvr6WFryObsO3ExMd1SWgx7c9weYyGHYfzOeDTFvPZPTb0yJKYI9tur8WYK1jnOD04Zzb2yeO7Q2gaQd2sf-3llbaVpwImgATmmEXXoFA682kNZG7uPU6QEFn66-XcaX5P9bkBwgmNle1eD06kdlRxua&sig=Cg0ArKJSzGEqd3iiEi6oEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Nov 2020 18:34:32 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8D5C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48a4765f21602b52a75e68635d658b7146839d5a454e8b98a03d8b62d20d73b7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
253 B 29ms
28ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=3&fi=0&apd=6&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=51085689&L2id=2753226908&L3id=5526751081&L4id=138329746587&S1id=23605329&S2id=23619609&ord=1605638072456&r=247545460358&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0fba2834-a6e2-4c5e-94b6-4200d4238815&zMoatCURL=zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals&zMoatPS=top&zMoatPT=article&zMoatSL=mpu-plus-top%3FT-1000&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H2 200 pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
253 B 30ms
29ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=3&fi=0&apd=6&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=51085689&L2id=2753226908&L3id=5526751081&L4id=138329746587&S1id=23605329&S2id=23619609&ord=1605638072456&r=247545460358&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0fba2834-a6e2-4c5e-94b6-4200d4238815&zMoatCURL=zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals&zMoatPS=top&zMoatPT=article&zMoatSL=mpu-plus-top%3FT-1000&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H2 200 store.phtml
ad.clipcentric.com/user-9/resources/ Frame 3986 0
0 38ms
37ms Document
text/html 13.224.93.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.clipcentric.com/user-9/resources/store.phtml?v200530
Requested by: Host: clipcentric-a.akamaihd.net
URL: https://clipcentric-a.akamaihd.net/ad/B=244/F=1068986/C=105721/P=22/A=105720/L=21/V=23/S=TOaLnfSR/ad.js?q=1604705524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-101.zrh50.r.cloudfront.net
Software: Apache/2.2.34 /
Resource Hash

Request headers

:method: GET
:authority: ad.clipcentric.com
:scheme: https
:path: /user-9/resources/store.phtml?v200530
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 2976
date: Sun, 31 May 2020 03:03:03 GMT
server: Apache/2.2.34
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: I8DyLDWoPtg0P8FH3IhZodLcplSgyIUW3O9prqcfPdtM3a8hZFeepw==
age: 14743889

GET
H2 200 cbsi_ads_skyboxKit.js Show response
rev.cbsi.com/common/js/ Frame A262 12 KB
3 KB 94ms
93ms Script
application/javascript 2a04:4e42:31::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://rev.cbsi.com/common/js/cbsi_ads_skyboxKit.js

Requested by

Host: t.co
URL: https://t.co/E4v3YKq1aj

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:31::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4dbdcbed018562c656e6c5b5515ef82736596af03d573b06a50951d802f1e725

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:32 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 894
x-cache: HIT
status: 200
content-length: 2691
x-served-by: cache-ewr18153-EWR
access-control-allow-origin: *
last-modified: Fri, 23 Oct 2020 17:13:17 GMT
server: AmazonS3
x-timer: S1605638073.637439,VS0,VE0
etag: "d0afa4a98aa5509aad29266c3dca9dbb"
strict-transport-security: max-age=300
content-type: application/javascript
via: 1.1 varnish
accept-ranges: bytes
x-cache-hits: 66

GET
DATA 200
OK truncated
/ Frame 1506 750 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9cac3eeba1fc86e06fdc013a4c52742e9b4bd14b7be6517321127d4515095ce

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 E=in,im,fi
tr.clipcentric.com/s/B=244/F=1068986/C=105721/P=22/A=105720/L=21/V=23/S=TOaLnfSR/Z=1/I=120.711235.1605638072509/U=www.zdnet.com/T=67/M=i/D=d/PO=zdnet.com/LO=5536907755/VO=138330866815/ Frame A262 35 B
136 B 96ms
93ms Image
image/gif 3.227.69.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1068986/C=105721/P=22/A=105720/L=21/V=23/S=TOaLnfSR/Z=1/I=120.711235.1605638072509/U=www.zdnet.com/T=67/M=i/D=d/PO=zdnet.com/LO=5536907755/VO=138330866815/E=in,im,fi
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.69.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-69-189.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 17 Nov 2020 18:34:32 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 xlr9vC2d.webp
clipcentric-a.akamaihd.net/file/1068966/ad_q75/1604705147/ Frame A262 16 KB
16 KB 27ms
24ms Image
image/webp 2.16.177.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clipcentric-a.akamaihd.net/file/1068966/ad_q75/1604705147/xlr9vC2d.webp
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.177.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-177-50.deploy.static.akamaitechnologies.com
Software: Apache/2.2.34 /
Resource Hash: 72abfb31f44d9d6ae87bfbebfe2e1eef8d44e58bd6f1603c764d029e9bcfae3e

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:32 GMT
last-modified: Fri, 06 Nov 2020 23:32:08 GMT
server: Apache/2.2.34
status: 200
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 16342

GET
H2 200 w4dKN9Ed.webp
clipcentric-a.akamaihd.net/file/1068964/ad_q75/1604705147/ Frame A262 15 KB
15 KB 27ms
24ms Image
image/webp 2.16.177.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clipcentric-a.akamaihd.net/file/1068964/ad_q75/1604705147/w4dKN9Ed.webp
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.177.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-177-50.deploy.static.akamaitechnologies.com
Software: Apache/2.2.34 /
Resource Hash: 9b4ca722833450a27d0f22918f250ba5882cadc1af54ac014d7c06f2b9805b1c

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:32 GMT
last-modified: Fri, 06 Nov 2020 23:32:07 GMT
server: Apache/2.2.34
status: 200
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 14862

GET
H2 200 E=ls:load%20CBSi%20js%20file.0,li
tr.clipcentric.com/s/B=244/F=1068986/C=105721/P=22/A=105720/L=21/V=23/S=TOaLnfSR/Z=1/I=120.711235.1605638072509/U=www.zdnet.com/T=73/M=i/D=d/PO=zdnet.com/LO=5536907755/VO=138330866815/ Frame A262 35 B
136 B 96ms
94ms Image
image/gif 3.227.69.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1068986/C=105721/P=22/A=105720/L=21/V=23/S=TOaLnfSR/Z=1/I=120.711235.1605638072509/U=www.zdnet.com/T=73/M=i/D=d/PO=zdnet.com/LO=5536907755/VO=138330866815/E=ls:load%20CBSi%20js%20file.0,li
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.69.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-69-189.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 17 Nov 2020 18:34:32 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 E=ls:Super%20Billboard.0
tr.clipcentric.com/s/B=244/F=1068986/C=105721/P=22/A=105720/L=21/V=23/S=TOaLnfSR/Z=1/I=120.711235.1605638072509/U=www.zdnet.com/T=78/M=i/D=d/PO=zdnet.com/LO=5536907755/VO=138330866815/ Frame A262 35 B
136 B 96ms
93ms Image
image/gif 3.227.69.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1068986/C=105721/P=22/A=105720/L=21/V=23/S=TOaLnfSR/Z=1/I=120.711235.1605638072509/U=www.zdnet.com/T=78/M=i/D=d/PO=zdnet.com/LO=5536907755/VO=138330866815/E=ls:Super%20Billboard.0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.69.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-69-189.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 17 Nov 2020 18:34:32 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 E=ls:hotspots%20collapsed.0
tr.clipcentric.com/s/B=244/F=1068986/C=105721/P=22/A=105720/L=21/V=23/S=TOaLnfSR/Z=1/I=120.711235.1605638072509/U=www.zdnet.com/T=98/M=i/D=d/PO=zdnet.com/LO=5536907755/VO=138330866815/ Frame A262 35 B
136 B 97ms
95ms Image
image/gif 3.227.69.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1068986/C=105721/P=22/A=105720/L=21/V=23/S=TOaLnfSR/Z=1/I=120.711235.1605638072509/U=www.zdnet.com/T=98/M=i/D=d/PO=zdnet.com/LO=5536907755/VO=138330866815/E=ls:hotspots%20collapsed.0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.69.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-69-189.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 17 Nov 2020 18:34:32 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 E=ls:on%20scroll%20full%20collapse.0
tr.clipcentric.com/s/B=244/F=1068986/C=105721/P=22/A=105720/L=21/V=23/S=TOaLnfSR/Z=1/I=120.711235.1605638072509/U=www.zdnet.com/T=99/M=i/D=d/PO=zdnet.com/LO=5536907755/VO=138330866815/ Frame A262 35 B
136 B 96ms
94ms Image
image/gif 3.227.69.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1068986/C=105721/P=22/A=105720/L=21/V=23/S=TOaLnfSR/Z=1/I=120.711235.1605638072509/U=www.zdnet.com/T=99/M=i/D=d/PO=zdnet.com/LO=5536907755/VO=138330866815/E=ls:on%20scroll%20full%20collapse.0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.69.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-69-189.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 17 Nov 2020 18:34:32 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 E=ls:custom%20ad%20controls.0
tr.clipcentric.com/s/B=244/F=1068986/C=105721/P=22/A=105720/L=21/V=23/S=TOaLnfSR/Z=1/I=120.711235.1605638072509/U=www.zdnet.com/T=101/M=i/D=d/PO=zdnet.com/LO=5536907755/VO=138330866815/ Frame A262 35 B
136 B 95ms
94ms Image
image/gif 3.227.69.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1068986/C=105721/P=22/A=105720/L=21/V=23/S=TOaLnfSR/Z=1/I=120.711235.1605638072509/U=www.zdnet.com/T=101/M=i/D=d/PO=zdnet.com/LO=5536907755/VO=138330866815/E=ls:custom%20ad%20controls.0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.69.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-69-189.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 17 Nov 2020 18:34:32 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A6AD 0
22 B 41ms
40ms Image
image/gif 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIvUf5vzyFhyo1ayYLuKYeEfNdjbhrdAvoAj8pU-uiCG2Waa7PlV7_CEjXf-2xjfry8LGnSnqlZUOPhvNIIqxvra1a42zk5hwQd53jJLnGNhT9Q1JbxeQMfVhMXAT8A10an3Yjw8kNNSIO2_3a_lU8t9T5A0krFXoRHsB4Xj3a3a-L_fn8LH0p-R8KM8KIa_dfo5W7FUstFPx67nhWrVqObkT8-Po-fQZaZdnvBKv6B5mBiwDAZ51jTVprPR3FCBX-6E9-hAVzeiw&sig=Cg0ArKJSzKO8ogCU9pOPEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Nov 2020 18:34:32 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 28ms
28ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBS_PREBID_HEADER1&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=https%3A%2F%2Ft.co&t=1605638071511&de=665970228262&rx=799663173974&m=0&ar=a63e245-clean&iw=b2c8261&q=4&cb=0&cu=1605638071511&ll=2&lm=0&ln=0&em=0&en=0&d=25365849%3A465723849%3A4676441751%3A138290752599&zMoatAType=content_article&zMoatTest=zdnet&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&id=1&ii=4&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A745%3A745%3A0%3A764&fs=186589&na=41179526&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame DF80 54 KB
18 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: rev.cbsi.com
URL: https://rev.cbsi.com/common/js/adKit.min.js?183053362

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d04cee2fb125cce02cb0fc527726a4753abde046ec2d5412d318d1765c70ceb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "696 / 112 of 1000 / last-modified: 1605615595"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18261
x-xss-protection: 0
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A262 0
22 B 38ms
38ms Image
image/gif 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3jiU0-hO5yo6C8g83L_z95uaNSTCL2G8SjiYena3o2yPSyuUdjQe7f1m5P95g2sA5Bcw1LOH1fB4YUeMLUBOg3GI3j1xqNhF-_hyobCYO5HpXZdwd6SSBspLOY7ZAedhB7wHysH6HCxkAvwX8W7g8H6SqsiZ5gs9q4GggkfkGnn7VsFqkd4g6eJ8q0wqmv0856nMtrSmUiuGFd3_B4bDYmq3Y1DEpnpPqWV5FCaaqY2d19exezPZaAj-eNcH-oqj7UOAviQUVwxYdyljq&sig=Cg0ArKJSzCOikzqLaENbEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Nov 2020 18:34:32 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
253 B 28ms
27ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=273&fi=0&apd=276&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=51085689&L2id=2753226908&L3id=5526751081&L4id=138329746587&S1id=23605329&S2id=23619609&ord=1605638072456&r=247545460358&t=hdn&os=1&fi2=0&div1=0&ait=135&zMoatVGUID=0fba2834-a6e2-4c5e-94b6-4200d4238815&zMoatCURL=zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals&zMoatPS=top&zMoatPT=article&zMoatSL=mpu-plus-top%3FT-1000&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A9A3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

44ms
41ms

Image
text/html

2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 17 Nov 2020 18:34:32 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame F154 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Tue, 17 Nov 2020 17:46:21 GMT
expires: Wed, 17 Nov 2021 17:46:21 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2891
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 27ms
27ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBS_PREBID_HEADER1&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=https%3A%2F%2Ft.co&t=1605638071511&de=232838437095&rx=799663173974&m=0&ar=a63e245-clean&iw=b2c8261&q=5&cb=0&cu=1605638071511&ll=2&lm=0&ln=0&em=0&en=0&d=25365849%3A465723849%3A4676441751%3A138290752599&zMoatAType=content_article&zMoatTest=zdnet&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&id=1&ii=4&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A745%3A745%3A0%3A764&fs=186589&na=1253724776&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H2 200 pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
253 B 30ms
29ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=96&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1605638071511&r=665970228262&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals&zMoatPS=0&zMoatPT=0&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H2 200 pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
253 B 30ms
30ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=96&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1605638071511&r=665970228262&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals&zMoatPS=0&zMoatPT=0&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 76DF 2 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 11:08:58 GMT
x-content-type-options: nosniff
age: 26734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
server: cafe
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 18 Nov 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 76DF 295 B
389 B 7ms
7ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 22:32:01 GMT
x-content-type-options: nosniff
age: 72151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
server: cafe
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 17 Nov 2020 22:32:01 GMT

GET
H3-Q050 200 13118476356702453636
tpc.googlesyndication.com/simgad/ Frame A9A3 123 KB
123 KB 10ms
9ms Image
image/gif 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13118476356702453636

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4691d2d9bbf29b666d996e8cb483e60fa6f3e071f1091a57c2b3ac4413216b24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 18:31:54 GMT
x-content-type-options: nosniff
age: 86558
x-dns-prefetch-control: off
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125745
x-xss-protection: 0
last-modified: Wed, 28 Oct 2020 10:19:08 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Nov 2021 18:31:54 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A9A3 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 11:08:58 GMT
x-content-type-options: nosniff
age: 26734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
server: cafe
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 18 Nov 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A9A3 295 B
320 B 9ms
9ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 16 Nov 2020 22:32:01 GMT
x-content-type-options: nosniff
age: 72151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
server: cafe
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 17 Nov 2020 22:32:01 GMT

GET
H2 200 pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
253 B 33ms
27ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=109&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1605638071511&r=665970228262&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals&zMoatPS=0&zMoatPT=0&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H2 200 pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
253 B 33ms
28ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=13&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1605638071511&r=232838437095&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals&zMoatPS=0&zMoatPT=0&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H2 200 pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
253 B 35ms
30ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=13&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1605638071511&r=232838437095&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals&zMoatPS=0&zMoatPT=0&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H3-Q050 200 pubads_impl_2020111601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DF80 277 KB
97 KB 90ms
90ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

sffe /

Resource Hash

c442ff155dca60045b1a65d836acc2e876fd92ed4ad2e1b61272940530839837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99683
x-xss-protection: 0
last-modified: Mon, 16 Nov 2020 09:37:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 30ms
29ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F13118476356702453636&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1605638071511&de=665970228262&rx=799663173974&cu=1605638071511&m=1318&ar=a63e245-clean&iw=b2c8261&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4832&le=1&lf=43&lg=1&lh=7&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A745%3A745%3A0%3A764&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=96&cd=0&ah=96&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=186589&na=795938850&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H2 200 pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
253 B 28ms
27ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=88&fi=1&apd=176&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=67075449&L2id=2774809331&L3id=5536907755&L4id=138330866815&S1id=23605329&S2id=23619609&ord=1605638072388&r=478491406815&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0fba2834-a6e2-4c5e-94b6-4200d4238815&zMoatCURL=zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals&zMoatPS=nav&zMoatPT=article&zMoatSL=nav-ad%3FT-1000&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H2 200 pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
253 B 29ms
28ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=88&fi=1&apd=176&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=67075449&L2id=2774809331&L3id=5536907755&L4id=138330866815&S1id=23605329&S2id=23619609&ord=1605638072388&r=478491406815&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0fba2834-a6e2-4c5e-94b6-4200d4238815&zMoatCURL=zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals&zMoatPS=nav&zMoatPT=article&zMoatSL=nav-ad%3FT-1000&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H2 200 pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
253 B 30ms
29ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=88&fi=1&apd=176&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=67075449&L2id=2774809331&L3id=5536907755&L4id=138330866815&S1id=23605329&S2id=23619609&ord=1605638072388&r=478491406815&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0fba2834-a6e2-4c5e-94b6-4200d4238815&zMoatCURL=zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals&zMoatPS=nav&zMoatPT=article&zMoatSL=nav-ad%3FT-1000&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H2 200 E=ls:on%20scroll%20full%20collapse.1
tr.clipcentric.com/s/B=244/F=1068986/C=105721/P=22/A=105720/L=21/V=23/S=TOaLnfSR/Z=1/I=120.711235.1605638072509/U=www.zdnet.com/T=408/M=i/D=d/PO=zdnet.com/LO=5536907755/VO=138330866815/ Frame A262 35 B
136 B 92ms
92ms Image
image/gif 3.227.69.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1068986/C=105721/P=22/A=105720/L=21/V=23/S=TOaLnfSR/Z=1/I=120.711235.1605638072509/U=www.zdnet.com/T=408/M=i/D=d/PO=zdnet.com/LO=5536907755/VO=138330866815/E=ls:on%20scroll%20full%20collapse.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.69.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-69-189.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 17 Nov 2020 18:34:32 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

POST
H/1.1 204
No Content /
684dd307.akstat.io/ 0
354 B 116ms
92ms Other
image/gif 2a02:26f0:6c00:287::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd307.akstat.io/

Requested by

Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:287::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 17 Nov 2020 18:34:33 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Tue, 17 Nov 2020 18:34:33 GMT

GET
DATA 200
OK truncated
/ Frame 1506 801 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b526196d510bc11f40effba13f1b9e1792120b1f40b453695e8d7dcc05cf38d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
253 B 27ms
27ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=110&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1605638071511&r=232838437095&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals&zMoatPS=0&zMoatPT=0&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H2 200 pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
253 B 29ms
28ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=115&fi=1&apd=203&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=67075449&L2id=2774809331&L3id=5536907755&L4id=138330866815&S1id=23605329&S2id=23619609&ord=1605638072388&r=478491406815&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=0fba2834-a6e2-4c5e-94b6-4200d4238815&zMoatCURL=zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals&zMoatPS=nav&zMoatPT=article&zMoatSL=nav-ad%3FT-1000&bedc=1&q=4&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 29ms
28ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ff0d90e3ebc7e9709526048f2b1aae216.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-37%2Fhtml%2Fcontainer.html&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=1050&gp=3230&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1605638071511&de=232838437095&rx=799663173974&cu=1605638071511&m=1327&ar=a63e245-clean&iw=b2c8261&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=3230&lb=4832&le=1&lf=43&lg=1&lh=7&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A745%3A745%3A0%3A764&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=13&cd=0&ah=13&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=186589&na=1056576254&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:32 GMT

GET
H2 200 v4 Show response
btlr.sharethrough.com/ 5 KB
2 KB 171ms
124ms XHR
application/json 3.126.224.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/v4?creative_key=DStupthLuy1iExTUA9KjMLi1iB&placement_key=8ec3a4f3&secure=true
Requested by: Host: native.sharethrough.com
URL: https://native.sharethrough.com/assets/sfp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.224.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-224-165.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 / Express
Resource Hash: a0e96c165b8a891ea6e80f7cb7026f2e54078d9cffe9a62983e8901ad7d35873

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:33 GMT
content-encoding: gzip
status: 200
server: nginx/1.18.0
x-powered-by: Express
etag: W/"1321-xzRiZQzqswIlO12A70WmmEyAkBw"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zdnet.com
access-control-allow-credentials: true
content-length: 2201

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame DF80 109 B
169 B 16ms
16ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Nov 2020 18:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame DF80 109 B
150 B 15ms
15ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Nov 2020 18:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DF80 17 KB
5 KB 90ms
90ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1677815147298810&correlator=4356509002203641&output=ldjh&impl=fifs&eid=21067995%2C21068776%2C21068418&vrg=2020111601&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201117&iu_parts=8264%2Cuk-zdnet%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=372x142%2C372x142&prev_scp=env%3Dprod%26session%3Dc%26subses%3D5%26ptype%3Darticle%26vguid%3D0fba2834-a6e2-4c5e-94b6-4200d4238815%7Cenv%3Dprod%26session%3Dc%26subses%3D5%26ptype%3Darticle%26vguid%3D0fba2834-a6e2-4c5e-94b6-4200d4238815&cookie=ID%3De131bde4f12a20e4%3AT%3D1605638071%3AS%3DALNI_MYzK3p2itO8WEAD_bbOlM4p0tNotQ&cdm=www.zdnet.com&bc=31&abxe=1&lmt=1605638073&dt=1605638073013&dlt=1605638072176&idt=823&frm=23&biw=1600&bih=1200&isw=371&ish=771&oid=3&adxs=-12245933%2C-12245933&adys=-12245933%2C-12245933&adks=3261246841%2C3261246840&ucis=59od4d5s63ih%7Covsicuny0dc0&ifi=1&ifk=884834617&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&top=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&dssz=13&icsg=10888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0%7C0x0&msz=0x0%7C0x0&ga_vid=1611330981.1605638073&ga_sid=1605638073&ga_hid=668401695&fws=256%2C256&ohw=0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

976b8a59d8807fbc2a4e27d9b6b15744ae6882aebb724619c9e0da7f8fe17566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4536
x-xss-protection: 0
google-lineitem-id: 4746066197,4746066197
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138239468731,138239375180
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d872043b835698be376806abe9914757.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame DF80 0
0 55ms
39ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d872043b835698be376806abe9914757.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame DF80 0
45 B 41ms
40ms Image
image/gif 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssq-QT90fiubO-SwmuHsFQjP7rYZ_k9ViCqZSy-WqjLTksstfi7h3y3Fjwxj5WlCrHwNzrWZzdolOlBKU7WwNXYb2XVjZ8oC5wJSrSy1PakTM5kcHIzQXE9ee3o45ZAu5Ja7HOeeAdtb_DCJ_-zs-1k9JC6I7peKj9K6Y2aGzXTp8HdcyzpcvDmv6urq_NuwuhCTxfbsNQmQJz-CXoPpcJ3SJneD5pFglCh-hmjOxktgQPhIH4xRWqI_fBa-vgNaYP-pX_aUIjeHDg&sig=Cg0ArKJSzP8VNio6jN0XEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Nov 2020 18:34:33 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 16ms
15ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111601&jk=1148853881722571&bg=!0NOl0_PNAAUoamvQKFgH9t_rBEkREAIAAACVUgAAAA1oAQcKAZiwklBUszucoavI64BJVQNkRUhd-RwXUoCxGM7zv4-UkSG6IvAq1_jNNi8dd21JAqhxjWp7sI0QH4fjiagik-DO0b9M1zpGI_vlvN9-2Wqw6nak6XyS0S4w4xyuB9LDgyN4B89X1lN9raVIaWeQF8C2P6aTp1beKrhNjuwyo5kfJ8ERma_1BZF7IM8i1keFwWxPIkzx17GS0RA2hZCDiCXd4zRe7dTPijRiQpB2GCAEAQn-77_PbMoy1Shzm_uR4owS2E3c7Xp-tE3AlrGEHqgN8iYTkAlPnQJvvnCpeskQnvVNGpl0O6Zjfshyp4SphXcrXtz2En1eSMyJNBoVNiyInhvBHkkfoFhsr3DfxMtZK6sxBnYRC8zttxo0Onaw358_LZq0MqCLb73n_tDakOedLIxJcMJnzGEL2FhC4chYEAxltSgt06kfOhEtBqyg5f4-oDV2U-dJG15P-G8MpI4dOa_qix4NzxavBjMAOdhd3vpkzQ-6Rqk1IGqlJJ8-XSmeU3jAa13m1vTa5Me59iOh2WTj-duLoCeZAbYKF-t_YlW9hv5qRkm7dfbh1Ld6XvH7BYLqVPWOsYvSwmBtiSSJnq6HbW2vUWXADVYeBR7usT9gc0rS8-0YIqgMJuDkLt1e52oiHvMFX6Fv54l1Q353ZDZQFC1ZhfMh9x6YxnsSyIfaPebu4z-0I4Ld-BXUJdbFNztHT1me1gGSe5R8VEDGj3rgEGm0Ifd0R4hB9DX1U0xhhuZRUFplodcsHUd_uyJYoXUNxH_SpnBLZ5HTnDXoosEP2v_qLgujxSfWHH1gX2p3ceyVyDCND2CXQUmkGqWsUdvB1g4OMV_W6sNxelceDq4HRCjYZb-aPuEuQw2mT-ztVB3TkLd45yrPw7S5aBBkIIHrvUexkFq-cFUo2157SdKkyX1XqVqKDA5YPS_19Pnyyo2Q63bpmlG1Ii7aUhv4fN-Qn1p0ENHiQrjz_J0ssjcVXq9idQ1tx30sqzG7SQ5RxTei7PPl78wu2jsrvZUJXgzghuTPrmA7vIzkpmY8uypZ1Q1rr1H1p6849srBe6VEkTafWfbkZKUWu722n-ipLabfHRsKC9PuQpfNpgRcsibTOqydUhrmtYRrmAC81kc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
status: 204
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 867D 0
0 98ms
97ms Fetch
image/gif 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstifYrsQt0YAGrpxfFr8lPEaJOcjVH4wF6_RNIXAwgNn6EnfELcf7N-wNK0P_BGSmlTz6X-K5Te3N9x-upSoA-P2qUF2ZEbA0o5z8rZIeP3B2rzlPbZ8MiCYmjaAY7YBWbLxlwA9RkrL121vumJLC2GAfvNkHN4l45Utx-qag5r3ICz4Wp7GP9AEdHwi5IaXFXI7FK0T505MG0MZjavxY5hODUdYvvLPQWbogB9cWWx8q7jdxmaRzNLw2ysUhrvt1ww0dT9TPEb&sig=Cg0ArKJSzB-YcbZNVtOiEAE&urlfix=1&adurl=

Requested by

Host: t.co
URL: https://t.co/E4v3YKq1aj

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Nov 2020 18:34:33 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 867D 75 KB
29 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

167e7c3c736fa71524437138f82e22185f38b626b4f8f92291ae20d6fe5f0518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605529771095600"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Tue, 17 Nov 2020 18:34:33 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 867D 320 KB
107 KB 28ms
28ms Script
application/x-javascript 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9291d9d87d61a0608d3a6b508cb92fa452e2ad612696a66716201dffdf968927

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:33 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 21:24:39 GMT
server: AmazonS3
x-amz-request-id: A1A0B3F940F1DAC9
etag: "6a6dcf414007d90f491fd34c0ded6f44"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=41317
accept-ranges: bytes
content-length: 108768
x-amz-id-2: UR43//usmS5qM1+drhO+VGGwyXg2cnXCFBwLWVAMph1p2VgbAm2TDGDUM47RWoyL9kOfX+yVfbU=

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 47C7 0
0 120ms
119ms Fetch
image/gif 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMaleXt4_yWuYPYnjYjH17r5HeuwDz8TEQm9kFQwQJrAaM_4EtQz27uUsT8lChIpOmek0uuIlKCykqKF4dFzpDURan_wH01z6GPl7pOFa-VflY7UQgfNPh4skMTLW0K19M28Lr5C0TkqtiknEBueMnAo-N9UnIin4ZroR3Igh3GPHzek4Jq1qUm23wIOYAl8MMIJU3HSEr-jIx7WNdn9Un8e1xGKHEq-eHMnpxG5tXQtPolsHCHX2EaMUaAMpLWaTellQkADIX&sig=Cg0ArKJSzPc3HrzpG-9aEAE&urlfix=1&adurl=

Requested by

Host: t.co
URL: https://t.co/E4v3YKq1aj

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Nov 2020 18:34:33 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 47C7 75 KB
29 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

167e7c3c736fa71524437138f82e22185f38b626b4f8f92291ae20d6fe5f0518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605529771095600"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Tue, 17 Nov 2020 18:34:33 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 47C7 320 KB
107 KB 29ms
29ms Script
application/x-javascript 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9291d9d87d61a0608d3a6b508cb92fa452e2ad612696a66716201dffdf968927

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:33 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 21:24:39 GMT
server: AmazonS3
x-amz-request-id: A1A0B3F940F1DAC9
etag: "6a6dcf414007d90f491fd34c0ded6f44"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=41317
accept-ranges: bytes
content-length: 108768
x-amz-id-2: UR43//usmS5qM1+drhO+VGGwyXg2cnXCFBwLWVAMph1p2VgbAm2TDGDUM47RWoyL9kOfX+yVfbU=

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF80 73 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7193a6ae7349709641cdd713db8351d7361ed1ef6bed9ee8fb7631ab4c06453e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605529771095600"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Tue, 17 Nov 2020 18:34:33 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DF80 8 KB
7 KB 26ms
26ms XHR
application/json 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b8de45d49e9640d7f22c8450b4d3b4596807e2c9dad306a808d1ba863065406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Nov 2020 18:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6616
x-xss-protection: 0

GET
H2 200 Native_-_Article_8.jpg
static.sharethrough.com/creative_workflow/creative_thumbnails/441343/images/original/ 61 KB
61 KB 59ms
57ms Image
image/jpeg 13.224.93.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sharethrough.com/creative_workflow/creative_thumbnails/441343/images/original/Native_-_Article_8.jpg
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.102 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-102.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5671e81b67a00fc8d11f854778edf04dcb5aa7ac6328a34bad69fef37a60ec9a

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:26:20 GMT
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jun 2020 10:17:28 GMT
server: AmazonS3
age: 494
etag: "08f70f342bf345de6dae21ac3e6026d1"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=600
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 62426
x-amz-cf-id: T-A3MEvgVDZ6V5GKb_Cn5OgxrWJ0Q7Y2A091m3DM59g1D_qCpHTYgw==

GET
H2 200 /
www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/ 64 KB
64 KB 122ms
119ms Image
text/html 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 151750
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Nov 2020 18:22:17 GMT
x-frame-options: SAMEORIGIN
date: Tue, 17 Nov 2020 18:34:33 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
vary: Accept-Encoding, User-Agent
x-tx-id: 508fbdc0-6ffd-47a2-872b-85e6b790fce3
content-type: text/html; charset=UTF-8
cache-control: max-age=5400, private
accept-ranges: bytes
expires: Tue, 17 Nov 2020 19:52:17 GMT

GET
H2 200 Native_-_Article_8.jpg
str-assets.imgix.net/creative_workflow/creative_thumbnails/441343/images/original/ 1 KB
2 KB 155ms
155ms Image
image/webp 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://str-assets.imgix.net/creative_workflow/creative_thumbnails/441343/images/original/Native_-_Article_8.jpg?w=170&h=89&auto=format&fit=crop&dpr=1

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

e3c9dbaf38b77ca936384790a1fd3896c74b038b6600b0bd30d5f97267a7daf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:33 GMT
x-content-type-options: nosniff
last-modified: Tue, 17 Nov 2020 18:28:56 GMT
server: imgix
age: 337
vary: Accept, User-Agent
x-cache: HIT, MISS
content-type: image/webp
status: 200
cache-control: public, max-age=600
x-imgix-id: 2d7dcc0af2b6110b91829698afd1278b60791bfc
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1534
x-served-by: cache-sjc10021-SJC, cache-fra19161-FRA

GET
H/1.1 200
OK butler
b.sharethrough.com/ 43 B
229 B 93ms
93ms Image
image/gif 52.200.8.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.sharethrough.com/butler?type=impressionReceived&arid=d-12f19a2e-1b74-4e55-b6e1-e1b329eb4ca6&pkey=8ec3a4f3&supplyId=kuSauEqV&tkey=bqSbBKSUnnhMPViET2buaJ7u&ckey=sfp-DStupthLuy1iExTUA9KjMLi1iB&vkey=DSWvsf6pWFPwLiQh8sJNAQ8YSk&umtime=1605638073130&bootTime=2623.16&benchmarkBoot=119.12500113248825&butlerLatency=192.3&awid=857dfdd4-c7d0-42a0-a76c-edae66bf8ebd&sourceId=sfp&deal_id=undefined&action=clickout&isVast=false&bwidth=1600&bheight=1200&ploc=https%253A%252F%252Fwww.zdnet.com%252Farticle%252Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%252F%253Fes_p%253D12945819&renderEnv=top&version=gc-441-c08c8642-eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.8.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-8-120.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 17 Nov 2020 18:34:33 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK butler
b.sharethrough.com/ 43 B
229 B 94ms
93ms Image
image/gif 52.200.8.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.sharethrough.com/butler?type=impression&arid=d-12f19a2e-1b74-4e55-b6e1-e1b329eb4ca6&pkey=8ec3a4f3&supplyId=kuSauEqV&tkey=bqSbBKSUnnhMPViET2buaJ7u&ckey=sfp-DStupthLuy1iExTUA9KjMLi1iB&vkey=DSWvsf6pWFPwLiQh8sJNAQ8YSk&umtime=1605638073138&renderLatency=8.245&awid=857dfdd4-c7d0-42a0-a76c-edae66bf8ebd&sourceId=sfp&deal_id=undefined&action=clickout&isVast=false&pwidth=770&pheight=149&pxoff=215&pyoff=2074&twidth=170&theight=89&bwidth=1600&bheight=1200&ploc=https%253A%252F%252Fwww.zdnet.com%252Farticle%252Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%252F%253Fes_p%253D12945819&renderEnv=top&version=gc-441-c08c8642-eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.8.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-8-120.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 17 Nov 2020 18:34:33 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DF80 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111601.js?21068776

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Tue, 17 Nov 2020 18:34:33 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 867D 0
22 B 57ms
57ms Image
image/gif 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvhxlzCGWsyVkzD6cx94IwjUJVQ5b0tynVwTScdIba_ajoqIjssNbc3MUcM8CGFDIfcTMFUNCy1EF22EeoJbFoXg00eb3rEiTneZogrGJdzrXsJBGVGocNAwoa4oSO3iiwaE43vRwrHks1r5ypFrcQ_nVO8KS3cs0kw5vPgkWC5gQY3YOjh8LUvyFDq0nCrzzTb23eAg8u7GhuOJIusNRG9eya1BPfvL42KdBLw_butw0Ha9GyFv3WSdhfWG3Ki_lvgWz5dNW9tIw&sig=Cg0ArKJSzE1vqRJ6J0raEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Nov 2020 18:34:33 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 47C7 0
22 B 47ms
46ms Image
image/gif 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuse1mKEl1ZFYpP3kRIM2yLknJps_sI-3IZvbfCZtwHsasLtcDYC0XDkayLdFlCNORQYvA9FTOLZhyRHnNxAv8N6ft9R6I8NVxKCRAJWIayUlzo43qOevJehJFyjXs9R2FHaSkGFFHcNB_7hVaoU9bGTdUhGmdHVvOeLg4T5oIi39KqqQI5DZ1ILiVmlQrX9R_sx_Fz7lbt8uxDaFmurUzFB9TzVuWaqlZ6bdt-u8KExJXtynErVOGVYBlBmRJkffjMidAtz-P08R0&sig=Cg0ArKJSzMISrkJcOwgTEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Nov 2020 18:34:33 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 9732 0
0 7ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Tue, 17 Nov 2020 17:46:21 GMT
expires: Wed, 17 Nov 2021 17:46:21 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2892
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF80 0
23 B 16ms
16ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111601&jk=1677815147298810&bg=!GBulGzvNAAVGySeIRlhATV-9YrfEpwIAAABZUgAAABFoAQcKAMKV5mWpZ2sNzKxOes5fdFh56WQ_dn04sy3beC06eTgr-fZ8hcrI98ZvvvQiNcRp6o_5jIur4zmx7YgNSpuwyIvVgjIeSGeuFj-uQgdb9yksYy7IxDh9_Ge91SykwNqMOkUKwEYYZ_B7X6fvrbKgzWCRX_zItbmvTZBrOTS3coKsRIlI-IJaP7pYGuCDOjb7aul3vxaBbOr6BU5dLI5Yg6-uOmQxp969wBOhpXNzXvkPTuhlIQOk_TvMT92oPCfsSPs9XpkBvMVNxHy8y595Fy0Il49nQIDT-KWAKG5ZauLLTjsiw08tSJl_kE77MDf51W2uJH-cizrBqW8x3052uXcy0hwyVO65NxnDFYvWS0uRmnA8RSjIMV1XBC5IIUPjQJwsqE_vzt7urPeogl76n_1TUDJklBECTuYWPFW4nWs2233lT1ZuvhgpmLSBtTGPxKmh277jC94E1BrJWHvLdkJ0PYBIixCKYSMvq4DkqR1BkOyLK_Q3dsWXvoGqPk6eCilx9Hl0_7Xi0VwCNfs0XfImV4w4IUOCI2B0ePq8650Bx-OBGYIvR_kk_0vhhmCccwQoIqhGQDANJbGpjm6lRglHrWAvZEl2ywuEm6tjzhfBB3WMLR5Gd2ay0UjyXFwm6cfhGu9iKvDQff71tczofsB-g2CNkWH93wbRcg3RkKmeN3CVTymkPfrOmebdOwU5lgDS8MsxVJy_iizN1rtEIxZUherxt7hewXSPVfG9IVNEXy96nTCw_DeJeJ762I3crOvz0Cb70qPEgJlLTJw9WJQFIy7pCEgT4ViugNXpkXYwvStt7ViodZKcf98QGUm2KObv3oPlZriK5kyKG4ysovPqFg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
status: 204
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
253 B 29ms
28ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=104&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=51085689&L2id=2638283940&L3id=5245653073&L4id=138315320936&S1id=23605329&S2id=23619609&ord=1605638072426&r=826117483299&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0fba2834-a6e2-4c5e-94b6-4200d4238815&zMoatCURL=zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals&zMoatPS=top&zMoatPT=article&zMoatSL=sharethrough-top%3FT-1000&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:33 GMT

GET
H2 200 pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
253 B 29ms
29ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=104&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=51085689&L2id=2638283940&L3id=5245653073&L4id=138315320936&S1id=23605329&S2id=23619609&ord=1605638072426&r=826117483299&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0fba2834-a6e2-4c5e-94b6-4200d4238815&zMoatCURL=zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals&zMoatPS=top&zMoatPT=article&zMoatSL=sharethrough-top%3FT-1000&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:33 GMT

GET
H2 200 pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
253 B 28ms
27ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=202&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=51085689&L2id=2638283940&L3id=5245653073&L4id=138315320936&S1id=23605329&S2id=23619609&ord=1605638072426&r=826117483299&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0fba2834-a6e2-4c5e-94b6-4200d4238815&zMoatCURL=zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals&zMoatPS=top&zMoatPT=article&zMoatSL=sharethrough-top%3FT-1000&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:33 GMT

GET
H2 200 E=wi
tr.clipcentric.com/s/B=244/F=1068986/C=105721/P=22/A=105720/L=21/V=23/S=TOaLnfSR/Z=1/I=120.711235.1605638072509/U=www.zdnet.com/T=1046/M=i/D=d/PO=zdnet.com/LO=5536907755/VO=138330866815/ Frame A262 35 B
136 B 94ms
94ms Image
image/gif 3.227.69.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=1068986/C=105721/P=22/A=105720/L=21/V=23/S=TOaLnfSR/Z=1/I=120.711235.1605638072509/U=www.zdnet.com/T=1046/M=i/D=d/PO=zdnet.com/LO=5536907755/VO=138330866815/E=wi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.69.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-69-189.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 17 Nov 2020 18:34:33 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
253 B 27ms
27ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=894&tet=1092&fi=0&apd=1095&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=51085689&L2id=2753226908&L3id=5526751081&L4id=138329746587&S1id=23605329&S2id=23619609&ord=1605638072456&r=247545460358&t=iv&os=1&fi2=0&div1=1&ait=954&zMoatVGUID=0fba2834-a6e2-4c5e-94b6-4200d4238815&zMoatCURL=zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals&zMoatPS=top&zMoatPT=article&zMoatSL=mpu-plus-top%3FT-1000&bedc=1&q=4&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:33 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8D5C 42 B
66 B 15ms
15ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCnqas7SJPn6D9cixvbiR5O8umDJueQzYh8Dr3KUEpjMkqBSfyogFSy9a3YVvflRSrNcwMrgpytfme7iqnsYaYrH9wfgohjhue6AUEz30&sig=Cg0ArKJSzNBhMYomrHrIEAE&adk=1925781520&tt=-1&bs=1600%2C1200&mtos=0,1072,1072,1072,1072&tos=0,1072,0,0,0&p=718,1050,1318,1350&mcvt=1072&rs=0&ht=0&tfs=318&tls=1390&mc=0.92&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=3&niot_cbk=311&md=2&btr=0&cpmav=0&lm=2&rst=1605638072273&dlt&rpt=486&isd=0&msd=0&xdi=0&postrxl=1&ps=1600%2C4956&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1389&is=300%2C600&iframe_loc=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201116

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A262 42 B
66 B 16ms
15ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRSCsMtTyFSZsUcG7vIVB0oOZXYCSO_RKPwraeNXcnWyEXBbDkxeMRuAmZhRKp6PgJTbSPP6iKiON3X3LcRwgXgpbWNO62PIqLvMOkA8g&sig=Cg0ArKJSzL7gb2cJwOjeEAE&adk=2072725681&tt=-1&bs=1600%2C1200&mtos=1030,1030,1030,1030,1030&tos=1030,0,0,0,0&p=0,0,105,1600&mcvt=1030&rs=0&ht=0&tfs=579&tls=1609&mc=1&lte=-1&bas=0&bac=0&met=ce&avms=nio&niot_obs=417&niot_cbk=479&md=2&btr=0&cpmav=0&lm=2&rst=1605638072109&dlt&rpt=778&isd=0&msd=0&xdi=0&postrxl=1&ps=1600%2C4956&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-6-11-11-0-0-0&tvt=1604&is=1600%2C105&iframe_loc=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201116

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 76DF 42 B
66 B 23ms
22ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuU6MGQyQoHFl1_y_jqMb1Bx3pGR_408ly3GtRNxvH1Slg1yYj0ErVn8ukiX0HWklwNH4KX9O4nP5b4FyADLb9LBelD8nyLRCovb4o3a-Dg9dva0TPuIUiWLhvDAg&sai=AMfl-YTuG1v5kXxwW5vuGdXioltLVmcrYVTG0ITpuPF9m_pL5dYsxETccN99GZ8VnksOOPu0inAgNgYTXFoZ8rbRBjEsP84Mhg6Ka8JOW-vrQObcD2Y2XzzVAoFm7K5r&sig=Cg0ArKJSzP7b4Pl5m1DiEAE&cid=CAASF-RoSCaxywuamKzEPmt4QPAPeJq7eGaZ&id=ampim&o=315,438&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=248&tls=1248&g=100&h=100&tt=1248&r=v&avms=ampa&adk=3581870410

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
253 B 30ms
29ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1020&tet=1133&fi=1&apd=1221&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=67075449&L2id=2774809331&L3id=5536907755&L4id=138330866815&S1id=23605329&S2id=23619609&ord=1605638072388&r=478491406815&t=iv&os=1&fi2=0&div1=1&ait=704&zMoatVGUID=0fba2834-a6e2-4c5e-94b6-4200d4238815&zMoatCURL=zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals&zMoatPS=nav&zMoatPT=article&zMoatSL=nav-ad%3FT-1000&bedc=1&q=5&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:33 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 29ms
28ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1605638071511&de=665970228262&rx=799663173974&cu=1605638071511&m=6466&ar=a63e245-clean&iw=b2c8261&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4956&le=1&lf=43&lg=1&lh=7&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A745%3A745%3A0%3A764&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5046&cd=96&ah=5046&am=96&rf=0&re=1&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=186589&na=536524629&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:37 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 28ms
27ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=1050&gp=3230&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1605638071511&de=232838437095&rx=799663173974&cu=1605638071511&m=6669&ar=a63e245-clean&iw=b2c8261&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=3230&lb=4956&le=1&lf=43&lg=1&lh=7&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A745%3A745%3A0%3A764&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5151&cd=13&ah=5151&am=13&rf=0&re=1&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=186589&na=634592291&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:38 GMT

POST
H/1.1 200
OK NRJS-04e0f5db0886b3b33ff Show response
bam-cell.nr-data.net/events/1/ 24 B
489 B 150ms
149ms XHR
image/gif 162.247.243.146
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/NRJS-04e0f5db0886b3b33ff?a=450235099&v=1184.ab39b52&to=ZFMHbUMCXktYWxJZX10ZJFpFCl9WFlkURFlQWgBmQgpeX1Vd&rst=11573&ck=1&ref=https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Date: Tue, 17 Nov 2020 18:34:41 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
CF-Ray: 5f3b8c1b1c870877-CDG
Content-Length: 24
cf-request-id: 067915e4f100000877a0b79000000001

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 33ms
33ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=11&i=CBS_PREBID_HEADER1&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&k=&bq=11&f=0&j=https%3A%2F%2Ft.co&t=1605638071511&de=13384738106&rx=799663173974&m=0&ar=a63e245-clean&iw=b2c8261&q=34&cb=0&cu=1605638071511&ll=2&lm=0&ln=0&em=0&en=0&d=25365849%3A465723849%3A4676441751%3A138290752599&zMoatAType=content_article&zMoatTest=zdnet&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&id=1&ii=4&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A745%3A745%3A0%3A764&fs=186589&na=1496213384&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:41 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:41 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 28ms
28ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&id=1&ii=4&f=0&j=https%3A%2F%2Ft.co&t=1605638071511&de=665970228262&rx=799663173974&cu=1605638071511&m=11495&ar=a63e245-clean&iw=b2c8261&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4956&le=1&lf=43&lg=1&lh=7&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A745%3A745%3A0%3A764&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10077&cd=5046&ah=10077&am=5046&rf=0&re=1&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=186589&na=2030759243&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:43 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 31ms
30ms Image
image/gif 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.zdnet.com%2F%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=1634153949&tf=nMzjG---CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=105&w=1600&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&id=1&ii=4&cm=0&f=0&j=https%3A%2F%2Ft.co%2FE4v3YKq1aj&t=1605638072388&de=478491406815&cu=1605638072388&m=10621&ar=a63e245-clean&iw=6dd421e&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4956&le=1&lf=0&lg=1&lh=249&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A745%3A745%3A1510%3A764&as=1&ag=10188&an=5361&gi=1&gf=10188&gg=5361&ix=10188&ic=10188&ez=1&ck=1133&kw=1020&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10188&bx=5361&ci=1133&jz=1020&dj=1&aa=1&ad=10087&cn=5260&gn=1&gk=10087&gl=5260&ik=10087&co=1032&cp=1020&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10074&cd=5247&ah=10074&am=5247&rf=0&re=1&ft=4831&fv=4831&fw=704&wb=2&cl=0&at=0&d=67075449%3A2774809331%3A5536907755%3A138330866815&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatPS=nav&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=5&zMoatH=5&zMoatVGUID=0fba2834-a6e2-4c5e-94b6-4200d4238815&zMoatSN=c&zMoatSL=nav-ad%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad&hv=CBS%20Attribute&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=nav-ad&iq=na&tt=na&tu=&tp=&tc=0&fs=186589&na=1620129929&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Nov 2020 18:34:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 17 Nov 2020 18:34:43 GMT

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.spotify.com/	1970-01-19 14:02:04	Name: sp_landing Value: https%3A%2F%2Fopen.spotify.com%2Fembed-podcast%2Fepisode%2F7Cu2KXWjzqamgiwY2ihAfD
.zdnet.com/	1970-01-19 14:10:42	Name: RT Value: "z=1&dm=zdnet.com&si=193bfde1-3fb8-408f-b1bf-963a3b38c259&ss=khmbg81f&sl=1&tt=15y&bcn=%2F%2F684dd307.akstat.io%2F&ld=162"
.zdnet.com/	1970-01-19 22:46:14	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Tue+Nov+17+2020+19%3A34%3A31+GMT%2B0100+(Central+European+Standard+Time)&version=6.7.0&hosts=&consentId=936da832-7787-4cae-94a4-89928a71777c&interactionCount=0&landingPath=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Ffbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals%2F%3Fes_p%3D12945819&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
www.zdnet.com/	1969-12-31 23:59:59	Name: viewGuid Value: 0fba2834-a6e2-4c5e-94b6-4200d4238815
.zdnet.com/	1970-01-19 14:43:50	Name: arrowImpCnt Value: 1
.zdnet.com/	1970-01-19 14:43:50	Name: ugc Value: 1605638071
.zdnet.com/	1970-01-19 14:43:50	Name: arrowImp Value: true
.zdnet.com/	1969-12-31 23:59:59	Name: fly_preferred_edition Value: eu
.zdnet.com/	1969-12-31 23:59:59	Name: fly_default_edition Value: eu
.zdnet.com/	1970-01-19 14:10:42	Name: fly_device Value: desktop
www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals	1970-01-19 14:01:15	Name: pv Value: 1
.spotify.com/	1970-01-19 15:27:02	Name: sp_t Value: 7e021285e3c3625d24ea8a665566388e
.zdnet.com/	1970-01-19 14:10:42	Name: fly_geo Value: {"countryCode": "de"}
www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals	1969-12-31 23:59:59	Name: zdnet_ad Value: %7B%22type%22%3A%22gpt%22%2C%22region%22%3A%22uk%22%2C%22subses%22%3A%225%22%2C%22session%22%3A%22c%22%7D

32 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819(Line 382) Message: Registration of service worker /service-worker.js successful with scope:https://www.zdnet.com/
console-api	log	URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819(Line 397) Message: Found registered service worker: [object ServiceWorkerRegistration]
console-api	log	URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: _injectQueryStringGCP functional
console-api	log	URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_chartbeat_video performance
console-api	log	URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_tealium functional
console-api	log	URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819(Line 94) Message: Loading iframes
console-api	log	URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819(Line 94) Message: Loading iframes
console-api	log	URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Service loaded: script_sourcepoint with class optanon-category-4
console-api	log	URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_urban_airship targeting
console-api	log	URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_taboola targeting
console-api	log	URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_async_load targeting
console-api	log	URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819(Line 240) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	(Line 21) Message: Skybox - ClipCentric ::: creative id = 138330866815, pos = nav
console-api	log	(Line 18) Message: GIF/JPG: 138329746587 (300 x 600)
console-api	log	(Line 86) Message: blank creative loaded: 138239338269 (970 x 66, pos=bottom, slot=leader-plus-bottom)
console-api	log	URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819(Line 39) Message: Sharethrough ::: creative id = 138315320936, pos = top, size = 11x11
console-api	log	(Line 57) Message: %c CBSi Skybox v2.3.015 background:#0080ff; color:#fff; border-radius:2px;
console-api	log	(Line 64) Message: [s] loaded
console-api	log	(Line 64) Message: [s] collapsed
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819
console-api	log	URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819(Line 164) Message: Dynamic Showcase Center container ::: creative id = 138247024569
console-api	log	URL: https://rev.cbsi.com/common/js/cbsi_ads_skyboxKit.js(Line 1) Message: %c CBSi Skybox Kit v4.25 background:#369; color:#fff; border-radius:2px;
console-api	log	(Line 64) Message: [s] collapsed
console-api	log	(Line 86) Message: blank creative loaded: 138239468731 (372 x 142, pos=, slot=dynamic_showcase__0)
console-api	log	(Line 86) Message: blank creative loaded: 138239375180 (372 x 142, pos=, slot=dynamic_showcase__1)
console-api	log	URL: https://www.zdnet.com/article/fbi-warning-trickbot-and-ransomware-attackers-plan-big-hit-on-us-hospitals/?es_p=12945819(Line 39) Message: Sharethrough : STR exists, calling STR.Tag.boot

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

684dd307.akstat.io
ad.clipcentric.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
adservice.google.fr
at.cbsi.com
b.sharethrough.com
bam-cell.nr-data.net
btlr.sharethrough.com
c.go-mpulse.net
cbsdfp5832910442.s.moatpixel.com
cdn.ampproject.org
cdn.cookielaw.org
clipcentric-a.akamaihd.net
cmg1.cbsistatic.com
confiant-integrations.global.ssl.fastly.net
d872043b835698be376806abe9914757.safeframe.googlesyndication.com
f0d90e3ebc7e9709526048f2b1aae216.safeframe.googlesyndication.com
fiaqj6abeejrukqce3ygyaaaabp3if5x-pwzxv5-5ee19e707-clienttons-s.akamaihd.net
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
geolocation.onetrust.com
googleads.g.doubleclick.net
js-agent.newrelic.com
kjtbf2yxg5xbcx5uc63q-pwzxv5-96365efd5-clientnsv4-s.akamaihd.net
mb.moatads.com
native.sharethrough.com
open.spotify.com
pagead2.googlesyndication.com
px.moatads.com
rev.cbsi.com
securepubads.g.doubleclick.net
static.sharethrough.com
str-assets.imgix.net
t.co
tpc.googlesyndication.com
tr.clipcentric.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
urs.zdnet.com
vidtech.cbsinteractive.com
www.google.com
www.googletagservices.com
www.summerhamster.com
www.zdnet.com
z.moatads.com
zd.net
zdnet1.cbsistatic.com
zdnet2.cbsistatic.com
zdnet3.cbsistatic.com
zdnet4.cbsistatic.com
104.111.216.96
104.244.42.197
13.224.93.101
13.224.93.102
151.101.114.110
151.101.13.194
151.101.193.188
162.247.243.146
172.217.22.38
2.16.177.50
216.58.208.34
23.55.110.17
23.55.110.31
2600:1901:1:c36::
2606:4700:10::6814:b844
2606:4700::6810:9540
2a00:1450:4001:802::2001
2a00:1450:4001:803::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:816::2001
2a00:1450:4001:816::2002
2a00:1450:4001:81a::2004
2a00:1450:4001:81b::2004
2a00:1450:4001:81e::200a
2a02:26f0:6c00:181::11a6
2a02:26f0:6c00:287::11a6
2a02:26f0:6c00::210:ba13
2a02:26f0:6c00::210:ba19
2a04:4e42:1b::444
2a04:4e42:1b::645
2a04:4e42:31::444
2a04:4e42:3::444
2a04:4e42:3::720
3.126.224.165
3.227.69.189
34.102.213.242
34.251.197.102
52.200.8.120
52.28.196.64
65.9.96.26
67.199.248.13
99.80.114.7
0025565f0cddfceb7ebdbc4b21d2552c894998e443153f97a6e8b353dfd9bebd
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b10167b8d0ac41c1b681a2cce2977f08c4bb49f3261d7ff2fce60b0e59f7c0
070beb03a0b3c092d13d33b3ed55202f04ebe6063cc924372e49a80ff869a011
07b69027231d985f5bdcd4d5a539f120d26003feef6e9dc0a6b77a4b43a9b21f
0844bd3c4baeabefa82df5e7dab5789c384a63f93799d25d325923c87941b79b
09fd1f5916bea81bceed646e6d89e9cd77a525ebf2e1afdadc51987a3441bdcd
0a850817530f89463dbfca39455d6a7b6b88d4b76a92814b6e5b9cea47de8502
0c64eb1e00b75d93ce07756ef8ff9c6ace42c75a22886e52915c9e6a3c4130b6
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0f23b5aa801f07d12dc9cba856f397b1327527947a2eae1aa4150ae1567d02cb
167e7c3c736fa71524437138f82e22185f38b626b4f8f92291ae20d6fe5f0518
1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c
1a003bbccafc6432ce46f8ae82ff847e0f87989cccd30669565e6d1a5c962d5b
1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
1df152c5f79010dd701eceeabbf5fae49f8b375b625f2a5d7f8a8fbe11b92f2b
21c9c7889404394d4e4c780022b56b5fa39e83b19c34eb0508561a115a1dcc6a
230babd80f98a4c948536c8cc393e120493e14c1aa4ca05d73f9d903108ddff7
286950675b8e86af9da95f8887056bff1c3748b92363028bb3d7a06f8dc1a5b9
2b1068aa007abf0e405b0840844c67718204a0073dc392337d78427a0dba6854
2b526196d510bc11f40effba13f1b9e1792120b1f40b453695e8d7dcc05cf38d
2bf78db102c9d6e84c8e86cd2bd6134383688ae866a991028728b62f482358ab
32b42614baf919797af1ba9d02749f940b8a721495dbb37d4ee3b3c7b488d28e
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3cbd8800cd1657aa39c91babfe2b8a776cf2ef5deeca144d6b08998f04a02a67
4214ee4c13225eb6a1c420bb6332bb56d1d6932653a12bf1c9794940a2642438
4691d2d9bbf29b666d996e8cb483e60fa6f3e071f1091a57c2b3ac4413216b24
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
48a4765f21602b52a75e68635d658b7146839d5a454e8b98a03d8b62d20d73b7
49d6e6d8f2ee207ca44c8518190e7d11061a6f9c7c0bdeac8645a92b4825d57f
4d665c2f6fc1aeed23cbaace823f8f7ed5100c317fff8917d1b6cc8022fdd231
4dbdcbed018562c656e6c5b5515ef82736596af03d573b06a50951d802f1e725
4ee003b43ec31646ec8162c08e06d98814d9c237c6e119e50b760d9238f8bfe7
5671e81b67a00fc8d11f854778edf04dcb5aa7ac6328a34bad69fef37a60ec9a
602fab312dd82ffb14508d0e186e809e1e27c55a6e62adf5769a9318dc84ce2f
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c
6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019
6f61194871255096b51c078ecffd02a93699b2cda3bc71c8c48cea2a5511a5b2
7193a6ae7349709641cdd713db8351d7361ed1ef6bed9ee8fb7631ab4c06453e
72abfb31f44d9d6ae87bfbebfe2e1eef8d44e58bd6f1603c764d029e9bcfae3e
762c54fff1954017241be39342dc63b7efc635bc9975d1caa00b12a22c5e7e36
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
7b8de45d49e9640d7f22c8450b4d3b4596807e2c9dad306a808d1ba863065406
7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
843150e3e7cb6ca5bdd0906c58e6519a77b619bc8de6c13db08f537edd2ca813
89f4ddedd67e398f49389bd66a498b3b2e608c68cc77e716ae2ede0269824e37
9291d9d87d61a0608d3a6b508cb92fa452e2ad612696a66716201dffdf968927
93b73183052e5573c1684e2e71a66baf2221f33032fea8c28625d91a38b6a974
944edb8b57d8a9f7df23544c0121398c38f5319be2f46928fc4e3a2735183e56
95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
976b8a59d8807fbc2a4e27d9b6b15744ae6882aebb724619c9e0da7f8fe17566
9a8d8bb357f997b3f6b98338c9a3e4bf04b17e2b675c23e13a29da1655e59ad4
9b4ca722833450a27d0f22918f250ba5882cadc1af54ac014d7c06f2b9805b1c
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9ce8d3bfed7339952b7f3a4143df2e3867ab6ea6555d95d3bd44087d4f672bd1
9d0d33ff3cbe6054d46a549c75a09323fc711113b82fde575003df837cb9f4e0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a97a5a7dc2b30e9a76ff211332f36d435293c19ed91ca1ad6a66adc1dc50cd
a0aa48808ddef7604ba969db62e4af3a2ba001b7a8751823cf0ab2d430308ea5
a0e96c165b8a891ea6e80f7cb7026f2e54078d9cffe9a62983e8901ad7d35873
a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
abbe172c2b7dbefee3980f7634ded950b4ee7d635b78468f854f64e1b8aa1b1f
ac9a9e666959ade8b25fadbe232fe74c3a27e5bd5ea139d6a1fd178e2a26ec46
afd1513bdb44089f085888e1cbec14d37d25ec081f9fd8fb9fe98855115b1056
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
ba40fd1884e10a1c53b986d8bd7e9d4ad7396aa7e6c8f8e4a1604c80a5b3a6e5
c269c820bb1f57a535cbc2b61ddbd902ef33364e5fd1f827ecaccbd1831c1d42
c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e
c442ff155dca60045b1a65d836acc2e876fd92ed4ad2e1b61272940530839837
c6637b899589b2adf195e72aec7fda7985cfb382a7b129acf242a22984d9a380
c9134a191c170e5812281354ac99696427919091074235e13cc4d251b6bf3145
cac0bff393b7185cc80dc8e9ea02ee73005729e4515115fdaec12f8bd87f7c26
cd715c0fa7d69e85432e8b08d0a02b9613edf40212cca2040bde31670167638e
ce0f12757c602e467e0ba992fe21d50f108ae3572b79b8c48a7c00bbf285abee
ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d04cee2fb125cce02cb0fc527726a4753abde046ec2d5412d318d1765c70ceb4
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41
d647677a813dde40b27e0bcf582d72e2bc89f8a8127426e48684fff64156b0af
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dfc9406a623938ac69670411f1f627e7c19cf9ebfc0715921c07a76fe53023e6
dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d
e0cc0930a1ab7e9ae754783576228f3c32caa07605236711cf81035f3f45f0ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c9dbaf38b77ca936384790a1fd3896c74b038b6600b0bd30d5f97267a7daf2
e6e583553cbb5a7bdf3446558cdf29802cda247ce1d63693633b3d74eb749d8e
e78292682bf2d0e07b972e0f67cdf7873510ec20c4723b3ae032476c192ed463
e9cac3eeba1fc86e06fdc013a4c52742e9b4bd14b7be6517321127d4515095ce
ea7373d7059ab32d4304249b48a91311f91d2dce5e1ebf10450f33f9a8c5f5ec
eb7edc6afafbfc1e04bdaec2b959c0b3f8c2f96cff74ed9e865e96e4657f5f1b
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
f1e3d87e5966b1193f8e51bec035a9de6de1c02243deb8f2b9bd280a67715112
f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0
f70b6824d3c81ae7816f1ebdd73a3a7e1cca7975a7e5b2baaf2ef3bd5de2df96
f93b7f8bfe83053a825253196d0ea1eb82890abaca9265952abaf2310e37e540
fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127
ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

www.zdnet.com Open in urlscan Pro 2a04:4e42:3::444 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

198 Requests

100 %HTTPS

48 %IPv6

30 Domains

53 Subdomains

39 IPs

5 Countries

3571 kBTransfer

10145 kBSize

14 Cookies

28 Outgoing links

Page URL History

Redirected requests

198 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.zdnet.com Open in urlscan Pro
2a04:4e42:3::444 Public Scan

Screenshot
Live screenshot

Full Image

198
Requests

100 %
HTTPS

48 %
IPv6

30
Domains

53
Subdomains

39
IPs

5
Countries

3571 kB
Transfer

10145 kB
Size

14
Cookies

198 HTTP transactions
15 data transactions