URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Submission: On June 11 via manual from CA

Summary

This website contacted 63 IPs in 9 countries across 45 domains to perform 228 HTTP transactions. The main IP is 148.251.128.74, located in Germany and belongs to HETZNER-AS, DE. The main domain is wccftech.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 18th 2020. Valid for: 3 months.
This is the only time wccftech.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 148.251.128.74 24940 (HETZNER-AS)
3 2a00:1450:400... 15169 (GOOGLE)
18 78.46.98.130 24940 (HETZNER-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 13.225.73.116 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
3 104.111.231.145 16625 (AKAMAI-AS)
1 2.18.234.163 16625 (AKAMAI-AS)
1 13.224.198.97 16509 (AMAZON-02)
1 151.139.128.11 20446 (HIGHWINDS3)
1 143.204.95.142 16509 (AMAZON-02)
4 151.101.112.134 54113 (FASTLY)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
3 13.224.199.29 16509 (AMAZON-02)
1 1 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.0.157 44788 (ASN-CRITE...)
2 4 35.244.159.8 15169 (GOOGLE)
1 185.86.138.78 201081 (SMARTADSE...)
1 178.162.133.150 60781 (LEASEWEB-...)
1 72.251.249.14 29791 (VOXEL-DOT...)
1 185.33.220.244 29990 (ASN-APPNEX)
14 69.173.144.141 26667 (RUBICONPR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2.18.234.21 16625 (AKAMAI-AS)
2 2a03:2880:f03... 32934 (FACEBOOK)
6 2a00:1450:400... 15169 (GOOGLE)
33 216.58.210.2 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 35.190.59.101 15169 (GOOGLE)
3 35.201.67.47 15169 (GOOGLE)
3 35.190.91.160 15169 (GOOGLE)
3 2606:4700:e2:... 13335 (CLOUDFLAR...)
2 52.46.141.211 16509 (AMAZON-02)
3 52.5.148.243 14618 (AMAZON-AES)
1 3 104.111.238.139 16625 (AKAMAI-AS)
1 4 104.111.224.209 16625 (AKAMAI-AS)
1 1 52.30.27.50 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
2 34.237.225.201 14618 (AMAZON-AES)
1 1 2a00:1450:400... 15169 (GOOGLE)
4 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:21f... 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 151.101.0.134 54113 (FASTLY)
1 54.77.157.39 16509 (AMAZON-02)
1 35.190.40.172 15169 (GOOGLE)
2 2a03:2880:f13... 32934 (FACEBOOK)
1 216.58.212.166 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 35.244.246.232 15169 (GOOGLE)
2 2 147.75.102.200 54825 (PACKET)
1 195.181.175.48 60068 (CDN77)
1 52.94.237.66 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
1 18.196.217.48 16509 (AMAZON-02)
1 130.211.23.194 15169 (GOOGLE)
2 2 34.253.109.165 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
28 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
1 13.224.198.18 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2 172.217.18.162 15169 (GOOGLE)
1 54.172.13.155 14618 (AMAZON-AES)
1 104.111.245.241 16625 (AKAMAI-AS)
1 34.255.89.80 16509 (AMAZON-02)
1 151.101.114.133 54113 (FASTLY)
1 23.43.114.84 20940 (AKAMAI-ASN1)
228 63
Apex Domain
Subdomains
Transfer
40 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
ad.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
173 KB
35 googlesyndication.com
4d8103fb21d776cb7a874fb3c68381c4.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
139 KB
21 wccftech.com
wccftech.com
cdn.wccftech.com
848 KB
16 ampproject.org
cdn.ampproject.org
328 KB
14 rubiconproject.com
fastlane.rubiconproject.com
24 KB
11 skimresources.com
s.skimresources.com
r.skimresources.com
t.skimresources.com
p.skimresources.com
x.skimresources.com
25 KB
9 zdbb.net
cdn.static.zdbb.net
ns.zdbb.net
gurgle.zdbb.net
jogger.zdbb.net
zdbb.net
26 KB
7 consensu.org
quantcast.mgr.consensu.org
static.quantcast.mgr.consensu.org
api.skimlinks.mgr.consensu.org
vendorlist.consensu.org
apis.quantcast.mgr.consensu.org
audit.quantcast.mgr.consensu.org
159 KB
7 amazon-adsystem.com
z-na.amazon-adsystem.com
c.amazon-adsystem.com
aax-us-east.amazon-adsystem.com
fls-na.amazon-adsystem.com
45 KB
6 gstatic.com
fonts.gstatic.com
63 KB
6 disqus.com
wccftech.disqus.com
disqus.com
referrer.disqus.com
31 KB
5 google.com
adservice.google.com
www.google.com
1 KB
4 openx.net
pubgalaxy-d.openx.net
eu-u.openx.net
us-u.openx.net
1 KB
4 google-analytics.com
www.google-analytics.com
18 KB
3 exelator.com
loadeu.exelator.com
load77.exelator.com
2 KB
3 disquscdn.com
c.disquscdn.com
219 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 postrelease.com
jadserve.postrelease.com
2 KB
3 traq.li
api.traq.li
13 KB
3 upapi.net
mrb.upapi.net
backend.upapi.net
215 KB
3 googleapis.com
fonts.googleapis.com
2 KB
2 crwdcntrl.net
sync.crwdcntrl.net
1016 B
2 facebook.com
www.facebook.com
340 B
2 imrworldwide.com
secure-us.imrworldwide.com
cdn-gl.imrworldwide.com
7 KB
2 google.de
adservice.google.de
www.google.de
1 KB
2 facebook.net
connect.facebook.net
160 KB
2 criteo.com
gum.criteo.com
mug.criteo.com
1 KB
2 googletagservices.com
www.googletagservices.com
42 KB
2 cloudfront.net
dsh7ky7308k4b.cloudfront.net
98 KB
1 bluekai.com
stags.bluekai.com
1 krxd.net
cdn.krxd.net
385 B
1 bkrtx.com
tags.bkrtx.com
11 KB
1 ad-delivery.net
ad-delivery.net
631 B
1 adsafeprotected.com
pixel.adsafeprotected.com
1 KB
1 pcmag.com
g.pcmag.com
265 B
1 casalemedia.com
as-sec.casalemedia.com
986 B
1 pubmatic.com
hbopenbid.pubmatic.com
113 B
1 adnxs.com
ib.adnxs.com
1 KB
1 lijit.com
ap.lijit.com
724 B
1 sonobi.com
apex.go.sonobi.com
698 B
1 smartadserver.com
prg.smartadserver.com
1 KB
1 sharethrough.com
native.sharethrough.com
120 KB
1 ntv.io
s.ntv.io
94 KB
1 nsstatic.com
cdn.nsstatic.com
99 KB
1 videoplayerhub.com
pubgalaxy-com.videoplayerhub.com
26 KB
228 45
Domain Requested by
33 securepubads.g.doubleclick.net www.googletagservices.com
cdn.nsstatic.com
securepubads.g.doubleclick.net
wccftech.com
28 tpc.googlesyndication.com securepubads.g.doubleclick.net
wccftech.com
cdn.ampproject.org
tpc.googlesyndication.com
18 cdn.wccftech.com wccftech.com
s.skimresources.com
16 cdn.ampproject.org securepubads.g.doubleclick.net
14 fastlane.rubiconproject.com wccftech.com
6 pagead2.googlesyndication.com wccftech.com
securepubads.g.doubleclick.net
6 fonts.gstatic.com wccftech.com
s.skimresources.com
securepubads.g.doubleclick.net
4 www.google.com 4 redirects
4 cdn.static.zdbb.net 1 redirects wccftech.com
cdn.static.zdbb.net
4 www.google-analytics.com 1 redirects wccftech.com
3 googleads.g.doubleclick.net wccftech.com
3 c.disquscdn.com wccftech.disqus.com
3 sb.scorecardresearch.com 1 redirects cdn.nsstatic.com
wccftech.com
3 jadserve.postrelease.com s.ntv.io
wccftech.com
3 api.traq.li wccftech.com
cdn.wccftech.com
3 p.skimresources.com wccftech.com
3 t.skimresources.com wccftech.com
s.skimresources.com
3 c.amazon-adsystem.com wccftech.com
c.amazon-adsystem.com
3 wccftech.disqus.com wccftech.com
wccftech.disqus.com
3 fonts.googleapis.com wccftech.com
securepubads.g.doubleclick.net
3 wccftech.com wccftech.com
2 cm.g.doubleclick.net 2 redirects
2 eu-u.openx.net 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 loadeu.exelator.com 2 redirects
2 x.skimresources.com 2 redirects
2 www.facebook.com wccftech.com
connect.facebook.net
2 disqus.com wccftech.disqus.com
2 static.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
2 gurgle.zdbb.net wccftech.com
cdn.static.zdbb.net
2 aax-us-east.amazon-adsystem.com z-na.amazon-adsystem.com
wccftech.com
2 r.skimresources.com 1 redirects wccftech.com
2 mrb.upapi.net pubgalaxy-com.videoplayerhub.com
mrb.upapi.net
2 connect.facebook.net wccftech.com
connect.facebook.net
2 www.googletagservices.com wccftech.com
securepubads.g.doubleclick.net
2 dsh7ky7308k4b.cloudfront.net wccftech.com
1 stags.bluekai.com tags.bkrtx.com
1 cdn.krxd.net cdn.static.zdbb.net
1 zdbb.net
1 tags.bkrtx.com cdn.static.zdbb.net
1 jogger.zdbb.net cdn.static.zdbb.net
1 us-u.openx.net wccftech.com
1 referrer.disqus.com wccftech.com
1 audit.quantcast.mgr.consensu.org static.quantcast.mgr.consensu.org
1 4d8103fb21d776cb7a874fb3c68381c4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 backend.upapi.net mrb.upapi.net
1 apis.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 vendorlist.consensu.org quantcast.mgr.consensu.org
1 fls-na.amazon-adsystem.com wccftech.com
1 load77.exelator.com wccftech.com
1 ad-delivery.net wccftech.com
1 ad.doubleclick.net wccftech.com
1 api.skimlinks.mgr.consensu.org s.skimresources.com
1 pixel.adsafeprotected.com cdn.nsstatic.com
1 www.google.de wccftech.com
1 stats.g.doubleclick.net 1 redirects
1 ns.zdbb.net cdn.nsstatic.com
1 cdn-gl.imrworldwide.com wccftech.com
1 secure-us.imrworldwide.com 1 redirects
1 g.pcmag.com cdn.nsstatic.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 as-sec.casalemedia.com wccftech.com
1 hbopenbid.pubmatic.com wccftech.com
1 ib.adnxs.com wccftech.com
1 ap.lijit.com wccftech.com
1 apex.go.sonobi.com wccftech.com
1 prg.smartadserver.com wccftech.com
1 pubgalaxy-d.openx.net wccftech.com
1 mug.criteo.com wccftech.com
1 gum.criteo.com 1 redirects
1 quantcast.mgr.consensu.org wccftech.com
1 z-na.amazon-adsystem.com wccftech.com
1 s.skimresources.com wccftech.com
1 native.sharethrough.com wccftech.com
1 s.ntv.io wccftech.com
1 cdn.nsstatic.com wccftech.com
1 pubgalaxy-com.videoplayerhub.com wccftech.com
228 78

This site contains links to these domains. Also see Links.

Domain
cdn.wccftech.com
blogs.technet.microsoft.com
www.eset.com
twitter.com
www.facebook.com
www.youtube.com
Subject Issuer Validity Valid
wccftech.com
Let's Encrypt Authority X3
2020-04-18 -
2020-07-17
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-05-20 -
2020-08-12
3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2020-04-21 -
2020-10-09
6 months crt.sh
*.cloudfront.net
DigiCert Global CA G2
2019-07-17 -
2020-07-05
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-05-20 -
2020-08-12
3 months crt.sh
ziffdavis.com
DigiCert SHA2 Secure Server CA
2020-05-13 -
2021-08-12
a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA
2019-11-18 -
2021-02-16
a year crt.sh
*.sharethrough.com
Amazon
2019-10-07 -
2020-11-07
a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA
2018-09-13 -
2020-10-07
2 years crt.sh
z-na.amazon-adsystem.com
Amazon
2020-01-09 -
2021-02-09
a year crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA
2020-04-20 -
2022-05-09
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2020-05-20 -
2020-08-12
3 months crt.sh
quantcast.mgr.consensu.org
Amazon
2020-05-22 -
2021-06-22
a year crt.sh
c.amazon-adsystem.com
Amazon
2019-10-07 -
2020-09-29
a year crt.sh
*.criteo.com
DigiCert ECC Secure Server CA
2020-03-30 -
2020-06-28
3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2018-01-04 -
2020-07-09
3 years crt.sh
*.smartadserver.com
DigiCert Global CA G2
2020-02-03 -
2022-02-03
2 years crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2019-02-01 -
2021-02-04
2 years crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2020-03-11 -
2021-05-10
a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA
2019-01-10 -
2021-01-14
2 years crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA
2019-02-22 -
2021-02-21
2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2020-03-02 -
2021-04-01
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-05-14 -
2020-08-05
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-05-20 -
2020-08-12
3 months crt.sh
*.google.de
GTS CA 1O1
2020-05-20 -
2020-08-12
3 months crt.sh
*.google.com
GTS CA 1O1
2020-05-20 -
2020-08-12
3 months crt.sh
aax-us-east.amazon-adsystem.com
Amazon
2019-12-03 -
2020-11-13
a year crt.sh
*.postrelease.com
Amazon
2020-02-28 -
2021-03-28
a year crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1
2020-06-02 -
2021-06-02
a year crt.sh
www.ziffdavis.com
DigiCert SHA2 Extended Validation Server CA
2020-02-18 -
2022-05-19
2 years crt.sh
*.imrworldwide.com
DigiCert SHA2 Secure Server CA
2020-01-21 -
2021-02-24
a year crt.sh
*.zdbb.net
Amazon
2020-06-03 -
2021-07-03
a year crt.sh
www.google.de
GTS CA 1O1
2020-05-20 -
2020-08-12
3 months crt.sh
fw.adsafeprotected.com
Amazon
2020-03-14 -
2021-04-14
a year crt.sh
api.skimlinks.mgr.consensu.org
DigiCert SHA2 Secure Server CA
2019-10-04 -
2021-10-07
2 years crt.sh
*.doubleclick.net
GTS CA 1O1
2020-05-20 -
2020-08-12
3 months crt.sh
1605158521.rsc.cdn77.org
Let's Encrypt Authority X3
2020-06-09 -
2020-09-07
3 months crt.sh
fls-na.amazon-adsystem.com
Amazon
2019-12-31 -
2020-12-24
a year crt.sh
vendorlist.consensu.org
Amazon
2020-02-07 -
2021-03-07
a year crt.sh
*.upapi.net
Let's Encrypt Authority X3
2020-04-25 -
2020-07-24
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-05-20 -
2020-08-12
3 months crt.sh
misc-sni.google.com
GTS CA 1O1
2020-05-20 -
2020-08-12
3 months crt.sh
*.bkrtx.com
DigiCert SHA2 Secure Server CA
2020-02-28 -
2021-05-29
a year crt.sh
cdn.krxd.net
DigiCert SHA2 Secure Server CA
2020-03-05 -
2021-03-06
a year crt.sh
odc-prod-01.oracle.com
DigiCert Secure Site ECC CA-1
2020-04-14 -
2021-04-10
a year crt.sh

This page contains 23 frames:

Primary Page: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Frame ID: 7551F21D96939FDD558852452268D93F
Requests: 152 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.1248466226936833
Frame ID: 0898753635F4BE6DD5C8C867A9684455
Requests: 3 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v34/cmp-3pc-check.html
Frame ID: D5A2D24E22D54E7CCD689FFFC968DA47
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=wccftech&t_i=794903%20http%3A%2F%2Fwccftech.com%2F%3Fp%3D794903&t_u=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&t_d=Microsoft%2C%20FBI%20%26%20Others%20Partner%20to%20Take%20Down%20Massive%20Andromeda%20Botnet&t_t=Microsoft%2C%20FBI%20%26%20Others%20Partner%20to%20Take%20Down%20Massive%20Andromeda%20Botnet&s_o=default
Frame ID: B4806A65DBFAAA016D2EC6DCD10177B7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Frame ID: 3854CFE89D33B6EEDCA322139CA926E7
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Frame ID: DCDDCCC99148ADB29450BB1C45E6F886
Requests: 15 HTTP requests in this frame

Frame: data://truncated
Frame ID: AA37CD92DB0BA1119D1F4D8B0DF1A751
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/1153452811013376518
Frame ID: E3D649CC3F9791D23C44EE98F72EAB9C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/1153452811013376518
Frame ID: B2322FEA0B2C2C93525426431B736DE5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/1153452811013376518
Frame ID: 1D22A34F6CE727ABE2113ED54CD42842
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/1153452811013376518
Frame ID: 411B79CE9B6FF2CDD6FF705C48C766A6
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/1153452811013376518
Frame ID: 7EEB1AACB1468C76FEA570E0672B5748
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/1153452811013376518
Frame ID: D57B86B00F35587A2228F65E88363D4B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/1153452811013376518
Frame ID: 699CC7032DE9EA34BCC439E1BCEB33AF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/1153452811013376518
Frame ID: A116B325FAB029C033C7974537893F42
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/1153452811013376518
Frame ID: 678DF64E5150900D68DAAE64A90B384B
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Frame ID: E0BD22FB1F29B3855CA1C113AE6CA19A
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/1153452811013376518
Frame ID: AC4E6B3292979A2BBA7EC2D292235D53
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/1153452811013376518
Frame ID: BC61C1CC8CB4C8FCA28791F0327A38B1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/1153452811013376518
Frame ID: 51690E7B5B283337293DA01C2E484677
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/simgad/1153452811013376518
Frame ID: 8F04367A5EC2B041EB8D3C61CE3A5E64
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 870503CA6A9924597180BFD6343452BC
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/30629?ret=html&phint=site%3Dwccftech.com&phint=referer%3Dhttps%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&phint=bbseg%3D1100034&phint=bbseg%3D1100037&phint=bbseg%3D900111&phint=bbseg%3D6929&phint=bbseg%3D900115&phint=bbseg%3D6816&phint=bbseg%3D6817&phint=bbseg%3D900002&phint=bbseg%3D6819&phint=bbseg%3D6947&phint=bbseg%3D6821&phint=bbseg%3D900003&phint=bbseg%3D6823&phint=bbseg%3D6825&phint=bbseg%3D1100077&phint=bbseg%3D6833&phint=bbseg%3D6834&phint=bbseg%3D900018&phint=bbseg%3D6837&phint=bbseg%3D6845&phint=bbseg%3D1100095&phint=bbseg%3D6848&phint=bbseg%3D6850&phint=bbseg%3D900164&phint=bbseg%3D900041&phint=bbseg%3D900169&phint=bbseg%3D900049&phint=bbseg%3D6886&phint=bbseg%3D900200&phint=bbseg%3D6889&phint=bbseg%3D6894&phint=__bk_t%3DMicrosoft%2C%20FBI%20%26%20Others%20Partner%20to%20Take%20Down%20Massive%20Andromeda%20Botnet&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&phint=__bk_v%3D3.1.5&limit=10&r=45843478
Frame ID: 6D8EE75441ED08E437652513E322415A
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

228
Requests

95 %
HTTPS

33 %
IPv6

45
Domains

78
Subdomains

63
IPs

9
Countries

2996 kB
Transfer

7138 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwccftech.com%2F&domain=wccftech.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=yoxA0HxoSTgzVnJGVFYzN2FzY29ETDFmazNJYk5ZaVBoUi9ORkcyUmcyYWVvOCtaaW1HOUFRR3NiVHE0TzMzSWNNMWg2R0VleG9OVkxrbHF0cTlPUkg1T1dZcm4xMEVnRkoyMlp6cXMvTUhDbVdudEl3M2JlbGVRL1Jhd3lQSW5Wd3NLZmovZzQ3cHI3OHJGM3E1eU45WmZDNWZpOTZHRkFQK1BMUHJqdlpDSW5IUWhGSjhIVUtZWTlKTlBHczdDQm1saWlkWEdKam5aejQ1QWx4OXQ2bHJ6TnNCSjNPdUh4NDVZQ3dXYmF4N2w2UHM4PXw&cppv=2
Request Chain 65
  • https://r.skimresources.com/api/ HTTP 307
  • https://r.skimresources.com/api/?xguid=01EAGQS7087ATPYVF23MSBQ6QP&persistence=1&checksum=67211e547e8d77413dc671393c60253bd562dbe65b2458c82e0b527cd45f3793
Request Chain 74
  • https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js HTTP 303
  • https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Request Chain 75
  • https://secure-us.imrworldwide.com/v60.js HTTP 301
  • https://cdn-gl.imrworldwide.com/v60.js
Request Chain 80
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=791069950&t=pageview&_s=1&dl=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&ul=en-us&de=UTF-8&dt=Microsoft%2C%20FBI%20%26%20Others%20Partner%20to%20Take%20Down%20Massive%20Andromeda%20Botnet&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=818063027&gjid=1553890694&cid=316466064.1591847198&tid=UA-3244067-1&_gid=1120779103.1591847198&_r=1&cd1=Rafia%20Shaikh&cd2=Industry%2CInternet%2CNews%2CSecurity&cd3=1512465397&cd4=post&cd8=Security&cd5=normal&z=513130348 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3244067-1&cid=316466064.1591847198&jid=818063027&_gid=1120779103.1591847198&gjid=1553890694&_v=j82&z=513130348 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3244067-1&cid=316466064.1591847198&jid=818063027&_v=j82&z=513130348 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3244067-1&cid=316466064.1591847198&jid=818063027&_v=j82&z=513130348&slf_rd=1&random=1300288036
Request Chain 94
  • https://sb.scorecardresearch.com/b?c1=8&c2=6036316&c3=1&ns__t=1591847198359&ns_c=UTF-8&cv=3.5&c8=Microsoft%2C%20FBI%20%26%20Others%20Partner%20to%20Take%20Down%20Massive%20Andromeda%20Botnet&c7=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=8&c2=6036316&c3=1&ns__t=1591847198359&ns_c=UTF-8&cv=3.5&c8=Microsoft%2C%20FBI%20%26%20Others%20Partner%20to%20Take%20Down%20Massive%20Andromeda%20Botnet&c7=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&c9=&cs_ak_ss=1
Request Chain 102
  • https://x.skimresources.com/?provider=exelate HTTP 302
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0& HTTP 302
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0&&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 112
  • https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D HTTP 302
  • https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=5fd1e335e8fdf0b6f1dd1c38709dd343 HTTP 302
  • https://p.skimresources.com/?provider_id=5fd1e335e8fdf0b6f1dd1c38709dd343&skim_mapping=true
Request Chain 218
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 219
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 220
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 230
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=674700d8-56f8-4e0c-aecf-b9c3ebe8f945&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=674700d8-56f8-4e0c-aecf-b9c3ebe8f945&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDRFasMPskmmtCA16It3llw&google_cver=1

228 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
wccftech.com/microsoft-fbi-shut-andromeda-botnet/
678 KB
386 KB
Document
General
Full URL
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.128.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.128.251.148.clients.your-server.de
Software
nginx /
Resource Hash
3759503231bb02182792f15178222438d49df7307025cd0b7818c421f7380a44

Request headers

:method
GET
:authority
wccftech.com
:scheme
https
:path
/microsoft-fbi-shut-andromeda-botnet/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx
date
Thu, 11 Jun 2020 03:46:36 GMT
content-type
text/html; charset=UTF-8
link
<https://wccftech.com/wp-json/>; rel="https://api.w.org/" <https://wccftech.com/?p=794903>; rel=shortlink
vary
Accept-Encoding, Cookie, User-Agent
last-modified
Wed, 10 Jun 2020 15:52:23 GMT
x-presslabs-stats
MISS; 0.061s; 8 queries; desktop; ttl 86400s; refresh in 43547s
content-encoding
gzip
x-request-id
e748bd7461287caeea544ef26bef072d
css
fonts.googleapis.com/
10 KB
984 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Fira+Sans:400,500|Open+Sans:400,700
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0ecb77538949b64f9a16422a41e21694d93b94a840ad6d76fcfc4b971660f8ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 11 Jun 2020 03:46:36 GMT
server
ESF
date
Thu, 11 Jun 2020 03:46:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Jun 2020 03:46:36 GMT
style.css
cdn.wccftech.com/wp-content/themes/wccf2016/
42 KB
11 KB
Stylesheet
General
Full URL
https://cdn.wccftech.com/wp-content/themes/wccf2016/style.css?ver=1591242909
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.98.130 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
fbd3a1f0d2ceb7b0416c62e29e932c1d774dcd45e0f35857d1aa1415b2bf8b97

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:36 GMT
content-encoding
gzip
last-modified
Thu, 04 Jun 2020 03:55:09 GMT
server
nginx
etag
W/"5ed8709d-a769"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
f3bd113d42560e10a4bdc796aef6d834
expires
Thu, 31 Dec 2037 23:55:55 GMT
style-single.css
cdn.wccftech.com/wp-content/themes/wccf2016/
49 KB
13 KB
Stylesheet
General
Full URL
https://cdn.wccftech.com/wp-content/themes/wccf2016/style-single.css?ver=1591242909
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.98.130 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
ecc44ea066e591e5c4a6a40b78a52a2d2201e07969af1c671b622cb1117ff8f8

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:36 GMT
content-encoding
gzip
last-modified
Thu, 04 Jun 2020 03:55:09 GMT
server
nginx
etag
W/"5ed8709d-c39b"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
f3bd113d42560e10a4bdc796aef6d834
expires
Thu, 31 Dec 2037 23:55:55 GMT
gallery.js
pubgalaxy-com.videoplayerhub.com/
108 KB
26 KB
Script
General
Full URL
https://pubgalaxy-com.videoplayerhub.com/gallery.js
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f224aee42f316c78aedfb5947c6676ab83f1f2f3edc4cefa79c80cc2fb4f0242

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
307
x-cache
Miss from cloudfront
status
200
content-encoding
br
content-type
application/javascript
cf-request-id
034315b2910000074217167200000001
last-modified
Wed, 10 Jun 2020 21:40:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
bF0FG27lcGHtaYEn0Rgfi4d.xix7AFNM
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1
cf-ray
5a1858974bd10742-FRA
x-amz-cf-id
0lF40ceKOrK0Mmo3kBr772f8HApirU35mdI-_omMbc_jnMjb8ZQ3aw==
wccftechcom.min.js
dsh7ky7308k4b.cloudfront.net/publishers/
217 KB
90 KB
Script
General
Full URL
https://dsh7ky7308k4b.cloudfront.net/publishers/wccftechcom.min.js?v3
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-116.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0e44e6f90a843c471084a47ad33fbd4e6bd1e0a39b7f690ebfab937c141c092

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:25:07 GMT
content-encoding
gzip
age
1290
x-cache
Hit from cloudfront
status
200
x-amz-meta-mode
33261
last-modified
Thu, 14 May 2020 08:15:22 GMT
server
AmazonS3
x-amz-meta-uid
1004
vary
Accept-Encoding
x-amz-meta-gid
1004
via
1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-type
application/javascript
x-amz-cf-id
0mkwnk8PK08McUfvtgiSYapoJbgyZV3Fdavy6T6kO84odC878Sa3CQ==
x-amz-meta-mtime
1589444121
gpt.js
www.googletagservices.com/tag/js/
43 KB
15 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee25ff7072bb91c1e6eaee9a51a6fa0bbc0f0b6973f1283bed98d15bf3377b7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"539 / 288 of 1000 / last-modified: 1591819533"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
14513
x-xss-protection
0
expires
Thu, 11 Jun 2020 03:46:37 GMT
wccftech.com.js
cdn.nsstatic.com/ns/
318 KB
99 KB
Script
General
Full URL
https://cdn.nsstatic.com/ns/wccftech.com.js
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.231.145 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-231-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e442e3b7e78c93f1e7440e6ca120b1ab069160e4524fd6e0e6a932762ce32503

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
kxzZxnkFIGStyeXPuRCxwq3HUsJH0obZ
content-encoding
gzip
last-modified
Thu, 21 May 2020 10:55:53 GMT
x-amz-request-id
A3988CBD556D1B20
date
Thu, 11 Jun 2020 03:46:37 GMT
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=3079
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
100585
x-amz-id-2
+20DBYYhxuQqw2pbvi7cTRRG5Sp1dteOdL+Ln2A7F+CNalmTj+CrRXlA4MeHYFnC/swDOjWI1WA=
expires
Thu, 11 Jun 2020 04:37:56 GMT
load.js
s.ntv.io/serve/
319 KB
94 KB
Script
General
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.163 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-163.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
697826ee0c6874562a5f151f0352e0b25208eed7bad2e744b14d7433802a4c82

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 03:46:37 GMT
Content-Encoding
gzip
x-amz-request-id
A3A5F59FBECD3A24
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
BlIvcFYsyIh42FhzVAs1KLUg1BAB+fdurV6I6uem9rX60qu5S8gtkUjJh+DzDHSyRojXg27i2cs=
Last-Modified
Thu, 11 Jun 2020 00:58:38 GMT
Server
AmazonS3
ETag
"2e6eec243c8c11812618abce081077dd"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
sfp.js
native.sharethrough.com/assets/
423 KB
120 KB
Script
General
Full URL
https://native.sharethrough.com/assets/sfp.js
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.198.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90148091592b65c71378d6b4e65fdfdc3d870c8754fb8f83f7c33ab771488808

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:06:03 GMT
content-encoding
gzip
age
2434
x-cache
Hit from cloudfront
status
200
x-amz-request-id
CF4C74BBACB34890
x-amz-id-2
LwA5z5McGIbiVXEVTa1EAHqQZyVJg6bFn5oCoJ4EDb0fd+QuQ1AWV+oyknlzIoSqJIeHWru9P9w=
last-modified
Tue, 09 Jun 2020 19:05:32 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
QmEWc2FdD_rQhYDHSmqXuHw6-cB9VRd2NCTWbj-6K4IS6dMAJ_Ljuw==
expires
Tue, 09 Jun 2020 20:05:30 GMT
gamarue-botnet-740x352.png
cdn.wccftech.com/wp-content/uploads/2017/12/
201 KB
202 KB
Image
General
Full URL
https://cdn.wccftech.com/wp-content/uploads/2017/12/gamarue-botnet-740x352.png
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.98.130 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
4d925092717cd45e755be127349de89186b0a879f3f29f0f77172d63f51c173e

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
content-encoding
gzip
last-modified
Tue, 05 Dec 2017 14:10:19 GMT
server
nginx
etag
W/"5a26a8cb-324e0"
x-presslabs-cache
MISS
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age = 315360000
x-request-id
08c17b14a0251d139e0cde8b346a190c
expires
Thu, 31 Dec 2037 23:55:55 GMT
andromeda-.png
cdn.wccftech.com/wp-content/uploads/2017/12/
159 KB
124 KB
Image
General
Full URL
https://cdn.wccftech.com/wp-content/uploads/2017/12/andromeda-.png
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.98.130 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
8748bb17bd7f25416d4e476a16f59ab106fbb759ac55647383e48a1dd7458315

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
content-encoding
gzip
last-modified
Tue, 05 Dec 2017 14:21:32 GMT
server
nginx
etag
W/"5a26ab6c-27d6a"
x-presslabs-cache
MISS
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age = 315360000
x-request-id
08c17b14a0251d139e0cde8b346a190c
expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/
322 B
339 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=DM+Serif+Text&display=swap&text=GET%20A%20DAILY%20DIGEST%20OF%20LATEST%20TECHNOLOGY%20NEWS
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4e1b5e4db91e64909e29b8fadf3d1f6b7eccb0cec39b05d70f47c0ba53742953
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 11 Jun 2020 03:46:36 GMT
server
ESF
date
Thu, 11 Jun 2020 03:46:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Jun 2020 03:46:36 GMT
vpnfilter-fbi-240x135.jpg
cdn.wccftech.com/wp-content/uploads/2018/06/
5 KB
5 KB
Image
General
Full URL
https://cdn.wccftech.com/wp-content/uploads/2018/06/vpnfilter-fbi-240x135.jpg
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.98.130 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
72166cc8c1ea2799099c8fd74599445a76ef623744026109a7930624f6d182f5

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
last-modified
Thu, 07 Jun 2018 03:22:41 GMT
server
nginx
etag
"5b18a501-1248"
x-presslabs-cache
REVALIDATED
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age = 315360000
accept-ranges
bytes
content-length
4680
x-request-id
08c17b14a0251d139e0cde8b346a190c
expires
Thu, 31 Dec 2037 23:55:55 GMT
wifi-security-240x135.jpg
cdn.wccftech.com/wp-content/uploads/2017/10/
6 KB
7 KB
Image
General
Full URL
https://cdn.wccftech.com/wp-content/uploads/2017/10/wifi-security-240x135.jpg
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.98.130 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
f16e8a90e2ad605c4bc7aeaaeebcb9599109683f1cef3983d836efd792041c92

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
last-modified
Mon, 16 Oct 2017 17:16:25 GMT
server
nginx
etag
"59e4e969-19f5"
x-presslabs-cache
REVALIDATED
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age = 315360000
accept-ranges
bytes
content-length
6645
x-request-id
7bc87fde26cec5743ce03d7f3ee0c3e5
expires
Thu, 31 Dec 2037 23:55:55 GMT
github-attack-240x135.jpg
cdn.wccftech.com/wp-content/uploads/2018/03/
5 KB
5 KB
Image
General
Full URL
https://cdn.wccftech.com/wp-content/uploads/2018/03/github-attack-240x135.jpg
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.98.130 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
a04dedbcaf16c5b0c3cb14f698c571f26a66d77de964d5e9704e2ba1a4f6724b

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
last-modified
Thu, 01 Mar 2018 16:57:13 GMT
server
nginx
etag
"5a9830e9-141e"
x-presslabs-cache
REVALIDATED
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age = 315360000
accept-ranges
bytes
content-length
5150
x-request-id
7bc87fde26cec5743ce03d7f3ee0c3e5
expires
Thu, 31 Dec 2037 23:55:55 GMT
mirai-ddos-attack-240x135.jpg
cdn.wccftech.com/wp-content/uploads/2016/10/
7 KB
8 KB
Image
General
Full URL
https://cdn.wccftech.com/wp-content/uploads/2016/10/mirai-ddos-attack-240x135.jpg
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.98.130 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
90ea7ba6aad2b8b419d80b83c476e1fbe366622520507ca3bc220b9708905ab7

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
last-modified
Mon, 29 May 2017 05:00:10 GMT
server
nginx
etag
"592baada-1d19"
x-presslabs-cache
MISS
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age = 315360000
accept-ranges
bytes
content-length
7449
x-request-id
78a2dec675da70e468a4cb98e42dc9d5
expires
Thu, 31 Dec 2037 23:55:55 GMT
monero-mining-240x135.jpg
cdn.wccftech.com/wp-content/uploads/2017/09/
5 KB
6 KB
Image
General
Full URL
https://cdn.wccftech.com/wp-content/uploads/2017/09/monero-mining-240x135.jpg
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.98.130 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
9ac54d88b287834c99569e9f5e39c1bf87303abf3dead128f20b88e971b783f6

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
last-modified
Thu, 28 Sep 2017 23:00:10 GMT
server
nginx
etag
"59cd7efa-15c8"
x-presslabs-cache
MISS
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age = 315360000
accept-ranges
bytes
content-length
5576
x-request-id
76b2eb13ec4e6047da80a609133d4a1a
expires
Thu, 31 Dec 2037 23:55:55 GMT
script.js
cdn.wccftech.com/wp-content/themes/wccf2016/
169 KB
57 KB
Script
General
Full URL
https://cdn.wccftech.com/wp-content/themes/wccf2016/script.js?ver=1591242909
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.98.130 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
3edae50a98ecc613226e64badf66c9641c26e5451af4fc0618ee6d5b5c140533

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
content-encoding
gzip
last-modified
Thu, 04 Jun 2020 03:55:09 GMT
server
nginx
etag
W/"5ed8709d-2a499"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
c6aadd0ad295993696c77f1b60afaa4e
expires
Thu, 31 Dec 2037 23:55:55 GMT
footer.js
cdn.wccftech.com/wp-content/themes/wccf2016/
12 KB
3 KB
Script
General
Full URL
https://cdn.wccftech.com/wp-content/themes/wccf2016/footer.js?ver=1591770035
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.98.130 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
b05cd38e97f33c84092d4d31c3e0427d5d86ac8f48f0c102678d5704bb4891ba

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 06:20:35 GMT
server
nginx
etag
W/"5ee07bb3-30ba"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
3fb075e82a7f461f87c92f16d46cbf2f
expires
Thu, 31 Dec 2037 23:55:55 GMT
31026X886738.skimlinks.js
s.skimresources.com/js/
59 KB
22 KB
Script
General
Full URL
https://s.skimresources.com/js/31026X886738.skimlinks.js
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85931e517e6710d635a90e749e109df46f53707eae53ccbaf9c4c6a79fcb7b2f

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
content-encoding
gzip
last-modified
Wed, 03 Jun 2020 11:55:26 GMT
server
AmazonS3
x-amz-request-id
2A58458A21AA5731
etag
"f9c54923ab49afadd662ebd563cc667b"
x-hw
1591847197.cds014.am5.hn,1591847197.cds003.am5.c
content-type
application/octet-stream
status
200
cache-control
max-age=3600
accept-ranges
bytes
content-length
22469
x-amz-id-2
S6GDKBsNZ2PZWWbLo+qKMPh+j7kXf0ErC85zRzlvjWHlHI/aLobTh9fZKSmz7Ratz6OIfQxwoJQ=
onejs
z-na.amazon-adsystem.com/widgets/
22 KB
8 KB
Script
General
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=54373194-91c7-4e61-b9a0-12cad6711106
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.95.142 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-142.fra50.r.cloudfront.net
Software
Server /
Resource Hash
b98d4ecc129cf6bff775d789e04d479a9b3117820e77d01ebd645fb5179ec494

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 05:09:38 GMT
content-encoding
gzip
age
81419
x-cache
Hit from cloudfront
status
200
content-length
7327
pragma
Public
access-control-allow-origin
*
server
Server
content-type
application/javascript;charset=UTF-8
via
1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
lZXs9ftoskXWvnAMOP5xaTxRD7jCkLnkDjSj2Onm2z_Nj75WYbQqMg==
expires
Wed, 10 Jun 2020 05:14:38 GMT
count.js
wccftech.disqus.com/
1 KB
1 KB
Script
General
Full URL
https://wccftech.disqus.com/count.js
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 03:46:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
2182003
P3P
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 12 May 2020 22:44:25 GMT
Server
nginx
ETag
"5ebb26c9-367"
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
wccftechcom-single.min.js
dsh7ky7308k4b.cloudfront.net/autoads/
26 KB
8 KB
Script
General
Full URL
https://dsh7ky7308k4b.cloudfront.net/autoads/wccftechcom-single.min.js
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.116 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-116.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f9048a9793b31701e9a90d37f03b7b74d4ec97f07498913582d69e804ce454c4

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:08:15 GMT
content-encoding
gzip
age
2302
x-cache
Hit from cloudfront
status
200
x-amz-meta-mode
33188
last-modified
Tue, 17 Sep 2019 11:08:10 GMT
server
AmazonS3
x-amz-meta-uid
1004
vary
Accept-Encoding
x-amz-meta-gid
1004
via
1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-type
application/javascript
x-amz-cf-id
flpGcMS9slV1G17QV9m0H4ohgE39Sp9QajANHR9rMdya877g1liyJw==
x-amz-meta-mtime
1568718489
cnt7vfDVvWa3.js
wccftech.com/
1 KB
960 B
Script
General
Full URL
https://wccftech.com/cnt7vfDVvWa3.js?ts=58820
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.128.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.128.251.148.clients.your-server.de
Software
nginx /
Resource Hash
3fa473d6b3c64226cfee6729a9c111dcef10b1312b1f5806036e7ea8348b2f7d

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
content-encoding
gzip
last-modified
Tue, 12 May 2020 14:50:36 GMT
server
nginx
etag
W/"5ebab7bc-5c4"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
no-cache
x-presslabs-stats
desktop
x-request-id
6f3683f3e5a58b1f3a23a63e182be01e
expires
Thu, 01 Jan 1970 00:00:01 GMT
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
4019
date
Thu, 11 Jun 2020 02:39:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Thu, 11 Jun 2020 04:39:38 GMT
cmp.js
quantcast.mgr.consensu.org/
255 KB
70 KB
Script
General
Full URL
https://quantcast.mgr.consensu.org/cmp.js
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:4200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae9a4cb28029fecf8f9a50d23d19dc51186f14880768528c8541807615d34327

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:37:13 GMT
content-encoding
gzip
last-modified
Thu, 28 May 2020 22:22:19 GMT
server
AmazonS3
age
1152
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-meta-qc-ineu
True
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
07pGq9a9Npy8rkWK3UgdnaGEegsnn9xFxV4ZDdvUxV931v37yAK0_A==
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
apstag.js
c.amazon-adsystem.com/aax2/
101 KB
26 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.199.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-199-29.fra2.r.cloudfront.net
Software
Server /
Resource Hash
b388addf9c8ba4bc2852132727bd9df68c99db7ca97d22fdb18ad2a426d02a5b

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:38:29 GMT
content-encoding
gzip
server
Server
age
488
etag
06fa05e9082ab6150f8e415571b3ff6a
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=900
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Fem6AGQfp6XDF__UyPSSQh9USVJgBnBCGxEewVy1cByhZFqnwuFGsA==
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwccftech.com%2F&domain=wccftech.com&cw=1
  • https://mug.criteo.com/sid?cpp=yoxA0HxoSTgzVnJGVFYzN2FzY29ETDFmazNJYk5ZaVBoUi9ORkcyUmcyYWVvOCtaaW1HOUFRR3NiVHE0TzMzSWNNMWg2R0VleG9OVkxrbHF0cTlPUkg1T1dZcm4xMEVnRkoyMlp6cXMvTUhDbVdudEl3M2JlbGVRL1Jhd3...
382 B
633 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=yoxA0HxoSTgzVnJGVFYzN2FzY29ETDFmazNJYk5ZaVBoUi9ORkcyUmcyYWVvOCtaaW1HOUFRR3NiVHE0TzMzSWNNMWg2R0VleG9OVkxrbHF0cTlPUkg1T1dZcm4xMEVnRkoyMlp6cXMvTUhDbVdudEl3M2JlbGVRL1Jhd3lQSW5Wd3NLZmovZzQ3cHI3OHJGM3E1eU45WmZDNWZpOTZHRkFQK1BMUHJqdlpDSW5IUWhGSjhIVUtZWTlKTlBHczdDQm1saWlkWEdKam5aejQ1QWx4OXQ2bHJ6TnNCSjNPdUh4NDVZQ3dXYmF4N2w2UHM4PXw&cppv=2
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
71b0eb5c99ee8901f1f040d51d3fe194bd0d505d41cfbba3105a5a187d2e6c8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 11 Jun 2020 03:46:37 GMT
status
200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
382
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
status
302
date
Thu, 11 Jun 2020 03:46:36 GMT
location
https://mug.criteo.com/sid?cpp=yoxA0HxoSTgzVnJGVFYzN2FzY29ETDFmazNJYk5ZaVBoUi9ORkcyUmcyYWVvOCtaaW1HOUFRR3NiVHE0TzMzSWNNMWg2R0VleG9OVkxrbHF0cTlPUkg1T1dZcm4xMEVnRkoyMlp6cXMvTUhDbVdudEl3M2JlbGVRL1Jhd3lQSW5Wd3NLZmovZzQ3cHI3OHJGM3E1eU45WmZDNWZpOTZHRkFQK1BMUHJqdlpDSW5IUWhGSjhIVUtZWTlKTlBHczdDQm1saWlkWEdKam5aejQ1QWx4OXQ2bHJ6TnNCSjNPdUh4NDVZQ3dXYmF4N2w2UHM4PXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://wccftech.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
482
expires
0
arj
pubgalaxy-d.openx.net/w/1.0/
174 B
557 B
XHR
General
Full URL
https://pubgalaxy-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=299feb7d-6341-425f-af03-2e2b123af924%2C28a7424f-94cc-4d96-894c-ce9508c29296%2C1aa23bcb-f0c5-446c-810a-dd39c94c9f12%2C62c6e7c6-c812-42dd-9de9-5b82b6798057%2Ca0de4d42-bf36-4a33-878e-b601e78b92f3%2C53181cc6-24c3-4050-a91c-87cc7e7bde02%2Cc71696f7-8200-4901-b12d-1b2ed6125a8e%2C35c78061-6d81-4fbd-88db-1a212115a8d1%2Cc3e2650a-d1ad-4227-809d-c71b44721bcc%2Cb7e2cb6d-2769-484b-9009-f52e1ce90bb2%2C246c09ab-a7c4-4617-b725-cc42a360916a%2Cf7f1fc7a-8dd6-4b61-a74d-7d614ed1cbff%2C077c756b-3a3b-440c-be4e-3c6f9a1b8c00%2Ca89c541e-9a1e-4ce8-9525-895e8b32cdb9%2C598e8778-08a4-4857-b4a9-546edb1271f7%2C8be4c047-e0e5-4bfd-be29-52f3ccd9336a%2C160cc912-4a90-432f-8f57-c775f211541f%2Ccc6b6f68-2dd2-41a8-8c71-16841193765f%2Cc061f8e3-41c5-4d29-bab8-a1723e6fe949%2C478469d2-ad51-4f25-894d-ab42eb9da15a%2C843e9b97-a75c-49ea-9072-e680834b867a%2Cca1bfb2d-5f72-4751-841f-67a540ab2b57&nocache=1591847197065&pubcid=9a7d8a92-5f27-47aa-8be7-23a7869761eb&schain=1.0%2C1!pubgalaxy.com%2C8%2C1%2C%2C%2C&aus=300x250%7C160x600%7C300x600%7C300x250%7C300x250%7C300x250%7C300x250%7C300x600%7C300x250%7C300x250%7C160x600%7C728x90%7C728x90%7C300x250%7C300x250%7C300x250%7C728x90%7C728x90%7C728x90%7C728x90%7C300x250%7C300x600&divIds=div-gpt-ad-1505739856306-0%2Cdiv-gpt-ad-wccftechcom37090%2Cdiv-gpt-ad-1454066633851-7%2Cdiv-gpt-ad-1542786791221-0%2Cdiv-gpt-ad-1454066633851-3%2Cdiv-gpt-ad-1542786718467-0%2Cdiv-gpt-ad-1454066633851-2%2Cdiv-gpt-ad-wccftechcom35856%2Cdiv-gpt-ad-1542786640284-0%2Cdiv-gpt-ad-1542789714915-0%2Cdiv-gpt-ad-wccftechcom37089%2Cdiv-gpt-ad-1454066633851-0%2Cdiv-gpt-ad-1454066633851-1%2Cdiv-gpt-ad-1505739390391-0%2Cdiv-gpt-ad-1505739347640-0%2Cdiv-gpt-ad-1505739462410-0%2Cdiv-gpt-ad-1505739517855-0%2Cdiv-gpt-ad-1505739626811-0%2Cdiv-gpt-ad-1505739590046-0%2Cdiv-gpt-ad-1505739548372-0%2Cdiv-gpt-ad-1454066633851-6%2Cdiv-gpt-ad-wccftechcom35855&auid=540285217%2C541038286%2C540265560%2C540285220%2C540265571%2C540285222%2C540265568%2C540845435%2C540475986%2C540475976%2C541038285%2C540265563%2C540265566%2C540265562%2C540265561%2C540265565%2C540265567%2C540265559%2C540265571%2C540265569%2C540265564%2C540845918&aumfs=200%2C10%2C200%2C200%2C200%2C200%2C200%2C10%2C10%2C10%2C10%2C200%2C200%2C200%2C200%2C200%2C200%2C200%2C200%2C200%2C200%2C10&
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.188.0 /
Resource Hash
1eb29ea88ac410c1cf329af83a91d2453b9d9e1f5371eff2f20cdaa379388e43

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 03:46:37 GMT
content-encoding
gzip
server
OXGW/16.188.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://wccftech.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/
0
1 KB
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.78 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 03:46:37 GMT
x-smrt-d
4%3b8%3b39
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://wccftech.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json
content-length
0
trinity.json
apex.go.sonobi.com/
95 B
698 B
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2227b17dd3e432f87%22%3A%22e9a8c9a8a02205ffc5e5%7C300x250%22%7D&ref=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&s=d231d0ff-bccb-4ac7-a8c6-0330d507f0bb&pv=003291c4-2cb7-43f2-9489-19456cdf667b&vp=desktop&lib_name=prebid&lib_v=3.14.0&us=5&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pubgalaxy.com%22%2C%22sid%22%3A%228%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%229a7d8a92-5f27-47aa-8be7-23a7869761eb%22%7D&
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
bee86007469e3b5172f2a232741c097f91e84646cb71e18eddd98580b7463763
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 03:46:37 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-128
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://wccftech.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
110
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/
47 B
724 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.14.0
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
eaf2af2ebcac36dd63d24e607ba06f2644e48894e2e74b3d4f74858a384cceeb

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 11 Jun 2020 03:46:37 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://wccftech.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
65
prebid
ib.adnxs.com/ut/v3/
256 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
3cadc485b9c29303ed57dfb909a3e4acecece8704b3aaca8d22dcc57260ef111
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 03:46:39 GMT
X-Proxy-Origin
185.217.171.12; 185.217.171.12; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.5:80
AN-X-Request-Uuid
4d881572-e8cf-4bcb-9bc5-fedede6f916b
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://wccftech.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
256
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
240 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18630&site_id=208842&zone_id=1661446&size_id=9&rp_schain=1.0,1!pubgalaxy.com,8,1,,,&rf=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&tk_flint=pbjs_lite_v3.14.0&x_source.tid=28a7424f-94cc-4d96-894c-ce9508c29296&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.276125759756531
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
459bf4c8e9463bb1488cdd3722c1cfda327d24386e2c23b629eb54bb8681f590

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 03:46:37 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wccftech.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=236
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
241 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18630&site_id=208842&zone_id=1028984&size_id=10&rp_schain=1.0,1!pubgalaxy.com,8,1,,,&rf=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&tk_flint=pbjs_lite_v3.14.0&x_source.tid=1aa23bcb-f0c5-446c-810a-dd39c94c9f12&p_screen_res=1600x1200&rp_floor=0.2&rp_secure=1&slots=1&rand=0.342849030243646
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
aa15937822be183f506f72f8dcbe9ac3fae76a568bd3e90a587ea040c226ceaf

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 03:46:37 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wccftech.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=450
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
241 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18630&site_id=208842&zone_id=1028976&size_id=15&rp_schain=1.0,1!pubgalaxy.com,8,1,,,&rf=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&tk_flint=pbjs_lite_v3.14.0&x_source.tid=a0de4d42-bf36-4a33-878e-b601e78b92f3&p_screen_res=1600x1200&rp_floor=0.2&rp_secure=1&slots=1&rand=0.9665089725057274
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
b5d557e67b740512e3c68e02d79526f1d7b05aa738450eae084a38db1ef8beaf

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 03:46:37 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wccftech.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=478
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
241 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18630&site_id=208842&zone_id=1028972&size_id=15&rp_schain=1.0,1!pubgalaxy.com,8,1,,,&rf=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&tk_flint=pbjs_lite_v3.14.0&x_source.tid=c71696f7-8200-4901-b12d-1b2ed6125a8e&p_screen_res=1600x1200&rp_floor=0.2&rp_secure=1&slots=1&rand=0.3781047763240799
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
b291c3f636f6239c0337b11ce21c7f69ca8858dad82c6403f051b85399ae210f

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 03:46:37 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wccftech.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=431
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
241 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18630&site_id=208842&zone_id=1406702&size_id=10&rp_schain=1.0,1!pubgalaxy.com,8,1,,,&rf=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&tk_flint=pbjs_lite_v3.14.0&x_source.tid=35c78061-6d81-4fbd-88db-1a212115a8d1&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.34010037813051497
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
1ab5373bb8b6a623f8f95c53297b7aa5b59c91a3b7781e30f5205ece928652d4

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 03:46:37 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wccftech.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=481
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
240 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18630&site_id=208842&zone_id=1661444&size_id=9&rp_schain=1.0,1!pubgalaxy.com,8,1,,,&rf=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&tk_flint=pbjs_lite_v3.14.0&x_source.tid=246c09ab-a7c4-4617-b725-cc42a360916a&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9146867831938881
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
46c9ef7f7c5ddd89e7f67f0816a333af66a151d056f6e4f7d716ddd107589961

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 03:46:37 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wccftech.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=368
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
240 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18630&site_id=208842&zone_id=1028986&size_id=2&rp_schain=1.0,1!pubgalaxy.com,8,1,,,&rf=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&tk_flint=pbjs_lite_v3.14.0&x_source.tid=f7f1fc7a-8dd6-4b61-a74d-7d614ed1cbff&p_screen_res=1600x1200&rp_floor=0.2&rp_secure=1&slots=1&rand=0.7995341353055385
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f41029cf587197803d0aec6437264abf98ead3769797ef4f1a87677c36637eb1

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 03:46:37 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wccftech.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
240 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18630&site_id=208842&zone_id=1028988&size_id=2&rp_schain=1.0,1!pubgalaxy.com,8,1,,,&rf=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&tk_flint=pbjs_lite_v3.14.0&x_source.tid=077c756b-3a3b-440c-be4e-3c6f9a1b8c00&p_screen_res=1600x1200&rp_floor=0.2&rp_secure=1&slots=1&rand=0.45903424314379415
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
b3ebbbe85b5d4f669e77027e042e5e8f57044c52a1ff8600b20f5c12a55092b7

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 03:46:37 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wccftech.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
241 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18630&site_id=208842&zone_id=1028992&size_id=15&rp_schain=1.0,1!pubgalaxy.com,8,1,,,&rf=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&tk_flint=pbjs_lite_v3.14.0&x_source.tid=a89c541e-9a1e-4ce8-9525-895e8b32cdb9&p_screen_res=1600x1200&rp_floor=0.2&rp_secure=1&slots=1&rand=0.1945247095445939
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
46f26760a3f1c3dd2655e9fa62fcaf057c9cc96cf41c96c4132bb6fcbc2fbbcf

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 03:46:37 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wccftech.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
240 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18630&site_id=208842&zone_id=1028998&size_id=2&rp_schain=1.0,1!pubgalaxy.com,8,1,,,&rf=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&tk_flint=pbjs_lite_v3.14.0&x_source.tid=160cc912-4a90-432f-8f57-c775f211541f&p_screen_res=1600x1200&rp_floor=0.2&rp_secure=1&slots=1&rand=0.34097553185180884
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
08605dde0f0c8b2b266cb546c7ef8b6c12040db8924bfb4612a0fd39e482f922

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 03:46:37 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wccftech.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
240 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18630&site_id=208842&zone_id=1029004&size_id=2&rp_schain=1.0,1!pubgalaxy.com,8,1,,,&rf=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&tk_flint=pbjs_lite_v3.14.0&x_source.tid=cc6b6f68-2dd2-41a8-8c71-16841193765f&p_screen_res=1600x1200&rp_floor=0.2&rp_secure=1&slots=1&rand=0.5065123919276548
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
cf21bd1a81e1b035cd81e049532efab8247817310f3219c87ecdb212abe3f0ab

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 03:46:37 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wccftech.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
240 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18630&site_id=208842&zone_id=1029002&size_id=2&rp_schain=1.0,1!pubgalaxy.com,8,1,,,&rf=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&tk_flint=pbjs_lite_v3.14.0&x_source.tid=c061f8e3-41c5-4d29-bab8-a1723e6fe949&p_screen_res=1600x1200&rp_floor=0.2&rp_secure=1&slots=1&rand=0.20079647262157208
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
7069e9fb020f31adeca9977f0d2b9fc3e9c8485ece27ed5c926fdab0341c418a

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 03:46:37 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wccftech.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=499
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
240 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18630&site_id=208842&zone_id=1029000&size_id=2&rp_schain=1.0,1!pubgalaxy.com,8,1,,,&rf=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&tk_flint=pbjs_lite_v3.14.0&x_source.tid=478469d2-ad51-4f25-894d-ab42eb9da15a&p_screen_res=1600x1200&rp_floor=0.2&rp_secure=1&slots=1&rand=0.8490583205531672
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
c4a50fd25a631d8f7a82c275f2d4e33a021aa54352d1839bd11bfbc2fddf8061

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 03:46:37 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wccftech.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
241 B
2 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18630&site_id=208842&zone_id=1407364&size_id=10&rp_schain=1.0,1!pubgalaxy.com,8,1,,,&rf=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&tk_flint=pbjs_lite_v3.14.0&x_source.tid=ca1bfb2d-5f72-4751-841f-67a540ab2b57&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.22410962888498576
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
6ec26bc7f406efd6544ed1ee5eb108d7c8f449edd950d1c8f79875e15b6eda7e

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 03:46:37 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://wccftech.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/
0
113 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Thu, 11 Jun 2020 03:46:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://wccftech.com
cygnus
as-sec.casalemedia.com/
25 B
986 B
XHR
General
Full URL
https://as-sec.casalemedia.com/cygnus?s=489598&v=7.2&r=%7B%22id%22%3A%2262efee89e8bdbff%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22639198a61d22c43%22%2C%22ext%22%3A%7B%22siteID%22%3A%22489598%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2264c75a437258a73%22%2C%22ext%22%3A%7B%22siteID%22%3A%22236179%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22654668f821546c3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22236197%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226650aa37a33198f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22236196%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2267c1e585ae4e82b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22405083%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2268496ce1b046365%22%2C%22ext%22%3A%7B%22siteID%22%3A%22336192%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22699676f43dffa8e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22336191%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%227082afa2bb6bb13%22%2C%22ext%22%3A%7B%22siteID%22%3A%22489597%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22717db2d6d2d7143%22%2C%22ext%22%3A%7B%22siteID%22%3A%22236175%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%227227bd3db1406c9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22236176%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22732c1fc6ec2001%22%2C%22ext%22%3A%7B%22siteID%22%3A%22236190%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2274a1a0115405dfa%22%2C%22ext%22%3A%7B%22siteID%22%3A%22236193%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%227566c1efd6fcfd3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22236192%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22767a067b7acfcca%22%2C%22ext%22%3A%7B%22siteID%22%3A%22236191%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22778834b929e647f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22405188%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pubgalaxy.com%22%2C%22sid%22%3A%228%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1&
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
88e2981a75a7313ee4d962fcd1949f06d4ea5b8452dff9354ed5b1fafa857728

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 03:46:37 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://wccftech.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
45
Expires
Thu, 11 Jun 2020 03:46:37 GMT
fbevents.js
connect.facebook.net/en_US/
131 KB
31 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f03d:1c:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
31766
x-xss-protection
0
pragma
public
x-fb-debug
0EdFfUElF3LBgSKMEkYTb5EMdh8a+Ye0CwMZwaPOf0KN4glbOXHdKC9oAfrrAQMlY2LC8kc2q4Fo7jCQSmwrvQ==
x-fb-trip-id
1512268381
x-frame-options
DENY
date
Thu, 11 Jun 2020 03:46:37 GMT, Thu, 11 Jun 2020 03:46:37 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
wccftech-logo.png
cdn.wccftech.com/files/
2 KB
2 KB
Image
General
Full URL
https://cdn.wccftech.com/files/wccftech-logo.png
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.98.130 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
098b2db1c7c0d5d86b829d845136435d1c9754c2153657557570ea32f6d231b4

Request headers

Referer
https://cdn.wccftech.com/wp-content/themes/wccf2016/style.css?ver=1591242909
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
content-encoding
gzip
last-modified
Thu, 04 Jun 2020 03:55:09 GMT
server
nginx
etag
W/"5ed8709d-84c"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
78a2dec675da70e468a4cb98e42dc9d5
expires
Thu, 31 Dec 2037 23:55:55 GMT
search@2x.png
cdn.wccftech.com/files/
368 B
643 B
Image
General
Full URL
https://cdn.wccftech.com/files/search@2x.png
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.98.130 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
ed9be3ffe9eae79546e1fd2b98558739f75c814778bfbf04442ab618615b5c47

Request headers

Referer
https://cdn.wccftech.com/wp-content/themes/wccf2016/style.css?ver=1591242909
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
last-modified
Thu, 04 Jun 2020 03:55:09 GMT
server
nginx
etag
"5ed8709d-170"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age = 315360000
accept-ranges
bytes
x-cache-groups
assets
content-length
368
x-request-id
78a2dec675da70e468a4cb98e42dc9d5
expires
Thu, 31 Dec 2037 23:55:55 GMT
va9E4kDNxMZdWfMOD5Vvl4jLazX3dA.woff2
fonts.gstatic.com/s/firasans/v10/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jLazX3dA.woff2
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c25407149a8c6d1fb034c5af2d3e00f2d39abc4766125ee810285a22a59f9489
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Fira+Sans:400,500|Open+Sans:400,700
Origin
https://wccftech.com

Response headers

date
Wed, 10 Jun 2020 04:21:40 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:21:53 GMT
server
sffe
age
84297
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15212
x-xss-protection
0
expires
Thu, 10 Jun 2021 04:21:40 GMT
va9B4kDNxMZdWfMOD5VnZKveRhf6Xl7Glw.woff2
fonts.gstatic.com/s/firasans/v10/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnZKveRhf6Xl7Glw.woff2
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2da7bd2aa1105b4c8f6e02d99cf67255fa07f3a99e06f001c50267f965bb26d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Fira+Sans:400,500|Open+Sans:400,700
Origin
https://wccftech.com

Response headers

date
Wed, 10 Jun 2020 04:27:10 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:22:40 GMT
server
sffe
age
83967
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15448
x-xss-protection
0
expires
Thu, 10 Jun 2021 04:27:10 GMT
icomoon10.ttf
cdn.wccftech.com/fonts/
4 KB
5 KB
Font
General
Full URL
https://cdn.wccftech.com/fonts/icomoon10.ttf
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.98.130 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
724c1820cefddc2e026ee1c3baf8903ac8a517bbc486dbcc8976b9ae176449cd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Origin
https://wccftech.com

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
status
200
content-length
4432
x-request-id
ca267c4f8e87345d75a8c0f3f17fa649
last-modified
Thu, 04 Jun 2020 03:55:09 GMT
server
nginx
etag
"5ed8709d-1150"
x-presslabs-cache
HIT
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://wccftech.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age = 315360000
accept-ranges
bytes
x-cache-groups
assets
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Thu, 31 Dec 2037 23:55:55 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Fira+Sans:400,500|Open+Sans:400,700
Origin
https://wccftech.com

Response headers

date
Fri, 22 May 2020 20:44:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
1666944
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Sat, 22 May 2021 20:44:13 GMT
embed.js
wccftech.disqus.com/
66 KB
22 KB
Script
General
Full URL
https://wccftech.disqus.com/embed.js
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
06a87bc7a6cd456c39eb8dc4dc9cad3f9c508f503e5d00bd37505629a0876fea
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 03:46:37 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
22117
integrator.js
adservice.google.de/adsid/
109 B
952 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=wccftech.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 11 Jun 2020 03:46:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
952 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wccftech.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 11 Jun 2020 03:46:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
pubads_impl_2020060103.js
securepubads.g.doubleclick.net/gpt/
246 KB
88 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
sffe /
Resource Hash
7281df0fc37f02952ecbff4b9f47640a7f193aac19c97f89e3e276b20d47e454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 01 Jun 2020 18:46:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90085
x-xss-protection
0
expires
Thu, 11 Jun 2020 03:46:37 GMT
org
mrb.upapi.net/
2 KB
1 KB
Script
General
Full URL
https://mrb.upapi.net/org?o=5184339635601408&upapi=true
Requested by
Host: pubgalaxy-com.videoplayerhub.com
URL: https://pubgalaxy-com.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3336905ba8f2233efb48c3fd4a4bd1f682afed0a4399c8998a1d32c8d7f2d8e

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
via
1.1 google
cf-cache-status
HIT
age
1787
status
200
content-encoding
br
alt-svc
h3-27=":443"; ma=86400
cf-request-id
034315b3a70000640dc799c200000001
server
cloudflare
etag
W/"5b507699e8d9fc1c5f97f8a538655a86"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
cf-ray
5a1858990f1c640d-FRA
post-thumb.png
cdn.wccftech.com/images/
1 KB
2 KB
Image
General
Full URL
https://cdn.wccftech.com/images/post-thumb.png
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/31026X886738.skimlinks.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.98.130 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
2213a2eace5f9bb66a83e282f9955f18ffdf8a7c4cf5b4fcab1afb682c02eb77

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
content-encoding
gzip
last-modified
Fri, 12 May 2017 09:52:33 GMT
server
nginx
etag
W/"591585e1-5f6"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
c973ae52f80431dca754c158360f55a1
expires
Thu, 31 Dec 2037 23:55:55 GMT
wccftech-logo-w.png
cdn.wccftech.com/files/
2 KB
2 KB
Image
General
Full URL
https://cdn.wccftech.com/files/wccftech-logo-w.png
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/31026X886738.skimlinks.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.98.130 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
d455c5b5be75f97d7855e2cd4648bbfc378cb7726c6aeeb66a3ae0e124d8cdf9

Request headers

Referer
https://cdn.wccftech.com/wp-content/themes/wccf2016/style.css?ver=1591242909
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
content-encoding
gzip
last-modified
Thu, 04 Jun 2020 03:55:09 GMT
server
nginx
etag
W/"5ed8709d-8d0"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
317c5dd60dca98477b8272c25b923c1d
expires
Thu, 31 Dec 2037 23:55:55 GMT
search-close@2x.png
cdn.wccftech.com/files/
307 B
583 B
Image
General
Full URL
https://cdn.wccftech.com/files/search-close@2x.png
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/31026X886738.skimlinks.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.98.130 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
8d6b682627316bb22e2ce8378f998737edd6ed8b6c4f45413fa39f397b60a163

Request headers

Referer
https://cdn.wccftech.com/wp-content/themes/wccf2016/style.css?ver=1591242909
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
last-modified
Thu, 04 Jun 2020 03:55:09 GMT
server
nginx
etag
"5ed8709d-133"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age = 315360000
accept-ranges
bytes
x-cache-groups
assets
content-length
307
x-request-id
317c5dd60dca98477b8272c25b923c1d
expires
Thu, 31 Dec 2037 23:55:55 GMT
font
fonts.gstatic.com/l/
2 KB
2 KB
Font
General
Full URL
https://fonts.gstatic.com/l/font?kit=rnCu-xZa_krGokauCeNq1wWyafaPWnIIOKdy6auGslE5FsQUTWAGXG3a&skey=1cce8e1adc5342b&v=v4
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/31026X886738.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3fba340c6314de4aa9ebc5e48e2af7e0eb55506632ce04687fad81655b8752fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css2?family=DM+Serif+Text&display=swap&text=GET%20A%20DAILY%20DIGEST%20OF%20LATEST%20TECHNOLOGY%20NEWS
Origin
https://wccftech.com

Response headers

date
Wed, 10 Jun 2020 20:47:00 GMT
x-content-type-options
nosniff
age
25177
status
200
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2192
x-xss-protection
0
last-modified
Tue, 19 Nov 2019 22:38:46 GMT
server
ESF
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 11 Jun 2020 20:47:00 GMT
/
r.skimresources.com/api/
Redirect Chain
  • https://r.skimresources.com/api/
  • https://r.skimresources.com/api/?xguid=01EAGQS7087ATPYVF23MSBQ6QP&persistence=1&checksum=67211e547e8d77413dc671393c60253bd562dbe65b2458c82e0b527cd45f3793
183 B
496 B
XHR
General
Full URL
https://r.skimresources.com/api/?xguid=01EAGQS7087ATPYVF23MSBQ6QP&persistence=1&checksum=67211e547e8d77413dc671393c60253bd562dbe65b2458c82e0b527cd45f3793
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
36635da2181832c45ab3139bf0abe888a3cc9dd82aa13d2ffd20c6817dc1a8ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
status
200
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://wccftech.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-type
application/json
alt-svc
clear
via
1.1 google

Redirect headers

date
Thu, 11 Jun 2020 03:46:37 GMT
via
1.1 google
server
openresty/1.11.2.5
status
307
location
https://r.skimresources.com/api/?xguid=01EAGQS7087ATPYVF23MSBQ6QP&persistence=1&checksum=67211e547e8d77413dc671393c60253bd562dbe65b2458c82e0b527cd45f3793
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://wccftech.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-type
text/html
alt-svc
clear
content-length
193
robots.txt
t.skimresources.com/api/v2/ Frame 0898
0
102 B
Image
General
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.1248466226936833
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
206
date
Thu, 11 Jun 2020 03:46:37 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
clear
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/
43 B
244 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=2.106346279592321
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status
200
content-type
image/gif
alt-svc
clear
content-length
43
px.gif
p.skimresources.com/
43 B
102 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=2.106346279592321
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status
200
content-type
image/gif
alt-svc
clear
content-length
43
sdk.js
api.traq.li/public/sdk/v04/
38 KB
12 KB
Script
General
Full URL
https://api.traq.li/public/sdk/v04/sdk.js?v=xxx
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f96725b06253823ea61d79ddba3108d33a4f59c3b5154e695833d4036a7ef23d

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:37 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
144
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-traqli-node
1
cf-request-id
034315b410000005cc50387200000001
last-modified
Tue, 02 Jun 2020 09:56:31 GMT
server
cloudflare
etag
W/"180d1-17274760541"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
api.traq.li
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
5a185899ba4605cc-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Content-Type,Cookie,Origin,Traqli-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Thu, 11 Jun 2020 04:14:13 GMT
getad
aax-us-east.amazon-adsystem.com/x/
20 KB
7 KB
Script
General
Full URL
https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22div_name%22%3A%22amzn-assoc-ad-54373194-91c7-4e61-b9a0-12cad6711106%22%2C%22tracking_id%22%3A%22wccftech0a9-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22NL%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22wccftech0a9-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by
Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=54373194-91c7-4e61-b9a0-12cad6711106
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.141.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
5c1476ae8bb745d2f600abd7d6263f0b8f3bd4acb6b0e31345e11d17742f85ac

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 03:46:38 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
Server
Connection
keep-alive
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript;charset=UTF-8
t
jadserve.postrelease.com/
1 KB
1 KB
Script
General
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&ntv_med=1&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.148.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-148-243.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
5a9ae5c1760f19f103a43825fa9fb5d4be966e6bc63509e3aa34810be08c105c

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 03:46:38 GMT
content-encoding
gzip
server
nginx/1.12.1
status
200
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
634
expires
Mon, 1 Jan 1990 12:00:00 GMT
geocc.js
g.pcmag.com/
184 B
265 B
Script
General
Full URL
https://g.pcmag.com/geocc.js
Requested by
Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/wccftech.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.231.145 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-231-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
13e524226cb57622366c08ba4ba0e590e012c76f994cd1167cb2d646cfb537a8

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 11 Jun 2020 03:46:38 GMT
content-length
184
content-type
application/javascript
beacon.js
sb.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/wccftech.com.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 03:46:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Fri, 12 Jun 2020 03:46:38 GMT
z0WVjCBSEeGLoxIxOQVEwQ.min.js
cdn.static.zdbb.net/eu/js/
Redirect Chain
  • https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
  • https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
79 KB
23 KB
Script
General
Full URL
https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.224.209 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f5eb20011be76794550282c2735d02cae14d625e025370cd627f76a428d53d23

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
DKScu4Oj3AtG3AiAy8gMXfLnnw0KUWYl
content-encoding
gzip
last-modified
Thu, 21 May 2020 06:25:12 GMT
x-amz-request-id
81C2C318F745EA91
date
Thu, 11 Jun 2020 03:46:41 GMT
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
content-length
23157
x-amz-id-2
IgDgfKKZlMmzkb1pXNoxrd9Ui991S9Nu7ImLsA62aoOZUcMsybrY2XPXCtul9DzpfWL67ST/WKw=
expires
Thu, 11 Jun 2020 04:46:41 GMT

Redirect headers

status
303
date
Thu, 11 Jun 2020 03:46:41 GMT
cache-control
max-age=3600
core-eu
Yes
content-length
0
location
https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
expires
Thu, 11 Jun 2020 04:46:41 GMT
v60.js
cdn-gl.imrworldwide.com/
Redirect Chain
  • https://secure-us.imrworldwide.com/v60.js
  • https://cdn-gl.imrworldwide.com/v60.js
21 KB
7 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/v60.js
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:3200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38997f0b9bb8b0d35eb0c1f9e1b05249f6f1e9972419d4f41ff389e3a35eb924

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
Atg2BNoq_w9GuxA03gYewv2lTFbMKFkY
content-encoding
gzip
last-modified
Mon, 04 May 2020 13:03:46 GMT
server
AmazonS3
age
83855
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=86400
date
Wed, 10 Jun 2020 04:29:04 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
OkV3Qn51DqLRrxRenUEzD-5rxnVF6i1OxE5pUsaJTwGs2GA2-I8gaQ==
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)

Redirect headers

status
301
date
Thu, 11 Jun 2020 03:46:39 GMT
server
awselb/2.0
content-length
150
location
https://cdn-gl.imrworldwide.com:443/v60.js
content-type
text/html
nsgpt.jsonp
ns.zdbb.net/
406 B
525 B
Script
General
Full URL
https://ns.zdbb.net/nsgpt.jsonp?u=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F
Requested by
Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/wccftech.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.231.145 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-231-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
20771dcfdb184e0554b5d7e8e997114d44ec4e3d491fec3b4fe2dd2140cbb4f6

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:38 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
https://wccftech.com
cache-control
max-age=54
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control
content-length
266
expires
Thu, 11 Jun 2020 03:47:32 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
44 KB
15 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/wccftech.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
sffe /
Resource Hash
0a6ac53afb044518ae02aaccf12cfcd5d8ef3cb4f43fafb80c6b389e91cad05b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"539 / 249 of 1000 / last-modified: 1591819533"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14691
x-xss-protection
0
expires
Thu, 11 Jun 2020 03:46:38 GMT
/
gurgle.zdbb.net/
43 B
249 B
Image
General
Full URL
https://gurgle.zdbb.net/?domain=netshelter.net
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.225.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-225-201.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:38 GMT
status
200
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
https://wccftech.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control
content-length
43
count-data.js
wccftech.disqus.com/
565 B
1 KB
Script
General
Full URL
https://wccftech.disqus.com/count-data.js?1=762411%20http%3A%2F%2Fwccftech.com%2F%3Fp%3D762411&1=799859%20http%3A%2F%2Fwccftech.com%2F%3Fp%3D799859&1=835135%20http%3A%2F%2Fwccftech.com%2F%3Fp%3D835135&1=880253%20http%3A%2F%2Fwccftech.com%2F%3Fp%3D880253&1=888417%20http%3A%2F%2Fwccftech.com%2F%3Fp%3D888417
Requested by
Host: wccftech.disqus.com
URL: https://wccftech.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a40cb4a686ad6a3406309564a4c070c7966ae4f105d861d2aa5df75fcf926d37
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 03:46:38 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
1089
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
565
X-XSS-Protection
1; mode=block
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=791069950&t=pageview&_s=1&dl=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&ul=en-us&de=UTF-8&dt=Microsoft%2C%20FBI%20%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3244067-1&cid=316466064.1591847198&jid=818063027&_gid=1120779103.1591847198&gjid=1553890694&_v=j82&z=513130348
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3244067-1&cid=316466064.1591847198&jid=818063027&_v=j82&z=513130348
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3244067-1&cid=316466064.1591847198&jid=818063027&_v=j82&z=513130348&slf_rd=1&random=1300288036
42 B
106 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3244067-1&cid=316466064.1591847198&jid=818063027&_v=j82&z=513130348&slf_rd=1&random=1300288036
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 03:46:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jun 2020 03:46:38 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3244067-1&cid=316466064.1591847198&jid=818063027&_v=j82&z=513130348&slf_rd=1&random=1300288036
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/
35 B
98 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=791069950&t=pageview&_s=1&dl=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&ul=en-us&de=UTF-8&dt=Microsoft%2C%20FBI%20%26%20Others%20Partner%20to%20Take%20Down%20Massive%20Andromeda%20Botnet&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEAB~&jid=885067185&gjid=1448530043&cid=316466064.1591847198&tid=UA-56641839-20&_gid=1120779103.1591847198&_r=1&z=13878001
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 03:46:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
1503230403325633
connect.facebook.net/signals/config/
517 KB
129 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1503230403325633?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f03d:1c:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
459f8ac1f0c7b7bbf002e9608b5b7b2fac840e9ed60f75987be8b70b5e78b52b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
131701
x-xss-protection
0
pragma
public
x-fb-debug
KkS4+sp6crITnHH/LFCDYe/yAjLJp/iiYUKfaT9qXWNR6WSbiW6/KW8pcjAoI7gPUDJNQLULiiiUU5zcjGKSWw==
x-fb-trip-id
1512268381
x-frame-options
DENY
date
Thu, 11 Jun 2020 03:46:38 GMT, Thu, 11 Jun 2020 03:46:38 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v34/ Frame D5A2
0
0
Document
General
Full URL
https://static.quantcast.mgr.consensu.org/v34/cmp-3pc-check.html
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:4400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
static.quantcast.mgr.consensu.org
:scheme
https
:path
/v34/cmp-3pc-check.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/

Response headers

status
200
content-type
text/html
content-length
645
last-modified
Thu, 28 May 2020 22:22:14 GMT
x-amz-server-side-encryption
AES256
accept-ranges
bytes
server
AmazonS3
date
Thu, 11 Jun 2020 03:34:11 GMT
etag
"55b98270d639ef0c34781d9f03cce91f"
x-cache
Hit from cloudfront
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
CWm7HwPeZ-Pgf8K4E6zoLrkYgoLPatAc7-1AtzMu2ffSmcC5I7rXFw==
age
1607
lounge.5c5dad4ae74bbb3422efd01116dc45e6.css
c.disquscdn.com/next/embed/styles/
0
22 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.5c5dad4ae74bbb3422efd01116dc45e6.css
Requested by
Host: wccftech.disqus.com
URL: https://wccftech.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1155378
status
200
strict-transport-security
max-age=300; includeSubdomains
content-length
22038
x-xss-protection
1; mode=block
timing-allow-origin
*
last-modified
Thu, 28 May 2020 18:36:12 GMT
server
cloudflare
etag
"5ed0049c-5616"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
cf-request-id
034315b5f10000176e1c986200000001
accept-ranges
bytes
cf-ray
5a18589cbd54176e-FRA
expires
Fri, 28 May 2021 18:50:18 GMT
common.bundle.7d87bb8040158de8c0a9cf48216dcb06.js
c.disquscdn.com/next/embed/
0
89 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/common.bundle.7d87bb8040158de8c0a9cf48216dcb06.js
Requested by
Host: wccftech.disqus.com
URL: https://wccftech.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
710747
status
200
strict-transport-security
max-age=300; includeSubdomains
content-length
90422
x-xss-protection
1; mode=block
timing-allow-origin
*
last-modified
Tue, 02 Jun 2020 18:28:19 GMT
server
cloudflare
etag
"5ed69a43-16136"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
cf-request-id
034315b5f20000176e1c987200000001
accept-ranges
bytes
cf-ray
5a18589cbd55176e-FRA
expires
Wed, 02 Jun 2021 22:20:51 GMT
lounge.bundle.907072d563117313785716c7fb3237d9.js
c.disquscdn.com/next/embed/
0
109 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.907072d563117313785716c7fb3237d9.js
Requested by
Host: wccftech.disqus.com
URL: https://wccftech.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
461498
status
200
strict-transport-security
max-age=300; includeSubdomains
content-length
111190
x-xss-protection
1; mode=block
timing-allow-origin
*
last-modified
Thu, 28 May 2020 18:36:11 GMT
server
cloudflare
etag
"5ed0049b-1b256"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
cf-request-id
034315b5f20000176e1c988200000001
accept-ranges
bytes
cf-ray
5a18589cbd56176e-FRA
expires
Fri, 28 May 2021 18:50:18 GMT
config.js
disqus.com/next/
0
6 KB
Other
General
Full URL
https://disqus.com/next/config.js
Requested by
Host: wccftech.disqus.com
URL: https://wccftech.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 03:46:38 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
33
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
5849
X-XSS-Protection
1; mode=block
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.199.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-199-29.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 15:30:05 GMT
content-encoding
gzip
vary
Origin
age
44194
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Sat, 06 Jun 2020 15:26:41 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
Ee5azIQ0hk7ywiyegTUB5m9JXPW73pX6gmEwIFhzUP1ZVZ1QJ-7pjg==
code
mrb.upapi.net/
668 KB
214 KB
Script
General
Full URL
https://mrb.upapi.net/code?w=5754194498682880&upapi=true
Requested by
Host: mrb.upapi.net
URL: https://mrb.upapi.net/org?o=5184339635601408&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:91b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fb2aa89f6019fd3dd7f3690c99ae355c8c5b69cfdfa3cec07ceefcee59b293b

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:38 GMT
via
1.1 google
cf-cache-status
HIT
age
1741
status
200
content-encoding
br
alt-svc
h3-27=":443"; ma=86400
cf-request-id
034315b5ec0000640dc79a1200000001
server
cloudflare
etag
W/"fbb1397537576dd9570f3ae706c4564f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
cf-ray
5a18589cafc5640d-FRA
83
api.traq.li/publisher/fusion/lucid/data/
464 B
584 B
XHR
General
Full URL
https://api.traq.li/publisher/fusion/lucid/data/83?email=&visitor=&stored_visitor=&tqid=
Requested by
Host: cdn.wccftech.com
URL: https://cdn.wccftech.com/wp-content/themes/wccf2016/script.js?ver=1591242909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a499a155cc9b5c460650f7aa7adbe293d1c615c214bcd99a8eb940981fb9d40b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-traqli-node
1
cf-request-id
034315b8ad000005cc503c3200000001
server
cloudflare
etag
W/"1d0-9kiSxRF6V1DEQFwABfbf5t9AJ8o"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wccftech.com
access-control-allow-credentials
true
cf-ray
5a1858a11d1405cc-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Content-Type,Cookie,Origin,Traqli-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
pub
pixel.adsafeprotected.com/services/
1 KB
1 KB
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=7529&slot=%7Bid:nsgpt-oop-footer,s:1.1,p:/4585/ns.wccftech/general,t:display%7D&slot=%7Bid:nsgpt-oop-stitials,s:1.1,p:/4585/ns.wccftech/general,t:display%7D&slot=%7Bid:nsgpt-oop-inpage,s:1.1,p:/4585/ns.wccftech/general,t:display%7D&slot=%7Bid:nsgpt-oop-skin,s:1.1,p:/4585/ns.wccftech/general,t:display%7D&slot=%7Bid:nsgpt-oop-inline,s:1.1,p:/4585/ns.wccftech/general,t:display%7D&slot=%7Bid:nsgpt-oop-masthead,s:1.1,p:/4585/ns.wccftech/general,t:display%7D&slot=%7Bid:nsgpt-oop-native,s:1.1,p:/4585/ns.wccftech/general,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=6ca0095d-3676-7c0c-35fd-4eb72701feb4&url=https%253A%252F%252Fwccftech.com%252Fmicrosoft-fbi-shut-andromeda-botnet%252F
Requested by
Host: cdn.nsstatic.com
URL: https://cdn.nsstatic.com/ns/wccftech.com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.157.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-157-39.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5dc917ab496c27280b16415e26bf3bab653225969054258bfeceae2fb0f525e1

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:38 GMT
x-server-name
app11.ie.303net.net
status
200
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://wccftech.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
cmpui-popup.js
static.quantcast.mgr.consensu.org/v34/
258 KB
69 KB
Script
General
Full URL
https://static.quantcast.mgr.consensu.org/v34/cmpui-popup.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:4400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7a580835e59bad7481527ebaf08ca3a959177c48c63d60ef5cdb2e12e8f470e

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:44:39 GMT
content-encoding
gzip
last-modified
Thu, 28 May 2020 22:22:14 GMT
server
AmazonS3
age
193
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
ta-sremh6Jqe7l2eRwdILKNCSkB_Iuyz8P-UZWdfQl2L4gNTxmDTlQ==
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
bid
c.amazon-adsystem.com/e/dtb/
23 B
368 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&pid=V8xmhnJ4Z5KW8&cb=0&ws=1600x1200&v=7.50.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F8095840%2F.2_A.37090.2_wccftech.com_tier1%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F8095840%2F4.wccftech.com_desktop_300x600%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8095840%2F4.wccftech.com_mobile_300x250_pl%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8095840%2F4.Wccftech_300x250_BTF%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8095840%2F4.wccftech.com_mobile_300x250mid%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8095840%2F4.Wccftech_300x250_ATF%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8095840%2F4.wccftech.com_mobile_300x250_atf%22%7D%2C%7B%22sd%22%3A%227%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8095840%2F.2_12304.4_wccftech.com_tier1%22%7D%2C%7B%22sd%22%3A%228%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F8095840%2F.2_A.37089.2_wccftech.com_tier1%22%7D%2C%7B%22sd%22%3A%229%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8095840%2F4.Wccftech_728x90_ATF%22%7D%2C%7B%22sd%22%3A%2210%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8095840%2F4.Wccftech_728x90_BTF%22%7D%2C%7B%22sd%22%3A%2211%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8095840%2F.2_12297.4_wccftech.com_tier1%22%7D%2C%7B%22sd%22%3A%2212%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8095840%2F.2_12296.4_wccftech.com_tier1%22%7D%2C%7B%22sd%22%3A%2213%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8095840%2F.2_12298.4_wccftech.com_tier1%22%7D%2C%7B%22sd%22%3A%2214%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8095840%2F.2_12299.3_wccftech.com_tier1%22%7D%2C%7B%22sd%22%3A%2215%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8095840%2F.2_12302.3_wccftech.com_tier1%22%7D%2C%7B%22sd%22%3A%2216%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8095840%2F.2_12301.3_wccftech.com_tier1%22%7D%2C%7B%22sd%22%3A%2217%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8095840%2F.2_12300.3_wccftech.com_tier1%22%7D%2C%7B%22sd%22%3A%2218%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8095840%2F4.wccftech.com_desktop_300x250_mc%22%7D%2C%7B%22sd%22%3A%2219%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F8095840%2F.2_A.35855.7_wccftech.com_tier1%22%7D%5D&pubid=6d0c7ea7-f036-437d-be93-21fc59c890c2&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.199.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-199-29.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:38 GMT
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
status
200
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://wccftech.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
IkPqG31MUEYYJzMg9uP_Xh5WJHaG70ZH4KWUS4McXEJRzhLFECFvwA==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=8&c2=6036316&c3=1&ns__t=1591847198359&ns_c=UTF-8&cv=3.5&c8=Microsoft%2C%20FBI%20%26%20Others%20Partner%20to%20Take%20Down%20Massive%20Andromeda%20Botnet&c7=htt...
  • https://sb.scorecardresearch.com/b2?c1=8&c2=6036316&c3=1&ns__t=1591847198359&ns_c=UTF-8&cv=3.5&c8=Microsoft%2C%20FBI%20%26%20Others%20Partner%20to%20Take%20Down%20Massive%20Andromeda%20Botnet&c7=ht...
0
528 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=8&c2=6036316&c3=1&ns__t=1591847198359&ns_c=UTF-8&cv=3.5&c8=Microsoft%2C%20FBI%20%26%20Others%20Partner%20to%20Take%20Down%20Massive%20Andromeda%20Botnet&c7=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&c9=&cs_ak_ss=1
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 03:46:38 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=8&c2=6036316&c3=1&ns__t=1591847198359&ns_c=UTF-8&cv=3.5&c8=Microsoft%2C%20FBI%20%26%20Others%20Partner%20to%20Take%20Down%20Massive%20Andromeda%20Botnet&c7=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Thu, 11 Jun 2020 03:46:38 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
page
t.skimresources.com/api/v2/
22 B
337 B
XHR
General
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/31026X886738.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 03:46:38 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://wccftech.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
link
t.skimresources.com/api/v2/
22 B
88 B
XHR
General
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/31026X886738.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 03:46:38 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://wccftech.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
iab
api.skimlinks.mgr.consensu.org/
772 B
938 B
XHR
General
Full URL
https://api.skimlinks.mgr.consensu.org/iab?nocache=1591847198363
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/31026X886738.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.40.172 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.40.190.35.bc.googleusercontent.com
Software
gunicorn/20.0.4 /
Resource Hash
3af1040f40683c251264df004d2ff25d93970cb1300258008256db650dd106fa

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:38 GMT
via
1.1 google
server
gunicorn/20.0.4
status
200
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://wccftech.com
access-control-allow-credentials
true
alt-svc
clear
content-length
772
/
disqus.com/embed/comments/ Frame B480
0
0
Document
General
Full URL
https://disqus.com/embed/comments/?base=default&f=wccftech&t_i=794903%20http%3A%2F%2Fwccftech.com%2F%3Fp%3D794903&t_u=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&t_d=Microsoft%2C%20FBI%20%26%20Others%20Partner%20to%20Take%20Down%20Massive%20Andromeda%20Botnet&t_t=Microsoft%2C%20FBI%20%26%20Others%20Partner%20to%20Take%20Down%20Massive%20Andromeda%20Botnet&s_o=default
Requested by
Host: wccftech.disqus.com
URL: https://wccftech.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
disqus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/

Response headers

Connection
keep-alive
Content-Length
3659
Server
nginx
Content-Type
text/html; charset=utf-8
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified
Tue, 02 Jun 2020 23:38:51 GMT
ETag
W/"lounge:view:6330599745.0c608a6af6711c65955a3a3bc4428b4f.2"
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Encoding
gzip
Date
Thu, 11 Jun 2020 03:46:38 GMT
Age
0
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
/
www.facebook.com/tr/
44 B
260 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1503230403325633&ev=PageView&dl=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&rl=&if=false&ts=1591847198400&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1591847198399.1756231336&it=1591847198076&coo=false&rqm=GET
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:38 GMT, Thu, 11 Jun 2020 03:46:38 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Thu, 11 Jun 2020 03:46:38 GMT
favicon.ico
ad.doubleclick.net/
1 KB
513 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 04:15:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84674
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 11 Jun 2020 04:15:24 GMT
px.gif
ad-delivery.net/
43 B
631 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.0654558991385239
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:38 GMT
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
2840
x-cache
Hit from cloudfront
status
200
content-type
image/gif
content-length
43
cf-request-id
034315b71f0000e00beb9b2200000001
last-modified
Thu, 27 Jul 2017 18:59:05 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
cf-ray
5a18589e997ce00b-FRA
x-amz-cf-id
83F5Uk2xfpYVdOHlTnZZL8Zam4oKODXSWmECvIjJHlsxNSnAteHcTg==
pixel.gif
load77.exelator.com/ Frame 0898
Redirect Chain
  • https://x.skimresources.com/?provider=exelate
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0&
  • https://loadeu.exelator.com/load/?p=787&g=001&j=0&&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
273 B
Image
General
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.48 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-47.cdn77.com
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:40 GMT
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
x-edge-location
frankfurtDE
etag
"59f0c3fc-2b"
status
200
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-edge-ip
195.181.175.47
x-age
750267
accept-ranges
bytes
content-length
43

Redirect headers

date
Thu, 11 Jun 2020 03:46:40 GMT
server
nginx
x-powered-by
Undertow/1
status
302
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
/
aax-us-east.amazon-adsystem.com/x/px/Qv5juxmPewnsJxE9yD2TkPEAAAFyoXyeMgEAAAFKAbvmsVg/
43 B
245 B
Image
General
Full URL
https://aax-us-east.amazon-adsystem.com/x/px/Qv5juxmPewnsJxE9yD2TkPEAAAFyoXyeMgEAAAFKAbvmsVg/?assoc_payload=%7B%22totalDocWidth%22%3A1600%2C%22totalDocHeight%22%3A5220%2C%22logType%22%3A%22onetag_pageload%22%2C%22pageTitle%22%3A%22Microsoft%2C%20FBI%20%26%20Others%20Partner%20to%20Take%20Down%20Massive%20Andromeda%20Botnet%22%2C%22numLinks%22%3A0%2C%22numAutoTaggedLinks%22%3A0%2C%22autoTaggingEnabled%22%3Afalse%2C%22geoRedirectEnabled%22%3Atrue%2C%22disableTransitTracking%22%3Afalse%2C%22numLinksATF%22%3A0%2C%22numLinksBTF%22%3A0%2C%22shortLinksInLivePool%22%3A%22%22%2C%22shortLinksInPage%22%3A%22%22%2C%22shortLinksInLivePoolCount%22%3A0%2C%22shortLinksInPageCount%22%3A0%2C%22shortLinksMatchCount%22%3A0%2C%22assocPayloadId%22%3A%22Qv5juxmPewnsJxE9yD2TkPEAAAFyoXyeMgEAAAFKAbvmsVg%22%2C%22linkCode%22%3A%22w49%22%2C%22trackingId%22%3A%22wccftech0a9-20%22%2C%22refUrl%22%3A%22https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F%22%7D
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.141.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 11 Jun 2020 03:46:38 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
cm_:onejs_load_evt@v=1090,onejs_exec_time@v=5,aax_load_time@v=698,aax_load_time_one_tag@v=699,wdgt_load_time@v=1797,wdgt_load_time_NL@v=1797,wdgt_load_time_one_tag@v=1797,wdgt_load_time_invoke@v=70...
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/
0
146 B
Image
General
Full URL
https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=1090,onejs_exec_time@v=5,aax_load_time@v=698,aax_load_time_one_tag@v=699,wdgt_load_time@v=1797,wdgt_load_time_NL@v=1797,wdgt_load_time_one_tag@v=1797,wdgt_load_time_invoke@v=707,wdgt_load_time_invoke_one_tag@v=704,wdgt_load_time_invoke_one_tag_NL@v=704?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=6bcc157c-9bd6-4e23-8563-0ecdd4920534&session=0e1a8871-eb83-47bc-b5d4-1bf7a2f9f5f1
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
52.94.237.66 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 03:46:39 GMT
x-amzn-RequestId
4d0e52e9-34ac-450f-af24-8ba02841a64c
Content-Type
text/plain
vendorlist.json
vendorlist.consensu.org/
97 KB
18 KB
XHR
General
Full URL
https://vendorlist.consensu.org/vendorlist.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:ba00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbf81561c83bed63934df4870bfe8861e1c650f74867f54b56c753bbb817208d

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Jun 2020 16:11:43 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
560096
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Thu, 04 Jun 2020 16:01:32 GMT
server
AmazonS3
access-control-max-age
604800
access-control-allow-methods
GET
x-amz-version-id
sChpTtuwyDzMDlpJJPZesB71QJtZEoTO
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA2-C1
content-type
application/json; charset=utf-8
x-amz-cf-id
7TNdXuhStUTPaR7PPRyA5ryd1n4Qb3xCVYg_WSqv_9jg6N3HJfuL7w==
CookieAccess
apis.quantcast.mgr.consensu.org/
18 B
263 B
XHR
General
Full URL
https://apis.quantcast.mgr.consensu.org/CookieAccess
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.217.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-217-48.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
9aae8dacafa5856ab91d8632a1a45d7034bc2e538cf52837fe1a8973c2f44177

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
server
awselb/2.0
status
200
vary
Origin
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
https://wccftech.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
18
trk.gif
jadserve.postrelease.com/
43 B
427 B
Image
General
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=251854&ntv_pl=1072571
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.148.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-148-243.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 03:46:38 GMT
server
nginx/1.12.1
status
200
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/
43 B
427 B
Image
General
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=a27cee14-8283-44d8-bc84-2a57d2a236b6&ntv_fl=Js-9sgkIMAcneH5bOKp6X9uWqFUFyflRK83NhSSTeR4=&ntv_ht=HqnhXgA&ntv_at=303,302&ntv_a=AAAAAAAAAAu10QA&ord=1591847198684&ntv_dpl=1028,1029,1001,1003,1005,1006,1007,1041,1011,1045,1016,1050,1018,1019,1022&ntv_it
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.148.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-148-243.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 03:46:38 GMT
server
nginx/1.12.1
status
200
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
ads-beacon.js
wccftech.com/
76 B
295 B
Script
General
Full URL
https://wccftech.com/ads-beacon.js?ts=8666
Requested by
Host: wccftech.com
URL: https://wccftech.com/cnt7vfDVvWa3.js?ts=58820
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.128.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.128.251.148.clients.your-server.de
Software
nginx /
Resource Hash
499721bc8b9008e6012b07c310c97ca23ae655da513893bf1c454fbabd5c0211

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:38 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
no-cache
x-presslabs-stats
desktop
x-request-id
24d3c9b618f23df11fe812a8cf9d16a9
expires
Thu, 01 Jan 1970 00:00:01 GMT
pv
backend.upapi.net/
0
105 B
XHR
General
Full URL
https://backend.upapi.net/pv?pid=3ixjm1kn&br=chrome&sid=BGubbhDInU&w=5754194498682880&cv=bf82e66a-v2&r=false&upapi=true
Requested by
Host: mrb.upapi.net
URL: https://mrb.upapi.net/code?w=5754194498682880&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 11 Jun 2020 03:46:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
https://wccftech.com
alt-svc
clear
content-length
0
via
1.1 google
/
www.facebook.com/tr/
0
80 B
Other
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryuz4xhtIlxH5MyLh6

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Thu, 11 Jun 2020 03:46:38 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://wccftech.com
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=3600
content-length
0
/
p.skimresources.com/ Frame 0898
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
  • https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=5fd1e335e8fdf0b6f1dd1c38709dd343
  • https://p.skimresources.com/?provider_id=5fd1e335e8fdf0b6f1dd1c38709dd343&skim_mapping=true
43 B
102 B
Image
General
Full URL
https://p.skimresources.com/?provider_id=5fd1e335e8fdf0b6f1dd1c38709dd343&skim_mapping=true
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status
200
content-type
image/gif
alt-svc
clear
content-length
43

Redirect headers

date
Thu, 11 Jun 2020 03:46:39 GMT
via
1.1 google
server
TornadoServer/2.4.1
status
302
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://p.skimresources.com?provider_id=5fd1e335e8fdf0b6f1dd1c38709dd343&skim_mapping=true
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
0
ads
securepubads.g.doubleclick.net/gampad/
46 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4259266700532626&correlator=2042022959376281&output=ldjh&impl=fif&adsid=NT&eid=21066386%2C21066256&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200611&iu_parts=8095840%2C4.Wccftech_728x90_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=page%3Dnews%26url%3D%252Fmicrosoft-fbi-shut-andromeda-botnet%252F%26ref%3D%26zcp%3D906c0f39fbf8574163194%26cpid%3Def73f84aee50703c4ffb54eccfa44bd4%26mop%3Dy%26gdpr%3D0%26amznslots%3D%26zdid%3Def73f84aee50703c4ffb54eccfa44bd4%26zc%3D996da366-f4b2-4634-8e67-8e1cbca19e80%26p%3D1100034%252C1100037%252C900111%252C6929%252C900115%252C6816%252C6817%252C900002%252C6819%252C6947%252C6821%252C900003%252C6823%252C6825%252C1100077%252C6833%252C6834%252C900018%252C6837%252C6845%252C1100095%252C6848%252C6850%252C900164%252C900041%252C900169%252C900049%252C6886%252C900200%252C6889%252C6894%26zdbb%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1591804343&dt=1591847199001&dlt=1591847196808&idt=1390&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=150&adks=1703312837&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&dssz=56&icsg=3332938661888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x280&msz=1600x250&ga_vid=316466064.1591847198&ga_sid=1591847199&ga_hid=791069950&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
6db09b8713da8417e6fc56c7aa0d5663158b8081855b84c078d91b862b87b235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11102
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wccftech.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4d8103fb21d776cb7a874fb3c68381c4.safeframe.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://4d8103fb21d776cb7a874fb3c68381c4.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ads
securepubads.g.doubleclick.net/gampad/
39 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4259266700532626&correlator=2042022959376281&output=ldjh&impl=fif&adsid=NT&eid=21066386%2C21066256&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200611&iu_parts=8095840%2C4.Wccftech_300x250_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=page%3Dnews%26url%3D%252Fmicrosoft-fbi-shut-andromeda-botnet%252F%26ref%3D%26zcp%3D906c0f39fbf8574163194%26cpid%3Def73f84aee50703c4ffb54eccfa44bd4%26mop%3Dy%26gdpr%3D0%26amznslots%3D%26zdid%3Def73f84aee50703c4ffb54eccfa44bd4%26zc%3D996da366-f4b2-4634-8e67-8e1cbca19e80%26p%3D1100034%252C1100037%252C900111%252C6929%252C900115%252C6816%252C6817%252C900002%252C6819%252C6947%252C6821%252C900003%252C6823%252C6825%252C1100077%252C6833%252C6834%252C900018%252C6837%252C6845%252C1100095%252C6848%252C6850%252C900164%252C900041%252C900169%252C900049%252C6886%252C900200%252C6889%252C6894%26zdbb%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1591804343&dt=1591847199021&dlt=1591847196808&idt=1390&frm=20&biw=1600&bih=1200&oid=3&adxs=1050&adys=559&adks=4038910844&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&dssz=56&icsg=3332938661888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x280&msz=300x-1&ga_vid=316466064.1591847198&ga_sid=1591847199&ga_hid=791069950&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
446985e3f4d16f368f010cd7461820dec631794a53fbcc49bb97605f2255720c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10264
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wccftech.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
40 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4259266700532626&correlator=2042022959376281&output=ldjh&impl=fif&adsid=NT&eid=21066386%2C21066256&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200611&iu_parts=8095840%2C4.wccftech.com_desktop_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=page%3Dnews%26url%3D%252Fmicrosoft-fbi-shut-andromeda-botnet%252F%26ref%3D%26zcp%3D906c0f39fbf8574163194%26cpid%3Def73f84aee50703c4ffb54eccfa44bd4%26mop%3Dy%26gdpr%3D0%26amznslots%3D%26zdid%3Def73f84aee50703c4ffb54eccfa44bd4%26zc%3D996da366-f4b2-4634-8e67-8e1cbca19e80%26p%3D1100034%252C1100037%252C900111%252C6929%252C900115%252C6816%252C6817%252C900002%252C6819%252C6947%252C6821%252C900003%252C6823%252C6825%252C1100077%252C6833%252C6834%252C900018%252C6837%252C6845%252C1100095%252C6848%252C6850%252C900164%252C900041%252C900169%252C900049%252C6886%252C900200%252C6889%252C6894%26zdbb%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1591804343&dt=1591847199027&dlt=1591847196808&idt=1390&frm=20&biw=1600&bih=1200&oid=3&adxs=1050&adys=1657&adks=3837017743&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&dssz=56&icsg=3332938661888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x630&msz=300x-1&ga_vid=316466064.1591847198&ga_sid=1591847199&ga_hid=791069950&fws=4&ohw=1600&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
9c482872445c864da94bad5ace510b7ac3670c31e49830736c920bd4a676033f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10288
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wccftech.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
4 KB
3 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4259266700532626&correlator=2042022959376281&output=ldjh&impl=fif&adsid=NT&eid=21066386%2C21066256&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200611&iu_parts=8095840%2C.2_12459.46_wccftech.com_tier1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&eri=1&cust_params=page%3Dnews%26url%3D%252Fmicrosoft-fbi-shut-andromeda-botnet%252F%26ref%3D%26zcp%3D906c0f39fbf8574163194%26cpid%3Def73f84aee50703c4ffb54eccfa44bd4%26mop%3Dy%26gdpr%3D0%26amznslots%3D%26zdid%3Def73f84aee50703c4ffb54eccfa44bd4%26zc%3D996da366-f4b2-4634-8e67-8e1cbca19e80%26p%3D1100034%252C1100037%252C900111%252C6929%252C900115%252C6816%252C6817%252C900002%252C6819%252C6947%252C6821%252C900003%252C6823%252C6825%252C1100077%252C6833%252C6834%252C900018%252C6837%252C6845%252C1100095%252C6848%252C6850%252C900164%252C900041%252C900169%252C900049%252C6886%252C900200%252C6889%252C6894%26zdbb%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1591804343&dt=1591847199033&dlt=1591847196808&idt=1390&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=5409&adks=3146350544&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&dssz=56&icsg=3332938661888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x5410&msz=1x-1&ga_vid=316466064.1591847198&ga_sid=1591847199&ga_hid=791069950&fws=4&ohw=1600&btvi=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
89fb76cd00f3c01233cac293656ae5debc20b6c7d284d69c85d4215eaa104bbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2443
x-xss-protection
0
google-lineitem-id
5078843279
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138271695387
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wccftech.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
4 KB
3 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4259266700532626&correlator=2042022959376281&output=ldjh&impl=fif&adsid=NT&eid=21066386%2C21066256&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200611&iu_parts=8095840%2C.2_A.36872.46_wccftech.com_tier1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&prev_scp=strnativekey%3DqoKbcfTTSm6jvzxj2XfPJwsR&eri=1&cust_params=page%3Dnews%26url%3D%252Fmicrosoft-fbi-shut-andromeda-botnet%252F%26ref%3D%26zcp%3D906c0f39fbf8574163194%26cpid%3Def73f84aee50703c4ffb54eccfa44bd4%26mop%3Dy%26gdpr%3D0%26amznslots%3D%26zdid%3Def73f84aee50703c4ffb54eccfa44bd4%26zc%3D996da366-f4b2-4634-8e67-8e1cbca19e80%26p%3D1100034%252C1100037%252C900111%252C6929%252C900115%252C6816%252C6817%252C900002%252C6819%252C6947%252C6821%252C900003%252C6823%252C6825%252C1100077%252C6833%252C6834%252C900018%252C6837%252C6845%252C1100095%252C6848%252C6850%252C900164%252C900041%252C900169%252C900049%252C6886%252C900200%252C6889%252C6894%26zdbb%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1591804343&dt=1591847199039&dlt=1591847196808&idt=1390&frm=20&biw=1600&bih=1200&oid=3&adxs=620&adys=3854&adks=2540407767&ucis=5&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&dssz=56&icsg=3332938661888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=740x1001&msz=740x1&ga_vid=316466064.1591847198&ga_sid=1591847199&ga_hid=791069950&fws=4&ohw=1600&btvi=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
6f05a83ebb4a781650281794595443eb05cc5cce25da5d6ce986241322949196
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2425
x-xss-protection
0
google-lineitem-id
5321801207
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138305568125
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wccftech.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
4 KB
3 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4259266700532626&correlator=2042022959376281&output=ldjh&impl=fif&adsid=NT&eid=21066386%2C21066256&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200611&iu_parts=8095840%2C.2_A.37018.46_wccftech.com_tier1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&eri=1&cust_params=page%3Dnews%26url%3D%252Fmicrosoft-fbi-shut-andromeda-botnet%252F%26ref%3D%26zcp%3D906c0f39fbf8574163194%26cpid%3Def73f84aee50703c4ffb54eccfa44bd4%26mop%3Dy%26gdpr%3D0%26amznslots%3D%26zdid%3Def73f84aee50703c4ffb54eccfa44bd4%26zc%3D996da366-f4b2-4634-8e67-8e1cbca19e80%26p%3D1100034%252C1100037%252C900111%252C6929%252C900115%252C6816%252C6817%252C900002%252C6819%252C6947%252C6821%252C900003%252C6823%252C6825%252C1100077%252C6833%252C6834%252C900018%252C6837%252C6845%252C1100095%252C6848%252C6850%252C900164%252C900041%252C900169%252C900049%252C6886%252C900200%252C6889%252C6894%26zdbb%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1591804343&dt=1591847199043&dlt=1591847196808&idt=1390&frm=20&biw=1600&bih=1200&oid=3&adxs=620&adys=3324&adks=2154192928&ucis=6&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&dssz=56&icsg=3332938661888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=740x1&msz=740x1&ga_vid=316466064.1591847198&ga_sid=1591847199&ga_hid=791069950&fws=4&ohw=740&btvi=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
1ab333ecb3ef59c03bd8f3b91ba354a2a754b4c81fe5a6cefbe6b153074b7b02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2418
x-xss-protection
0
google-lineitem-id
5346569245
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138308560761
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wccftech.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
3 KB
2 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4259266700532626&correlator=2042022959376281&output=ldjh&impl=fif&adsid=NT&eid=21066386%2C21066256&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200611&iu_parts=4585%2Cns.wccftech%2Cgeneral&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&prev_scp=ad_group%3Dad_opt%26OOP_type%3Dfooter%26rfr%3Dfalse%26OOF%3Dfalse&eri=1&cust_params=page%3Dnews%26url%3D%252Fmicrosoft-fbi-shut-andromeda-botnet%252F%26ref%3D%26zcp%3D906c0f39fbf8574163194%26cpid%3Def73f84aee50703c4ffb54eccfa44bd4%26mop%3Dy%26gdpr%3D0%26amznslots%3D%26zdid%3Def73f84aee50703c4ffb54eccfa44bd4%26zc%3D996da366-f4b2-4634-8e67-8e1cbca19e80%26p%3D1100034%252C1100037%252C900111%252C6929%252C900115%252C6816%252C6817%252C900002%252C6819%252C6947%252C6821%252C900003%252C6823%252C6825%252C1100077%252C6833%252C6834%252C900018%252C6837%252C6845%252C1100095%252C6848%252C6850%252C900164%252C900041%252C900169%252C900049%252C6886%252C900200%252C6889%252C6894%26zdbb%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1591804343&dt=1591847199048&dlt=1591847196808&idt=1390&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1199&adks=2672312160&ucis=7&ifi=7&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&dssz=56&icsg=3332938661888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x5412&msz=1x1&ga_vid=316466064.1591847198&ga_sid=1591847199&ga_hid=791069950&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
6419e473a8408242b49201c8bfbf2b31116ead7ddd8fe369a2f226a8899d0653
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1848
x-xss-protection
0
google-lineitem-id
4910077359
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138256970483
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wccftech.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
3 KB
2 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4259266700532626&correlator=2042022959376281&output=ldjh&impl=fif&adsid=NT&eid=21066386%2C21066256&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200611&iu_parts=4585%2Cns.wccftech%2Cgeneral&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&prev_scp=ad_group%3Dad_opt%26OOP_type%3Dstitials%26rfr%3Dfalse%26OOF%3Dfalse&eri=1&cust_params=page%3Dnews%26url%3D%252Fmicrosoft-fbi-shut-andromeda-botnet%252F%26ref%3D%26zcp%3D906c0f39fbf8574163194%26cpid%3Def73f84aee50703c4ffb54eccfa44bd4%26mop%3Dy%26gdpr%3D0%26amznslots%3D%26zdid%3Def73f84aee50703c4ffb54eccfa44bd4%26zc%3D996da366-f4b2-4634-8e67-8e1cbca19e80%26p%3D1100034%252C1100037%252C900111%252C6929%252C900115%252C6816%252C6817%252C900002%252C6819%252C6947%252C6821%252C900003%252C6823%252C6825%252C1100077%252C6833%252C6834%252C900018%252C6837%252C6845%252C1100095%252C6848%252C6850%252C900164%252C900041%252C900169%252C900049%252C6886%252C900200%252C6889%252C6894%26zdbb%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1591804343&dt=1591847199054&dlt=1591847196808&idt=1390&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1199&adks=2077452910&ucis=8&ifi=8&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&dssz=56&icsg=3332938661888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x5412&msz=1x1&ga_vid=316466064.1591847198&ga_sid=1591847199&ga_hid=791069950&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
b9fd4aebf92b3fcaccabb2b38e14c4c9a0eeab59b00625ca684fd2bffae38f2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1865
x-xss-protection
0
google-lineitem-id
4910077359
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138256924674
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wccftech.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
3 KB
2 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4259266700532626&correlator=2042022959376281&output=ldjh&impl=fif&adsid=NT&eid=21066386%2C21066256&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200611&iu_parts=4585%2Cns.wccftech%2Cgeneral&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&prev_scp=ad_group%3Dad_opt%26OOP_type%3Dinpage%26rfr%3Dfalse%26OOF%3Dfalse&eri=1&cust_params=page%3Dnews%26url%3D%252Fmicrosoft-fbi-shut-andromeda-botnet%252F%26ref%3D%26zcp%3D906c0f39fbf8574163194%26cpid%3Def73f84aee50703c4ffb54eccfa44bd4%26mop%3Dy%26gdpr%3D0%26amznslots%3D%26zdid%3Def73f84aee50703c4ffb54eccfa44bd4%26zc%3D996da366-f4b2-4634-8e67-8e1cbca19e80%26p%3D1100034%252C1100037%252C900111%252C6929%252C900115%252C6816%252C6817%252C900002%252C6819%252C6947%252C6821%252C900003%252C6823%252C6825%252C1100077%252C6833%252C6834%252C900018%252C6837%252C6845%252C1100095%252C6848%252C6850%252C900164%252C900041%252C900169%252C900049%252C6886%252C900200%252C6889%252C6894%26zdbb%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1591804343&dt=1591847199058&dlt=1591847196808&idt=1390&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1199&adks=114837067&ucis=9&ifi=9&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&dssz=56&icsg=3332938661888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x5412&msz=1x1&ga_vid=316466064.1591847198&ga_sid=1591847199&ga_hid=791069950&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
c33c5a16b17878851070e6fcf711b776dcfa0ec67efc145f79aec0cecedbccbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1841
x-xss-protection
0
google-lineitem-id
4910077359
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138256924653
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wccftech.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
3 KB
2 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4259266700532626&correlator=2042022959376281&output=ldjh&impl=fif&adsid=NT&eid=21066386%2C21066256&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200611&iu_parts=4585%2Cns.wccftech%2Cgeneral&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&prev_scp=ad_group%3Dad_opt%26OOP_type%3Dskin%26rfr%3Dfalse%26OOF%3Dfalse&eri=1&cust_params=page%3Dnews%26url%3D%252Fmicrosoft-fbi-shut-andromeda-botnet%252F%26ref%3D%26zcp%3D906c0f39fbf8574163194%26cpid%3Def73f84aee50703c4ffb54eccfa44bd4%26mop%3Dy%26gdpr%3D0%26amznslots%3D%26zdid%3Def73f84aee50703c4ffb54eccfa44bd4%26zc%3D996da366-f4b2-4634-8e67-8e1cbca19e80%26p%3D1100034%252C1100037%252C900111%252C6929%252C900115%252C6816%252C6817%252C900002%252C6819%252C6947%252C6821%252C900003%252C6823%252C6825%252C1100077%252C6833%252C6834%252C900018%252C6837%252C6845%252C1100095%252C6848%252C6850%252C900164%252C900041%252C900169%252C900049%252C6886%252C900200%252C6889%252C6894%26zdbb%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1591804343&dt=1591847199063&dlt=1591847196808&idt=1390&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1199&adks=2000914357&ucis=a&ifi=10&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&dssz=56&icsg=3332938661888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x5412&msz=1x1&ga_vid=316466064.1591847198&ga_sid=1591847199&ga_hid=791069950&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
44c110b9bb44640e7485739286c8208a4204479b5a62f697eb3cd5ffc44a4fec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1836
x-xss-protection
0
google-lineitem-id
4910077359
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138256970540
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wccftech.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
3 KB
2 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4259266700532626&correlator=2042022959376281&output=ldjh&impl=fif&adsid=NT&eid=21066386%2C21066256&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200611&iu_parts=4585%2Cns.wccftech%2Cgeneral&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&prev_scp=ad_group%3Dad_opt%26OOP_type%3Dinline%26rfr%3Dfalse%26OOF%3Dfalse&eri=1&cust_params=page%3Dnews%26url%3D%252Fmicrosoft-fbi-shut-andromeda-botnet%252F%26ref%3D%26zcp%3D906c0f39fbf8574163194%26cpid%3Def73f84aee50703c4ffb54eccfa44bd4%26mop%3Dy%26gdpr%3D0%26amznslots%3D%26zdid%3Def73f84aee50703c4ffb54eccfa44bd4%26zc%3D996da366-f4b2-4634-8e67-8e1cbca19e80%26p%3D1100034%252C1100037%252C900111%252C6929%252C900115%252C6816%252C6817%252C900002%252C6819%252C6947%252C6821%252C900003%252C6823%252C6825%252C1100077%252C6833%252C6834%252C900018%252C6837%252C6845%252C1100095%252C6848%252C6850%252C900164%252C900041%252C900169%252C900049%252C6886%252C900200%252C6889%252C6894%26zdbb%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1591804343&dt=1591847199066&dlt=1591847196808&idt=1390&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1199&adks=3611749625&ucis=b&ifi=11&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&dssz=56&icsg=3332938661888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x5412&msz=1x1&ga_vid=316466064.1591847198&ga_sid=1591847199&ga_hid=791069950&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
87e71034f0094f610d3cab193acd142a20bee189e45aae9b31a286fedd561a34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1840
x-xss-protection
0
google-lineitem-id
4910077359
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138256924659
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wccftech.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
3 KB
2 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4259266700532626&correlator=2042022959376281&output=ldjh&impl=fif&adsid=NT&eid=21066386%2C21066256&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200611&iu_parts=4585%2Cns.wccftech%2Cgeneral&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&prev_scp=ad_group%3Dad_opt%26OOP_type%3Dmasthead%26rfr%3Dfalse%26OOF%3Dfalse&eri=1&cust_params=page%3Dnews%26url%3D%252Fmicrosoft-fbi-shut-andromeda-botnet%252F%26ref%3D%26zcp%3D906c0f39fbf8574163194%26cpid%3Def73f84aee50703c4ffb54eccfa44bd4%26mop%3Dy%26gdpr%3D0%26amznslots%3D%26zdid%3Def73f84aee50703c4ffb54eccfa44bd4%26zc%3D996da366-f4b2-4634-8e67-8e1cbca19e80%26p%3D1100034%252C1100037%252C900111%252C6929%252C900115%252C6816%252C6817%252C900002%252C6819%252C6947%252C6821%252C900003%252C6823%252C6825%252C1100077%252C6833%252C6834%252C900018%252C6837%252C6845%252C1100095%252C6848%252C6850%252C900164%252C900041%252C900169%252C900049%252C6886%252C900200%252C6889%252C6894%26zdbb%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1591804343&dt=1591847199071&dlt=1591847196808&idt=1390&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1199&adks=4044377627&ucis=c&ifi=12&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&dssz=56&icsg=3332938661888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x5412&msz=1x1&ga_vid=316466064.1591847198&ga_sid=1591847199&ga_hid=791069950&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
41058e6d31b6d9cc77ab0ecfdf28397f96e4b13cefdce8131004e3db6899263c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1958
x-xss-protection
0
google-lineitem-id
4910077359
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138257174434
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wccftech.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
3 KB
2 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4259266700532626&correlator=2042022959376281&output=ldjh&impl=fif&adsid=NT&eid=21066386%2C21066256&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200611&iu_parts=4585%2Cns.wccftech%2Cgeneral&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&prev_scp=ad_group%3Dad_opt%26OOP_type%3Dnative%26rfr%3Dfalse%26OOF%3Dfalse&eri=1&cust_params=page%3Dnews%26url%3D%252Fmicrosoft-fbi-shut-andromeda-botnet%252F%26ref%3D%26zcp%3D906c0f39fbf8574163194%26cpid%3Def73f84aee50703c4ffb54eccfa44bd4%26mop%3Dy%26gdpr%3D0%26amznslots%3D%26zdid%3Def73f84aee50703c4ffb54eccfa44bd4%26zc%3D996da366-f4b2-4634-8e67-8e1cbca19e80%26p%3D1100034%252C1100037%252C900111%252C6929%252C900115%252C6816%252C6817%252C900002%252C6819%252C6947%252C6821%252C900003%252C6823%252C6825%252C1100077%252C6833%252C6834%252C900018%252C6837%252C6845%252C1100095%252C6848%252C6850%252C900164%252C900041%252C900169%252C900049%252C6886%252C900200%252C6889%252C6894%26zdbb%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1591804343&dt=1591847199075&dlt=1591847196808&idt=1390&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1199&adks=3510566951&ucis=d&ifi=13&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&dssz=56&icsg=3332938661888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x5412&msz=1x1&ga_vid=316466064.1591847198&ga_sid=1591847199&ga_hid=791069950&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
082928d3ddb26cb1bc249c81f721b764d624e1cc300fc62c1fcc8f9c3e167c5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1842
x-xss-protection
0
google-lineitem-id
4910077359
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138256924662
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wccftech.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
91
api.traq.li/tracker/lucid/visit/
65 B
302 B
XHR
General
Full URL
https://api.traq.li/tracker/lucid/visit/91?story_url=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&visitor=2k5ans3isi3r1m5f
Requested by
Host: cdn.wccftech.com
URL: https://cdn.wccftech.com/wp-content/themes/wccf2016/script.js?ver=1591242909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
005cc16db71f1102e421a2c8ae20881c3eaf52f152dc503951ec1b7dd31b193a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
content-encoding
br
vary
Accept-Encoding, X-HTTP-Method-Override
cf-cache-status
DYNAMIC
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-traqli-node
1
cf-request-id
034315ba26000005cc503d7200000001
server
cloudflare
etag
W/"41-xL45HHNmxJhfArqnoK4LhKgtbN8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wccftech.com
access-control-allow-credentials
true
cf-ray
5a1858a3787705cc-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Content-Type,Cookie,Origin,Traqli-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
collect
www.google-analytics.com/
35 B
96 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&a=791069950&t=pageview&_s=1&dl=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&ul=en-us&de=UTF-8&dt=Microsoft%2C%20FBI%20%26%20Others%20Partner%20to%20Take%20Down%20Massive%20Andromeda%20Botnet&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=ACCAgEABC~&jid=&gjid=&cid=316466064.1591847198&tid=UA-70100444-35&_gid=1120779103.1591847198&z=2051286984
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 May 2020 08:48:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1882699
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
3 KB
2 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4259266700532626&correlator=2042022959376281&output=ldjh&impl=fif&adsid=NT&eid=21066386%2C21066256&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200611&iu_parts=4585%2Cns.wccftech%2Cgeneral&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&rcs=1&ists=1&prev_scp=ad_group%3Dad_opt%26OOP_type%3Dfooter%26rfr%3Dfalse%26OOF%3Dfalse%26id%3D279a0223-ab96-11ea-a5ef-024bf4a6d028%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26pub%3D40&eri=1&cust_params=page%3Dnews%26url%3D%252Fmicrosoft-fbi-shut-andromeda-botnet%252F%26ref%3D%26zcp%3D906c0f39fbf8574163194%26cpid%3Def73f84aee50703c4ffb54eccfa44bd4%26mop%3Dy%26gdpr%3D0%26amznslots%3D%26zdid%3Def73f84aee50703c4ffb54eccfa44bd4%26zc%3D996da366-f4b2-4634-8e67-8e1cbca19e80%26p%3D1100034%252C1100037%252C900111%252C6929%252C900115%252C6816%252C6817%252C900002%252C6819%252C6947%252C6821%252C900003%252C6823%252C6825%252C1100077%252C6833%252C6834%252C900018%252C6837%252C6845%252C1100095%252C6848%252C6850%252C900164%252C900041%252C900169%252C900049%252C6886%252C900200%252C6889%252C6894%26zdbb%3D%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_2031_KW%252CIAS_62_KW%252CIAS_UNSCORED_PG&cookie_enabled=1&bc=31&abxe=1&lmt=1591804343&dt=1591847199138&dlt=1591847196808&idt=1390&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1199&adks=2672312160&ucis=e&ifi=14&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&dssz=57&icsg=3332938661888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x5412&msz=1x1&ga_vid=316466064.1591847198&ga_sid=1591847199&ga_hid=791069950&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
95ada40bfc5d4e78b4c5e00d152326be204b4f5e0b0c58661937e7d701a1b51f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1841
x-xss-protection
0
google-lineitem-id
4910077359
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138255991290
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wccftech.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
3 KB
2 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4259266700532626&correlator=2042022959376281&output=ldjh&impl=fif&adsid=NT&eid=21066386%2C21066256&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200611&iu_parts=4585%2Cns.wccftech%2Cgeneral&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&rcs=1&ists=1&prev_scp=ad_group%3Dad_opt%26OOP_type%3Dstitials%26rfr%3Dfalse%26OOF%3Dfalse%26id%3D279a0224-ab96-11ea-a5ef-024bf4a6d028%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26pub%3D40&eri=1&cust_params=page%3Dnews%26url%3D%252Fmicrosoft-fbi-shut-andromeda-botnet%252F%26ref%3D%26zcp%3D906c0f39fbf8574163194%26cpid%3Def73f84aee50703c4ffb54eccfa44bd4%26mop%3Dy%26gdpr%3D0%26amznslots%3D%26zdid%3Def73f84aee50703c4ffb54eccfa44bd4%26zc%3D996da366-f4b2-4634-8e67-8e1cbca19e80%26p%3D1100034%252C1100037%252C900111%252C6929%252C900115%252C6816%252C6817%252C900002%252C6819%252C6947%252C6821%252C900003%252C6823%252C6825%252C1100077%252C6833%252C6834%252C900018%252C6837%252C6845%252C1100095%252C6848%252C6850%252C900164%252C900041%252C900169%252C900049%252C6886%252C900200%252C6889%252C6894%26zdbb%3D%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_2031_KW%252CIAS_62_KW%252CIAS_UNSCORED_PG&cookie_enabled=1&bc=31&abxe=1&lmt=1591804343&dt=1591847199160&dlt=1591847196808&idt=1390&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1199&adks=2077452910&ucis=f&ifi=15&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&dssz=57&icsg=3332938661888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x5412&msz=1x1&ga_vid=316466064.1591847198&ga_sid=1591847199&ga_hid=791069950&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
12b867c531f214d1e45961185edfdfc3553d3207e1c48bb79ccf79910d1567dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1721
x-xss-protection
0
google-lineitem-id
4910077359
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138256970537
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wccftech.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
3 KB
2 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4259266700532626&correlator=2042022959376281&output=ldjh&impl=fif&adsid=NT&eid=21066386%2C21066256&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200611&iu_parts=4585%2Cns.wccftech%2Cgeneral&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&rcs=1&ists=1&prev_scp=ad_group%3Dad_opt%26OOP_type%3Dinpage%26rfr%3Dfalse%26OOF%3Dfalse%26id%3D279a0225-ab96-11ea-a5ef-024bf4a6d028%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26pub%3D40&eri=1&cust_params=page%3Dnews%26url%3D%252Fmicrosoft-fbi-shut-andromeda-botnet%252F%26ref%3D%26zcp%3D906c0f39fbf8574163194%26cpid%3Def73f84aee50703c4ffb54eccfa44bd4%26mop%3Dy%26gdpr%3D0%26amznslots%3D%26zdid%3Def73f84aee50703c4ffb54eccfa44bd4%26zc%3D996da366-f4b2-4634-8e67-8e1cbca19e80%26p%3D1100034%252C1100037%252C900111%252C6929%252C900115%252C6816%252C6817%252C900002%252C6819%252C6947%252C6821%252C900003%252C6823%252C6825%252C1100077%252C6833%252C6834%252C900018%252C6837%252C6845%252C1100095%252C6848%252C6850%252C900164%252C900041%252C900169%252C900049%252C6886%252C900200%252C6889%252C6894%26zdbb%3D%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_2031_KW%252CIAS_62_KW%252CIAS_UNSCORED_PG&cookie_enabled=1&bc=31&abxe=1&lmt=1591804343&dt=1591847199164&dlt=1591847196808&idt=1390&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1199&adks=114837067&ucis=g&ifi=16&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&dssz=57&icsg=3332938661888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x5412&msz=1x1&ga_vid=316466064.1591847198&ga_sid=1591847199&ga_hid=791069950&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
3231bc2f052fb20c581286899b6993c53eecfe6baefa71807ed48a04b8d9b69b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1723
x-xss-protection
0
google-lineitem-id
4910077359
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138256970531
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wccftech.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
3 KB
2 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4259266700532626&correlator=2042022959376281&output=ldjh&impl=fif&adsid=NT&eid=21066386%2C21066256&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200611&iu_parts=4585%2Cns.wccftech%2Cgeneral&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&rcs=1&ists=1&prev_scp=ad_group%3Dad_opt%26OOP_type%3Dskin%26rfr%3Dfalse%26OOF%3Dfalse%26id%3D279a0226-ab96-11ea-a5ef-024bf4a6d028%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26pub%3D40&eri=1&cust_params=page%3Dnews%26url%3D%252Fmicrosoft-fbi-shut-andromeda-botnet%252F%26ref%3D%26zcp%3D906c0f39fbf8574163194%26cpid%3Def73f84aee50703c4ffb54eccfa44bd4%26mop%3Dy%26gdpr%3D0%26amznslots%3D%26zdid%3Def73f84aee50703c4ffb54eccfa44bd4%26zc%3D996da366-f4b2-4634-8e67-8e1cbca19e80%26p%3D1100034%252C1100037%252C900111%252C6929%252C900115%252C6816%252C6817%252C900002%252C6819%252C6947%252C6821%252C900003%252C6823%252C6825%252C1100077%252C6833%252C6834%252C900018%252C6837%252C6845%252C1100095%252C6848%252C6850%252C900164%252C900041%252C900169%252C900049%252C6886%252C900200%252C6889%252C6894%26zdbb%3D%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_2031_KW%252CIAS_62_KW%252CIAS_UNSCORED_PG&cookie_enabled=1&bc=31&abxe=1&lmt=1591804343&dt=1591847199168&dlt=1591847196808&idt=1390&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1199&adks=2000914357&ucis=h&ifi=17&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&dssz=57&icsg=3332938661888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x5412&msz=1x1&ga_vid=316466064.1591847198&ga_sid=1591847199&ga_hid=791069950&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
fb6f3becd5ccb301b3912eb991c7e25dfd38d1c56c4590edcecce8309db0c85a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1716
x-xss-protection
0
google-lineitem-id
4910077359
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138256924689
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wccftech.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
3 KB
2 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4259266700532626&correlator=2042022959376281&output=ldjh&impl=fif&adsid=NT&eid=21066386%2C21066256&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200611&iu_parts=4585%2Cns.wccftech%2Cgeneral&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&rcs=1&ists=1&prev_scp=ad_group%3Dad_opt%26OOP_type%3Dinline%26rfr%3Dfalse%26OOF%3Dfalse%26id%3D279a0227-ab96-11ea-a5ef-024bf4a6d028%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26pub%3D40&eri=1&cust_params=page%3Dnews%26url%3D%252Fmicrosoft-fbi-shut-andromeda-botnet%252F%26ref%3D%26zcp%3D906c0f39fbf8574163194%26cpid%3Def73f84aee50703c4ffb54eccfa44bd4%26mop%3Dy%26gdpr%3D0%26amznslots%3D%26zdid%3Def73f84aee50703c4ffb54eccfa44bd4%26zc%3D996da366-f4b2-4634-8e67-8e1cbca19e80%26p%3D1100034%252C1100037%252C900111%252C6929%252C900115%252C6816%252C6817%252C900002%252C6819%252C6947%252C6821%252C900003%252C6823%252C6825%252C1100077%252C6833%252C6834%252C900018%252C6837%252C6845%252C1100095%252C6848%252C6850%252C900164%252C900041%252C900169%252C900049%252C6886%252C900200%252C6889%252C6894%26zdbb%3D%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_2031_KW%252CIAS_62_KW%252CIAS_UNSCORED_PG&cookie_enabled=1&bc=31&abxe=1&lmt=1591804343&dt=1591847199172&dlt=1591847196808&idt=1390&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1199&adks=3611749625&ucis=i&ifi=18&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&dssz=57&icsg=3332938661888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x5412&msz=1x1&ga_vid=316466064.1591847198&ga_sid=1591847199&ga_hid=791069950&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
76e7081c080da7975a6e9e3b189b015889eeef8f164b8b6fe3b39edc24704215
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1724
x-xss-protection
0
google-lineitem-id
4910077359
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138256970492
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wccftech.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
3 KB
2 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4259266700532626&correlator=2042022959376281&output=ldjh&impl=fif&adsid=NT&eid=21066386%2C21066256&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200611&iu_parts=4585%2Cns.wccftech%2Cgeneral&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&rcs=1&ists=1&prev_scp=ad_group%3Dad_opt%26OOP_type%3Dmasthead%26rfr%3Dfalse%26OOF%3Dfalse%26id%3D279a0228-ab96-11ea-a5ef-024bf4a6d028%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26pub%3D40&eri=1&cust_params=page%3Dnews%26url%3D%252Fmicrosoft-fbi-shut-andromeda-botnet%252F%26ref%3D%26zcp%3D906c0f39fbf8574163194%26cpid%3Def73f84aee50703c4ffb54eccfa44bd4%26mop%3Dy%26gdpr%3D0%26amznslots%3D%26zdid%3Def73f84aee50703c4ffb54eccfa44bd4%26zc%3D996da366-f4b2-4634-8e67-8e1cbca19e80%26p%3D1100034%252C1100037%252C900111%252C6929%252C900115%252C6816%252C6817%252C900002%252C6819%252C6947%252C6821%252C900003%252C6823%252C6825%252C1100077%252C6833%252C6834%252C900018%252C6837%252C6845%252C1100095%252C6848%252C6850%252C900164%252C900041%252C900169%252C900049%252C6886%252C900200%252C6889%252C6894%26zdbb%3D%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_2031_KW%252CIAS_62_KW%252CIAS_UNSCORED_PG&cookie_enabled=1&bc=31&abxe=1&lmt=1591804343&dt=1591847199176&dlt=1591847196808&idt=1390&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1199&adks=4044377627&ucis=j&ifi=19&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&dssz=57&icsg=3332938661888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x5412&msz=1x1&ga_vid=316466064.1591847198&ga_sid=1591847199&ga_hid=791069950&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
d7a633af3df203cdc8665871f1e5f5457c3d8611cb4810836ea294bf281bf421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1725
x-xss-protection
0
google-lineitem-id
4910077359
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138256970447
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wccftech.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
3 KB
2 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4259266700532626&correlator=2042022959376281&output=ldjh&impl=fif&adsid=NT&eid=21066386%2C21066256&vrg=2020060103&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200611&iu_parts=4585%2Cns.wccftech%2Cgeneral&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&rcs=1&ists=1&prev_scp=ad_group%3Dad_opt%26OOP_type%3Dnative%26rfr%3Dfalse%26OOF%3Dfalse%26id%3D279a0229-ab96-11ea-a5ef-024bf4a6d028%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26pub%3D40&eri=1&cust_params=page%3Dnews%26url%3D%252Fmicrosoft-fbi-shut-andromeda-botnet%252F%26ref%3D%26zcp%3D906c0f39fbf8574163194%26cpid%3Def73f84aee50703c4ffb54eccfa44bd4%26mop%3Dy%26gdpr%3D0%26amznslots%3D%26zdid%3Def73f84aee50703c4ffb54eccfa44bd4%26zc%3D996da366-f4b2-4634-8e67-8e1cbca19e80%26p%3D1100034%252C1100037%252C900111%252C6929%252C900115%252C6816%252C6817%252C900002%252C6819%252C6947%252C6821%252C900003%252C6823%252C6825%252C1100077%252C6833%252C6834%252C900018%252C6837%252C6845%252C1100095%252C6848%252C6850%252C900164%252C900041%252C900169%252C900049%252C6886%252C900200%252C6889%252C6894%26zdbb%3D%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_2031_KW%252CIAS_62_KW%252CIAS_UNSCORED_PG&cookie_enabled=1&bc=31&abxe=1&lmt=1591804343&dt=1591847199180&dlt=1591847196808&idt=1390&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=1199&adks=3510566951&ucis=k&ifi=20&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&dssz=57&icsg=3332938661888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x5412&msz=1x1&ga_vid=316466064.1591847198&ga_sid=1591847199&ga_hid=791069950&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
481f0036417fb01173d98ad6708a17387f92ddfb1ed2e424d6e90c0fa168a4ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1715
x-xss-protection
0
google-lineitem-id
4910077359
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138256924677
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wccftech.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
wccftech-logo-170x30.png
cdn.wccftech.com/
8 KB
8 KB
Image
General
Full URL
https://cdn.wccftech.com/wccftech-logo-170x30.png
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.98.130 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
31046614b98ff4b0870e87c117221261220d37a504ce4bf1e4c2487ad1d35bde

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
content-encoding
gzip
last-modified
Thu, 04 Jun 2020 03:55:09 GMT
server
nginx
etag
W/"5ed8709d-1efd"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age = 315360000
x-cache-groups
assets
x-request-id
7a838a59fcd0791527d9425b8d719c87
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b640b9af1e6fa5c035c168701d2c1f5a02f371352cca208fefded3ddea443b6a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.js
cdn.ampproject.org/rtv/012005262159000/ Frame 3854
202 KB
56 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b009637beabb9f494ef15cf6c4303652428789993effe3911dbac52d55d516b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
22421
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56265
x-xss-protection
0
server
sffe
date
Wed, 10 Jun 2020 21:32:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9b3afaa85c48c2d0"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Jun 2021 21:32:58 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 3854
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012005262159000/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f66894df73715866eab1ce1ef61b102039652edb12e089afd58457a2029fd21a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
46079
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5893
x-xss-protection
0
server
sffe
date
Wed, 10 Jun 2020 14:58:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7c581cea2ef0aefe"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Jun 2021 14:58:40 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 3854
97 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012005262159000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f48155f11a2ab68fe1544f625c5692d20863eedb6ae86b09d68503c7181e213b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
22418
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29929
x-xss-protection
0
server
sffe
date
Wed, 10 Jun 2020 21:33:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22e1efecde29c9e4"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Jun 2021 21:33:01 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 3854
4 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012005262159000/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b1adb81e6eef0e62316c8d65a241d0becfd09c40216553791c5448af29b88d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
46088
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1719
x-xss-protection
0
server
sffe
date
Wed, 10 Jun 2020 14:58:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bc4637e8702685f3"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Jun 2021 14:58:31 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 3854
48 KB
15 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012005262159000/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c4dc2f72703e588d57aa82fd323420635b14ca3f887aac4b27e65bef411343e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
46092
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14997
x-xss-protection
0
server
sffe
date
Wed, 10 Jun 2020 14:58:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"de17760b9f621603"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Jun 2021 14:58:27 GMT
css
fonts.googleapis.com/ Frame 3854
5 KB
738 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 11 Jun 2020 02:34:00 GMT
server
ESF
date
Thu, 11 Jun 2020 03:46:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Jun 2020 03:46:39 GMT
truncated
/ Frame 3854
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40802b18012d21efc49785fb8b8defab5bf92650667f3d3cc894d8cd4abfac6c

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012005262159000/
20 KB
7 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012005262159000/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b72dd7e2a01859f433e7aee18008c9b522f0b2e0396d5656edd9fb29a305cdb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
22174
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7224
x-xss-protection
0
server
sffe
date
Wed, 10 Jun 2020 21:37:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f6cfa2ba62463627"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Jun 2021 21:37:05 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3854
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Jun 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
59861
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 11 Jun 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3854
295 B
398 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Jun 2020 07:18:34 GMT
x-content-type-options
nosniff
server
cafe
age
73685
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 11 Jun 2020 07:18:34 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 3854
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CFvZHH6nhXq6PA9Pf3wPQ-Ixow77y1FfMhMuI0Qm_6KK9wAEQASCIgL8UYJG0j4X4F6ABquXmvwPIAQGpAv_c2wbsELM-4AIAqAMByAMKqgTkAU_Q71QfcL9dB8i496WMHV29vX9wMOxj61eu_D8jfDYtJF4aPxS-IjXCSniAR1DBWTc2lOTlYbq2k4tgkzBcWtZdCCBgl9YjKLnGs7o_IfRmbjl58R6cr1s-PF9Q4DIEQCRLYkI5g2Mx2dOlRck-PS2kx4F7MxpvaIKyqmXrBr89hNCDmS4q-YAX3hRfuHmUBEE9J87FjEUtCGlevCgT3OnHKtcss2uy4FsgS5sExQir-hPZTjKmqkFJ_bw8fPG7Q6PD9jGQf89TgcsDVmwSLdOPox8daf5PlOoDFtvwZqLbS9OGIsAEpqqWsawC4AQBkgUECAQYAZIFBAgFGASAB76amUCoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQ0Mcx0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi05ODYwMjQ3MTM4MDk0MTc3gAoDyAsB2BMCiBQC&sigh=9jSwhi0WBXE&tpd=AGWhJmvV4sQ5wM9O9UXDCI_ZkPpgp12IjnTbo9KR0drtqbcWtA
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

amp4ads-v0.js
cdn.ampproject.org/rtv/012005262159000/ Frame DCDD
202 KB
55 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b009637beabb9f494ef15cf6c4303652428789993effe3911dbac52d55d516b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
22421
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56265
x-xss-protection
0
server
sffe
date
Wed, 10 Jun 2020 21:32:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9b3afaa85c48c2d0"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Jun 2021 21:32:58 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012005262159000/v0/ Frame DCDD
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012005262159000/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f66894df73715866eab1ce1ef61b102039652edb12e089afd58457a2029fd21a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
46079
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5893
x-xss-protection
0
server
sffe
date
Wed, 10 Jun 2020 14:58:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7c581cea2ef0aefe"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Jun 2021 14:58:40 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012005262159000/v0/ Frame DCDD
97 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012005262159000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f48155f11a2ab68fe1544f625c5692d20863eedb6ae86b09d68503c7181e213b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
22418
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29929
x-xss-protection
0
server
sffe
date
Wed, 10 Jun 2020 21:33:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22e1efecde29c9e4"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Jun 2021 21:33:01 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012005262159000/v0/ Frame DCDD
4 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012005262159000/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b1adb81e6eef0e62316c8d65a241d0becfd09c40216553791c5448af29b88d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
46088
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1719
x-xss-protection
0
server
sffe
date
Wed, 10 Jun 2020 14:58:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bc4637e8702685f3"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Jun 2021 14:58:31 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/012005262159000/v0/ Frame DCDD
48 KB
15 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012005262159000/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c4dc2f72703e588d57aa82fd323420635b14ca3f887aac4b27e65bef411343e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
46092
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14997
x-xss-protection
0
server
sffe
date
Wed, 10 Jun 2020 14:58:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"de17760b9f621603"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Jun 2021 14:58:27 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DCDD
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Jun 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
59861
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 11 Jun 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DCDD
295 B
352 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Jun 2020 07:18:34 GMT
x-content-type-options
nosniff
server
cafe
age
73685
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 11 Jun 2020 07:18:34 GMT
truncated
/ Frame DCDD
208 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d35acc22772454bdd4b0b2e6bf9a1e163fe7c68bad3d2ec8eabd25c319293efc

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
3473937056527559795
tpc.googlesyndication.com/simgad/ Frame DCDD
11 KB
11 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3473937056527559795?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlq0QuE81uT4dHTTx112zZNRg0-2w
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a86c119bda8f4d1d296671a10599893ae222c757a48c547242710ba4c903483
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 17:56:42 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Aug 2019 06:22:14 GMT
server
sffe
age
35397
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11223
x-xss-protection
0
expires
Thu, 10 Jun 2021 17:56:42 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame DCDD
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ChIeeH6nhXs-eEtHi3wPYqZbQA_Ki8f5cs4Sr5_8J9sOt040OEAEgiIC_FGCRtI-F-BegAcCU7_wDyAEC4AIAqAMByAMIqgTrAU_Q-4RduuM_TI1M4lYORBjvpW0FaSs2Dsj5_7Pe2pfw-ZLYs40T1etzykafUPaIEQXK99QDKFhn1_eut6r2KWvjcKgza4h_dtFg8EUIrzJSZEs9HqHVcq8Viws_xAAlDinG_f0Nhjg9emHKEuKHgq2_FDqXPlUWWBvsD1m5VNJeD_K9f7VlYEcFk0-kAGymftX-KBDzLd_8geA2IC1cT7RfPHPawBhh8CVAckY3b5J0T9V2RKe6Ei0zUnBt1s6otBZCgYkLo9VOH45sDEeBCgChDYly0LVA1HgfQFzZGNJSBPvPU-rYOAkHarXABKud_sT4AeAEAZIFBAgEGAGSBQQIBRgEoAYCgAeo65ADqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEOP9DtIICQiA4YBwEAEYHfIIG2FkeC1zdWJzeW4tOTg2MDI0NzEzODA5NDE3N4AKA8gLAdgTDA&sigh=FmO7aaC2hbc&tpd=AGWhJms86k7Z8YDQ4cZO-OlllNApqc42G6kfrn7dI_X-otH57g
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

truncated
/ Frame AA37
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4c1ad179af2d81c199d829d3954de9158810ba92eb7097f57ffdf3d35ba4339

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d233c1838084b7e804e0e7a887190eeeb356132b1f625c7fa96ed3efd61e8b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591788966119694"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27882
x-xss-protection
0
expires
Thu, 11 Jun 2020 03:46:39 GMT
1153452811013376518
tpc.googlesyndication.com/simgad/ Frame AA37
0
0

view%3Fxai%3DAKAOjssHurOLf4StNj_qtTRcjeQ_Iu6CCDtOWx0MUmlgrJZ3vBCYyWImhfqkEIOPpNkxK1B-2GvGtKYWwdTZM8-C4cp70uxhabe7TrCzt9Uk3CRy1yHO5WSSypFHIWkUfQybVkDLotuk7TMutXZ42q6iZfaHD_WPqN80glCe4asCuwNQBRpF8Pns...
securepubads.g.doubleclick.net/pcs/ Frame AA37
0
0

1153452811013376518
tpc.googlesyndication.com/simgad/ Frame E3D6
0
0

truncated
/ Frame E3D6
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f74b30a08aa447804cbab90fd60da5879e441e9b44b22da9aee9187b948e86f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view%3Fxai%3DAKAOjssSyyQVazHyKqpxlOayvdXaRC1ZosCdtW9w-1M7MsVMHy9lWCHRFsbMiP_s2tWHSmTYL1l-udJVIavxOHtsBz3Gv68k7yz83b5ScRkmlQkEC3-g2YxEHGTa1j1b5fKkb8fUomy1pphj1LbjaqJqU9HtiQTG3u_dEXvGAf6_OUC7Fjh0M4Ap...
securepubads.g.doubleclick.net/pcs/ Frame E3D6
0
0

1153452811013376518
tpc.googlesyndication.com/simgad/ Frame B232
0
0

truncated
/ Frame B232
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9a103620c94bb2e6fb385f31f94a1a68d4b8cb02c133a068d7dc4d3b749766

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view%3Fxai%3DAKAOjsvJyXlOvH9xz-N1Z1Qa0xXDTeePUGKvPwpN4k243eJhAInm-DxCeg40PPv2wPdL-TFftMkfzAXsq2xNOtiOB1qD0ePafWggKy3Fr8UA35e8tI8jg5yEVw7Jb9fax--iYGGXP0C7rjY70vTqZ0a33H2XGszjEnN91Q8TC6pBAPOn8Psgo25S...
securepubads.g.doubleclick.net/pcs/ Frame B232
0
0

1153452811013376518
tpc.googlesyndication.com/simgad/ Frame 1D22
826 B
884 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1153452811013376518?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 May 2020 15:46:58 GMT
x-content-type-options
nosniff
age
1684781
x-dns-prefetch-control
off
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
826
x-xss-protection
0
last-modified
Thu, 03 Jan 2019 21:31:22 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 May 2021 15:46:58 GMT
truncated
/ Frame 1D22
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0dd081b756f78b91ede49dee75a7bc75c17e4058b831a9388821046b08a40083

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view%3Fxai%3DAKAOjssjF7DQHLS5KFIjp_Fxa-8nyU3h2psL-T44Z6LFOKg4V1loRH74jtPLAmgv8XtcymXNjCR_no2DyrsOvUB81NAZIUGBD2Lz7R8LAC7uXJd68hHCabkt-yRN-JuV3K4U_UuW58H3_jMsdBgpmvi5WP8OaCIMg4WUhcCQ7IML4M1yaE-HxkO6...
securepubads.g.doubleclick.net/pcs/ Frame 1D22
0
0

1153452811013376518
tpc.googlesyndication.com/simgad/ Frame 411B
0
0

truncated
/ Frame 411B
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bca111d2b10d27e08e1852791a85aa63191b0c51da9ccd42dc227bd6dc07adf4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view%3Fxai%3DAKAOjsuJC-fVJsQeDKbchq-sSu6xh5mkjuJ8lD9Y1rS3ftHTYWHS5SpYVf5OnSIS9iyBhRct4IFaydqWLHfZhnYwNv0eOw9na8uaqj7Ynta9kr4A7vuMK_mBKqxKn7T4gaVd4vS7zjKZM8EeJd-rmigqY_ozwes0wuyEUGN3lcOXeVq07ZltCYaH...
securepubads.g.doubleclick.net/pcs/ Frame 411B
0
0

1153452811013376518
tpc.googlesyndication.com/simgad/ Frame 7EEB
0
0

truncated
/ Frame 7EEB
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e4caaefe6e636e4d3e6b9950f4589681a9b691fd4f54e96eb5cfc914d325aca

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view%3Fxai%3DAKAOjsuaiUKAlSqYpfQjUoobvNjI-lo-mwrmOk_goRQ8S7NYg8dYKoS7P81W7Kwnv2DwbIQIhMq3NilYP7AELve4PfbO_IwAFB9KBTKijm0RbyCFtEKJuF41dvcPfC4STDK5-Z94WWQ94agAwlmid4iTlPDoXRXsSbbxoVk_3HRVr_H20IShTCMY...
securepubads.g.doubleclick.net/pcs/ Frame 7EEB
0
0

1153452811013376518
tpc.googlesyndication.com/simgad/ Frame D57B
826 B
884 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1153452811013376518?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 May 2020 15:46:58 GMT
x-content-type-options
nosniff
age
1684781
x-dns-prefetch-control
off
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
826
x-xss-protection
0
last-modified
Thu, 03 Jan 2019 21:31:22 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 May 2021 15:46:58 GMT
truncated
/ Frame D57B
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0aea393395a2ddccf05360c9f912521494e9f6840464d2c312028765ebbccc04

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view%3Fxai%3DAKAOjst4rOcVcEIjHpSWRS2qsxohTH95ZN9kawTC5rM2x9El4K9JNI2_guO-dQTfwgEo0T9Vscom2Do8vjUKC4tBtTM6O2wqgyl5EO_B5Y668s4gNdjtI_11UazFH3mrcj2Ap6SEfETzxcHiw6QeiK63KYmvVZV7FoTRafKfB3hmS07mkjD0thcw...
securepubads.g.doubleclick.net/pcs/ Frame D57B
0
56 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjst4rOcVcEIjHpSWRS2qsxohTH95ZN9kawTC5rM2x9El4K9JNI2_guO-dQTfwgEo0T9Vscom2Do8vjUKC4tBtTM6O2wqgyl5EO_B5Y668s4gNdjtI_11UazFH3mrcj2Ap6SEfETzxcHiw6QeiK63KYmvVZV7FoTRafKfB3hmS07mkjD0thcwSaTjTVHACAOyN6_Vi0eW9UjoLeh2iv7OLIok_279xRAkydIPJO9XLvXH69mLqTy09xCohH2oynkqS6BTrXXjMQ%26sai%3DAMfl-YSPrZEJZAG71zF0PqLUN4P6-6ESQHtFVJqL8MTLLSYWjK6EiIajPPTUsLBS_YdUBl9JK4R3ih5Ejni14ENJ7iTYlN5JbZmoMLSRfgqTYg%26sig%3DCg0ArKJSzOXQ0eT_nxKWEAE%26urlfix%3D1%26adurl%3D
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 11 Jun 2020 03:46:39 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
1153452811013376518
tpc.googlesyndication.com/simgad/ Frame 699C
826 B
884 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1153452811013376518?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 May 2020 15:46:58 GMT
x-content-type-options
nosniff
age
1684781
x-dns-prefetch-control
off
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
826
x-xss-protection
0
last-modified
Thu, 03 Jan 2019 21:31:22 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 May 2021 15:46:58 GMT
truncated
/ Frame 699C
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5d9b19a76406ec4dabaa0cd78e52c7e7ae59fdf7bacb434c3640171c1024bb4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view%3Fxai%3DAKAOjsuqzmQd3-CULauKFdZnbgClNQZYUAo7DFND4WmuhwQP3M0ECrLc5lK811Azp3MBT0_IHX3_trgQxo3VCppgJE6MYJn_Xf_9YWLTyd1pykpuEJI5UtQBQmFmgw4HUZfLNsNEQjkuJuKcsf25r9-d88myC9qp8oUX5OvPMyYZNudPhCe1CBJa...
securepubads.g.doubleclick.net/pcs/ Frame 699C
0
47 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsuqzmQd3-CULauKFdZnbgClNQZYUAo7DFND4WmuhwQP3M0ECrLc5lK811Azp3MBT0_IHX3_trgQxo3VCppgJE6MYJn_Xf_9YWLTyd1pykpuEJI5UtQBQmFmgw4HUZfLNsNEQjkuJuKcsf25r9-d88myC9qp8oUX5OvPMyYZNudPhCe1CBJajhTiTH2vWa7RmVBgbaLuNqThl37DiWajcCyU6AmULLf26NgINBwmSwg-MjW_yJkLlTJ1wy2Wrfcnx03204hg3w%26sai%3DAMfl-YRXGz7zrL1R0O5WgAhtoTxfsWZ8PvMb_mJ_7XyNygBC3_A0mygkIU7ZDv_w1EEQNPrDhMFhT5CL_fg79bdQrk80OzCg7wR_p0w0YV4YWg%26sig%3DCg0ArKJSzCs7Ow07DhMSEAE%26urlfix%3D1%26adurl%3D
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 11 Jun 2020 03:46:39 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
1153452811013376518
tpc.googlesyndication.com/simgad/ Frame A116
826 B
884 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1153452811013376518?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 May 2020 15:46:58 GMT
x-content-type-options
nosniff
age
1684781
x-dns-prefetch-control
off
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
826
x-xss-protection
0
last-modified
Thu, 03 Jan 2019 21:31:22 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 May 2021 15:46:58 GMT
truncated
/ Frame A116
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345de54e9a54f40ecface810d1c0e557f1c97d3fa8d7ddae3de33bbee6797369

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/
0
216 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=4259266700532626&r=1x1&w=1&h=1&a=0
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 03:46:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view%3Fxai%3DAKAOjsupHnXda0zwDUBE7ZLEzuwRJwy1huyp7ZAKM4FnECSK2OiSi2XREMfry9bZ9iBGLKdtNpIViHTHdQbfvO1QYM_d4WRjTEgjuUo-0Rh6WRD2Duxig7xSsxWKf00ZwiSLHkhhi-D6zdh4RXZCm0zCZhtRBS3CxPyIBtrye6lTTU2ynSYM1PM8...
securepubads.g.doubleclick.net/pcs/ Frame A116
0
56 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsupHnXda0zwDUBE7ZLEzuwRJwy1huyp7ZAKM4FnECSK2OiSi2XREMfry9bZ9iBGLKdtNpIViHTHdQbfvO1QYM_d4WRjTEgjuUo-0Rh6WRD2Duxig7xSsxWKf00ZwiSLHkhhi-D6zdh4RXZCm0zCZhtRBS3CxPyIBtrye6lTTU2ynSYM1PM8exwXO9sX8COczKdjBoGrwagCqqDcFRoj193KKOmXYoA_v_Iv68dlb7XgaoB6O53ZvbY_It3JlXd_w1LDCvx_bQ%26sig%3DCg0ArKJSzPxmg8koAzp5EAE%26urlfix%3D1%26adurl%3D
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 11 Jun 2020 03:46:39 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 3854
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin
https://wccftech.com

Response headers

date
Sat, 16 May 2020 07:48:27 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
2231892
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Sun, 16 May 2021 07:48:27 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 3854
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin
https://wccftech.com

Response headers

date
Wed, 27 May 2020 04:01:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
1295125
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Thu, 27 May 2021 04:01:14 GMT
1153452811013376518
tpc.googlesyndication.com/simgad/ Frame 678D
826 B
884 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1153452811013376518?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 May 2020 15:46:58 GMT
x-content-type-options
nosniff
age
1684781
x-dns-prefetch-control
off
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
826
x-xss-protection
0
last-modified
Thu, 03 Jan 2019 21:31:22 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 May 2021 15:46:58 GMT
truncated
/ Frame 678D
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54e079809f5a8840136fdd7f7f50fc5cdb4adefeee57a8bcc087c439652236a1

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view%3Fxai%3DAKAOjsvd_tj-yQ9ueAe0Vt0NwhxCWSexI0dWck7JEjwB4eL6W7qa-ogE03knoOUD-hCkFxFxak90tEd3tFUnE2DMkc67OntCYoV8_NY9Zi5JLyES_455bnXKxvlwZXC7lKbMlYNGihVlOkP8XRh7cJLrn9Zr5gD8ky04tvXuQX7eF2vqBAZEo0Kw...
securepubads.g.doubleclick.net/pcs/ Frame 678D
0
56 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvd_tj-yQ9ueAe0Vt0NwhxCWSexI0dWck7JEjwB4eL6W7qa-ogE03knoOUD-hCkFxFxak90tEd3tFUnE2DMkc67OntCYoV8_NY9Zi5JLyES_455bnXKxvlwZXC7lKbMlYNGihVlOkP8XRh7cJLrn9Zr5gD8ky04tvXuQX7eF2vqBAZEo0KweY7S4HK0k2JuQAC3Tvys8SuTq-bQFiQuo6aZTaDO0WRixu-EY1dDH2L0VoiPfTC0dKtES2yh1AlS5skoRsUbtA%26sig%3DCg0ArKJSzHsq5UJFNK5EEAE%26urlfix%3D1%26adurl%3D
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 11 Jun 2020 03:46:40 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
amp4ads-v0.js
cdn.ampproject.org/rtv/012005262159000/ Frame E0BD
202 KB
55 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b009637beabb9f494ef15cf6c4303652428789993effe3911dbac52d55d516b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
22422
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56265
x-xss-protection
0
server
sffe
date
Wed, 10 Jun 2020 21:32:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9b3afaa85c48c2d0"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Jun 2021 21:32:58 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012005262159000/v0/ Frame E0BD
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012005262159000/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f66894df73715866eab1ce1ef61b102039652edb12e089afd58457a2029fd21a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
46080
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5893
x-xss-protection
0
server
sffe
date
Wed, 10 Jun 2020 14:58:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7c581cea2ef0aefe"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Jun 2021 14:58:40 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012005262159000/v0/ Frame E0BD
97 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012005262159000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f48155f11a2ab68fe1544f625c5692d20863eedb6ae86b09d68503c7181e213b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
22419
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29929
x-xss-protection
0
server
sffe
date
Wed, 10 Jun 2020 21:33:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22e1efecde29c9e4"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Jun 2021 21:33:01 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012005262159000/v0/ Frame E0BD
4 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012005262159000/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b1adb81e6eef0e62316c8d65a241d0becfd09c40216553791c5448af29b88d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
46089
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1719
x-xss-protection
0
server
sffe
date
Wed, 10 Jun 2020 14:58:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bc4637e8702685f3"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Jun 2021 14:58:31 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/012005262159000/v0/ Frame E0BD
48 KB
15 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012005262159000/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c4dc2f72703e588d57aa82fd323420635b14ca3f887aac4b27e65bef411343e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
46093
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14997
x-xss-protection
0
server
sffe
date
Wed, 10 Jun 2020 14:58:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"de17760b9f621603"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Jun 2021 14:58:27 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E0BD
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Jun 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
59862
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 11 Jun 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E0BD
295 B
357 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Jun 2020 07:18:34 GMT
x-content-type-options
nosniff
server
cafe
age
73686
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 11 Jun 2020 07:18:34 GMT
truncated
/ Frame E0BD
220 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48a962ad15a2bc6d1c5384205ca2c0ab3c43a747258204a4f1c5fa52f1bdf889

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/
0
55 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=4259266700532626&r=300x600&w=300&h=600&a=0
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 03:46:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5439139057868061742
tpc.googlesyndication.com/simgad/ Frame E0BD
39 KB
40 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/5439139057868061742?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm1Wt68mgLAPQdiIzzhY-27Qj4kWg
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ef6b8dd7895bdad76326e7aef51b0ebbfaf5daff8891cad7d4130d6c0beb3b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 27 May 2020 05:39:18 GMT
x-content-type-options
nosniff
last-modified
Sat, 28 Sep 2019 18:15:42 GMT
server
sffe
age
1289242
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40355
x-xss-protection
0
expires
Thu, 27 May 2021 05:39:18 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E0BD
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cez_0H6nhXvTjHpP43gO_opbQBvbokZ5dzbPx4JcLiZfiksgVEAEgiIC_FGCRtI-F-BegAe-yluICyAECqQLWFHpHJBOzPuACAKgDAcgDCKoE5gFP0Jq1IgCcSgZzlLCa9ijHNrZFxYEOE_9q3-M43Flcuhkd1PE50NXSBsUvyQ9ssuXoHDWd4OB07FBx5VImOkHFChNpLceIiveM2SoZ_JTe_z82pOQzyPF8B3DoSNUieJbFhhVtcNDCch2pToGGAmqCeussYEQp78aZi1nuVGQfeqBEGAJfzqA5W5MJKZ6i9xalsrqAZQw1YxbERg_1pnQdInfXDEgcJlUQEzWbKd-K9hVzOzQ8hdfjAPG2QFQBuNQmsiF-P0qM3cHlvR6-74uILXHzhgaKwhu9x9kWIYh-zzRu7mus8cAEhLqEh6cC4AQBkgUECAQYAZIFBAgFGASgBgKAB_nM6Z0BqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEM2hGNIICQiA4YBwEAEYHfIIG2FkeC1zdWJzeW4tOTg2MDI0NzEzODA5NDE3N4AKA8gLAdgTDQ&sigh=ZseKYFhvnAs&tpd=AGWhJmvnmt5NyQfneZorJn_uIeduUCxuz3vA2Kz9FmiCMsODCw
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

1153452811013376518
tpc.googlesyndication.com/simgad/ Frame AC4E
826 B
890 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1153452811013376518?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 May 2020 15:46:58 GMT
x-content-type-options
nosniff
age
1684782
x-dns-prefetch-control
off
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
826
x-xss-protection
0
last-modified
Thu, 03 Jan 2019 21:31:22 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 May 2021 15:46:58 GMT
truncated
/ Frame AC4E
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3e0d96bc30946300f11294e99b288dee62a471acd58112bfc24075fe0eaa528

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view%3Fxai%3DAKAOjss7RCzXtujm2TV0p8NQokpyuqXB4poc14voa-Ql2_jeIx_d9JVXaIRm6QLazwG9dR2uTGvMgzbegZV44ZGdziqe2lLim2Vb67c5F1qLy0zgHCGVQE-yOoXg-mAEVUF6z3uSZXBE_u9Ne58-pjhBRMeJx4nVVKjz_Kg8oLSQhas1HCX3h2Az...
securepubads.g.doubleclick.net/pcs/ Frame AC4E
0
58 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjss7RCzXtujm2TV0p8NQokpyuqXB4poc14voa-Ql2_jeIx_d9JVXaIRm6QLazwG9dR2uTGvMgzbegZV44ZGdziqe2lLim2Vb67c5F1qLy0zgHCGVQE-yOoXg-mAEVUF6z3uSZXBE_u9Ne58-pjhBRMeJx4nVVKjz_Kg8oLSQhas1HCX3h2AzwDD9812kjDgiGzpoWPAy7JNpOVKSUfs2HBJAYJaeUhbbT3JtQpljaqG5OOxxVyjXfkzw7e0T6ZqJEGwIxemxBg%26sig%3DCg0ArKJSzHO8R1SeqsydEAE%26urlfix%3D1%26adurl%3D
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 11 Jun 2020 03:46:40 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
1153452811013376518
tpc.googlesyndication.com/simgad/ Frame BC61
826 B
884 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1153452811013376518?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 May 2020 15:46:58 GMT
x-content-type-options
nosniff
age
1684782
x-dns-prefetch-control
off
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
826
x-xss-protection
0
last-modified
Thu, 03 Jan 2019 21:31:22 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 May 2021 15:46:58 GMT
truncated
/ Frame BC61
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b79ef9757beda3da3a9fc0ea61fe8f9fd994e2117485de2d0ff9882c9b4b8ab

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view%3Fxai%3DAKAOjsu_L-5vCP0ydPmoKmYL3QZGo7tKHtKyU3mLuPf1IKEAnuiFfSlsl6MqUjMGmWRPjpmUUh4eHaEGUvMp6HwPFHABKaiZKc3k7InQad-KKOtxUDc8fHKLyJsHY6f7X3ppYEZHnIJvst7VHfuPrKwZErfGEI4h_iJ0rFYR5bWK1EVUmW6Jjffb...
securepubads.g.doubleclick.net/pcs/ Frame BC61
0
58 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsu_L-5vCP0ydPmoKmYL3QZGo7tKHtKyU3mLuPf1IKEAnuiFfSlsl6MqUjMGmWRPjpmUUh4eHaEGUvMp6HwPFHABKaiZKc3k7InQad-KKOtxUDc8fHKLyJsHY6f7X3ppYEZHnIJvst7VHfuPrKwZErfGEI4h_iJ0rFYR5bWK1EVUmW6JjffbkZRXNgb3md_xq7NyQsp3kZW_ZsSS2SpICruSPENQqE_OFa2H7PeR9cJIYbu_cutQmJrAXOQnpv216UZCnrtKCA%26sig%3DCg0ArKJSzMg_ytZ2KKKvEAE%26urlfix%3D1%26adurl%3D
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 11 Jun 2020 03:46:40 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
1153452811013376518
tpc.googlesyndication.com/simgad/ Frame 5169
826 B
884 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1153452811013376518?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 May 2020 15:46:58 GMT
x-content-type-options
nosniff
age
1684782
x-dns-prefetch-control
off
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
826
x-xss-protection
0
last-modified
Thu, 03 Jan 2019 21:31:22 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 May 2021 15:46:58 GMT
truncated
/ Frame 5169
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00fbfb67b4dac12f83acacf0a9bf38a7dd2cc318e0f96a4c1de87ee4d5c8f331

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view%3Fxai%3DAKAOjssGgs-_fr7TKuzycCJuUP7Xgd8a9jccVyApXzfjPJwXysvU_5ZnpFDjVOKnNCV0d-xHUoTdSwzizrLjobo5_3Ii1SXdFuf90qqFGan1x9Y3JErdZwTubSOsOU4qPH4MDhGPx1ZHAc7pmptcDJF88zbf-uwNwlIdqwypiOgaIjgec_UK0skV...
securepubads.g.doubleclick.net/pcs/ Frame 5169
0
58 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssGgs-_fr7TKuzycCJuUP7Xgd8a9jccVyApXzfjPJwXysvU_5ZnpFDjVOKnNCV0d-xHUoTdSwzizrLjobo5_3Ii1SXdFuf90qqFGan1x9Y3JErdZwTubSOsOU4qPH4MDhGPx1ZHAc7pmptcDJF88zbf-uwNwlIdqwypiOgaIjgec_UK0skVeVYTsB1KXHOAgGqrpmU2NmnahfX_t7TsMfPr4UK6jqGiva6Rh71VM6vbJIhg-1f7AS3P59go9k74RkYwbiwPBA%26sig%3DCg0ArKJSzL8In277kKghEAE%26urlfix%3D1%26adurl%3D
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 11 Jun 2020 03:46:40 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
/
audit.quantcast.mgr.consensu.org/
80 B
486 B
XHR
General
Full URL
https://audit.quantcast.mgr.consensu.org/?log=;1591847200098;Wccftech;https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F;;;;;p,on,false,,1,en,34,205,true,false,false;displayConsentUi:mandatory,;GDPR-apmkpifp0blgtxh21krt
Requested by
Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v34/cmpui-popup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.198.18 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 19:16:17 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
vary
Origin
age
30624
x-cache
Hit from cloudfront
status
200
content-length
80
last-modified
Mon, 11 Jun 2018 22:07:34 GMT
server
AmazonS3
etag
"0614149d8033903db5de46d6c184bbfd"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
UiIFZBbkP-FwnN74DJgym3l4r6YoozAO9iSg2AIg5Ayi553rcrkBWw==
1153452811013376518
tpc.googlesyndication.com/simgad/ Frame 8F04
826 B
884 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1153452811013376518?
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 May 2020 15:46:58 GMT
x-content-type-options
nosniff
age
1684782
x-dns-prefetch-control
off
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
826
x-xss-protection
0
last-modified
Thu, 03 Jan 2019 21:31:22 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 22 May 2021 15:46:58 GMT
truncated
/ Frame 8F04
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1bea1bb6bdde76104d013a640114fc2b25a97d250b38b1d4b71b6c475a92ae0f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view%3Fxai%3DAKAOjsvbJo9KnplaoJtWRqCQ5BcGcgrOSZUO6GDIZBd2y0GWdsTzql_YOjRwOTtPX87nSp6FKpKc2X6S69jDLdx68cVXFPfDCyRwbxnVRBFLXs1Azh8HgjcWP2WWn2eIflYRT5UyV56l51kv6FK881rFLc24YlhDYnXnyENJP3-W05Mwt5mYgFF0...
securepubads.g.doubleclick.net/pcs/ Frame 8F04
0
58 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvbJo9KnplaoJtWRqCQ5BcGcgrOSZUO6GDIZBd2y0GWdsTzql_YOjRwOTtPX87nSp6FKpKc2X6S69jDLdx68cVXFPfDCyRwbxnVRBFLXs1Azh8HgjcWP2WWn2eIflYRT5UyV56l51kv6FK881rFLc24YlhDYnXnyENJP3-W05Mwt5mYgFF0QPyFYex7FD1EfPKU7En_1rY3cCG_XqWWa8SMNEWM5-PIyeWV82rewpr_UuAKCn0jlu6vxljKUKTJuB8LVleZdQ%26sig%3DCg0ArKJSzBzCu0c6QML-EAE%26urlfix%3D1%26adurl%3D
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 11 Jun 2020 03:46:40 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3854
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Thu, 11 Jun 2020 03:46:40 GMT
x-content-type-options
nosniff
server
safe
status
302
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame DCDD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Thu, 11 Jun 2020 03:46:40 GMT
x-content-type-options
nosniff
server
safe
status
302
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame E0BD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Thu, 11 Jun 2020 03:46:40 GMT
x-content-type-options
nosniff
server
safe
status
302
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3854
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Jun 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
59862
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 11 Jun 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3854
295 B
352 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Jun 2020 07:18:34 GMT
x-content-type-options
nosniff
server
cafe
age
73686
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 11 Jun 2020 07:18:34 GMT
3473937056527559795
tpc.googlesyndication.com/simgad/ Frame DCDD
11 KB
11 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3473937056527559795?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlq0QuE81uT4dHTTx112zZNRg0-2w
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a86c119bda8f4d1d296671a10599893ae222c757a48c547242710ba4c903483
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 17:56:42 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Aug 2019 06:22:14 GMT
server
sffe
age
35398
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11223
x-xss-protection
0
expires
Thu, 10 Jun 2021 17:56:42 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DCDD
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Jun 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
59862
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 11 Jun 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DCDD
295 B
352 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Jun 2020 07:18:34 GMT
x-content-type-options
nosniff
server
cafe
age
73686
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 11 Jun 2020 07:18:34 GMT
5439139057868061742
tpc.googlesyndication.com/simgad/ Frame E0BD
39 KB
39 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/5439139057868061742?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm1Wt68mgLAPQdiIzzhY-27Qj4kWg
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ef6b8dd7895bdad76326e7aef51b0ebbfaf5daff8891cad7d4130d6c0beb3b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 27 May 2020 05:39:18 GMT
x-content-type-options
nosniff
last-modified
Sat, 28 Sep 2019 18:15:42 GMT
server
sffe
age
1289242
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40355
x-xss-protection
0
expires
Thu, 27 May 2021 05:39:18 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E0BD
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Jun 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
59862
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 11 Jun 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E0BD
295 B
352 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Jun 2020 07:18:34 GMT
x-content-type-options
nosniff
server
cafe
age
73686
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 11 Jun 2020 07:18:34 GMT
stat.gif
referrer.disqus.com/juggler/
43 B
295 B
Image
General
Full URL
https://referrer.disqus.com/juggler/stat.gif?event=cmp.present
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 03:46:40 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=674700d8-56f8-4e0c-aecf-b9c3ebe8f945&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=674700d8-56f8-4e0c-aecf-b9c3ebe8f945&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDRFasMPskmmtCA16It3llw&google_cver=1
43 B
114 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDRFasMPskmmtCA16It3llw&google_cver=1
Requested by
Host: wccftech.com
URL: https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.188.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 03:46:40 GMT
via
1.1 google
server
OXGW/16.188.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Jun 2020 03:46:40 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDRFasMPskmmtCA16It3llw&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
info
gurgle.zdbb.net/
307 B
518 B
XHR
General
Full URL
https://gurgle.zdbb.net/info?url=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&fpid=
Requested by
Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.225.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-225-201.compute-1.amazonaws.com
Software
/
Resource Hash
478427a0f316adaa1eed5ee53af75b688e4fe81916a493aabb717e87e8992f73

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:41 GMT
status
200
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://wccftech.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control
content-length
307
sodar
pagead2.googlesyndication.com/getconfig/
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020060103&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6e75fe17442d4cbf42eac9c4cbb2282dffbeacfbc26e79e5dd420fd83035096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 11 Jun 2020 03:46:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5567
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js?21066386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Thu, 11 Jun 2020 03:46:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 8705
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Thu, 11 Jun 2020 00:20:59 GMT
expires
Fri, 11 Jun 2021 00:20:59 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
12342
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
check
jogger.zdbb.net/
5 B
230 B
XHR
General
Full URL
https://jogger.zdbb.net/check?href=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F
Requested by
Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.13.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-13-155.compute-1.amazonaws.com
Software
/
Resource Hash
4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 03:46:41 GMT
status
200
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=808828
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control
content-length
5
zd-core-olt.min.js
cdn.static.zdbb.net/js/
844 B
778 B
Script
General
Full URL
https://cdn.static.zdbb.net/js/zd-core-olt.min.js?v=5
Requested by
Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.224.209 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
cWmL8LvNBPCKvMbxX2bcL1dmlfbjaM1F
content-encoding
gzip
last-modified
Thu, 21 May 2020 06:25:11 GMT
x-amz-request-id
8E16ECC3A8590A48
date
Thu, 11 Jun 2020 03:46:41 GMT
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
464
x-amz-id-2
lSg4YYrBMHn3Wx8AQfGF0l8LlL1DkCtXt+4DhsvOPX1EUZmTJLQfDYqkzDAogvWTN3quG6XubVY=
expires
Thu, 18 Jun 2020 03:46:41 GMT
bk-coretag.js
tags.bkrtx.com/js/
30 KB
11 KB
Script
General
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.245.241 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-245-241.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
d406a6cab9bdacdbb630437c932d1c38fa7ebbfedccb57b90952610e8b2b2130
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Encoding
gzip
Last-Modified
Tue, 26 May 2020 20:03:16 GMT
Server
nginx/1.15.8
ETag
W/"5ecd7604-784f"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Date
Thu, 11 Jun 2020 03:46:41 GMT
Connection
keep-alive
Content-Length
10652
Expires
Thu, 18 Jun 2020 03:46:41 GMT
krux-coretag.js
cdn.static.zdbb.net/js/
335 B
566 B
Script
General
Full URL
https://cdn.static.zdbb.net/js/krux-coretag.js
Requested by
Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.224.209 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-224-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
0N84oHjM4acnCSnzsSmwGIXqQ6yNm8kv
content-encoding
gzip
last-modified
Thu, 21 May 2020 06:25:05 GMT
x-amz-request-id
94FE31EB6198008F
date
Thu, 11 Jun 2020 03:46:41 GMT
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
content-length
255
x-amz-id-2
eZFC/6oqWTApHF/6BwomxkdZvv07TMQBSRu1qZuD7Lzx7tf757Qrd8bMy5W0eHJThAOslLYthDg=
expires
Thu, 11 Jun 2020 04:46:41 GMT
z0WVjCBSEeGLoxIxOQVEwQ
zdbb.net/l/
43 B
108 B
Image
General
Full URL
https://zdbb.net/l/z0WVjCBSEeGLoxIxOQVEwQ?additionalInformation=&cms_page_id=&local_uid=&referrer=&zd_pageview_id=55a873be-38ab-4831-a3e0-703e041d9a63&zd_location=https%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&evidon_consent=undefined&third_party_consent=&fu=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.89.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-89-80.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 11 Jun 2020 03:46:41 GMT
content-length
43
content-type
image/gif
spgdj7g8u.js
cdn.krxd.net/controltag/
2 B
385 B
Script
General
Full URL
https://cdn.krxd.net/controltag/spgdj7g8u.js
Requested by
Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/krux-coretag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Thu, 11 Jun 2020 03:46:41 GMT
content-encoding
gzip
age
954
x-cache
MISS, HIT, HIT
status
200
x-app-cache
MISS
x-age
0
content-length
22
x-served-by
config-service-a005-ash-prod.krxd.net, cache-bwi5142-BWI, cache-hhn4082-HHN
x-response-time
0
x-do-esi
esi
x-timer
S1591847202.633642,VS0,VE0
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 7, 35
30629
stags.bluekai.com/site/ Frame 6D8E
0
0
Document
General
Full URL
https://stags.bluekai.com/site/30629?ret=html&phint=site%3Dwccftech.com&phint=referer%3Dhttps%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&phint=bbseg%3D1100034&phint=bbseg%3D1100037&phint=bbseg%3D900111&phint=bbseg%3D6929&phint=bbseg%3D900115&phint=bbseg%3D6816&phint=bbseg%3D6817&phint=bbseg%3D900002&phint=bbseg%3D6819&phint=bbseg%3D6947&phint=bbseg%3D6821&phint=bbseg%3D900003&phint=bbseg%3D6823&phint=bbseg%3D6825&phint=bbseg%3D1100077&phint=bbseg%3D6833&phint=bbseg%3D6834&phint=bbseg%3D900018&phint=bbseg%3D6837&phint=bbseg%3D6845&phint=bbseg%3D1100095&phint=bbseg%3D6848&phint=bbseg%3D6850&phint=bbseg%3D900164&phint=bbseg%3D900041&phint=bbseg%3D900169&phint=bbseg%3D900049&phint=bbseg%3D6886&phint=bbseg%3D900200&phint=bbseg%3D6889&phint=bbseg%3D6894&phint=__bk_t%3DMicrosoft%2C%20FBI%20%26%20Others%20Partner%20to%20Take%20Down%20Massive%20Andromeda%20Botnet&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwccftech.com%2Fmicrosoft-fbi-shut-andromeda-botnet%2F&phint=__bk_v%3D3.1.5&limit=10&r=45843478
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.43.114.84 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-43-114-84.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Host
stags.bluekai.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/

Response headers

Content-Type
text/html
Content-Length
71
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server
9310
Date
Thu, 11 Jun 2020 03:46:41 GMT
Connection
keep-alive
X-N
S
gen_204
pagead2.googlesyndication.com/pagead/
0
55 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020060103&jk=4259266700532626&bg=!YGOlY3tY6fL7LRr_HxwCAAAAb1IAAAAVmQF0l3EujjBH1JdKordQKshrPCF6xTnceYPNmWJm5pdY0w76vBeFEYoOlHOT9tTrP53obT7puDWRQiTr6XPhFGCsy65h62ZJ-3AjabJL_u0u64HAVUhhKqq54UXsajpDYhYqmthHCFbVF9sSrx0yQo8aOfaXA2_HwuFMngUs2qygIdlJs7Ydd0U9w7i4ZbFOt3W_uSam083Q3DZlFLX2cQ2FD32ql_FbkeXoS6dq5ITmBEpG550o8TbN0dn-SAJUsHeFBCPV6HVQfZ4IsAd47vThMpFmXg9U7bhiRYtcQyEDSM3p8cnS8LtbF52XeuRti4W-W13ZmK79EYAk8gmkq6bk4e_Wuu-wDwmyOliiQrZE62R7uLludEbo_xINuuBgNtBlYuoshenwXqipHd8SNqw9wxoNkOV8kqEncFpz7aJ_NVqnOgbaAW34QuNNE-cqctPetER-EReYX7ZpRSatSOhErcQ8PsBDQ_qZhXaTrHf8bFk6s2C2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 03:46:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3854
42 B
112 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3O9ltewNqPD0r-siyzAUfO_Zn3DcHeFr8QhhBRtvpuo1dtESGBWzxr_VmDe7XwIlqotSOePhJdHuATUeL0eluSHl7nU-d1DAw2t0_NCa7zYEYRtAZ9lJu10GNWA&sai=AMfl-YQ9hjHHa1ej_Y03SHlrhtcjPNGnx8C-KUrcPP-4_Gi6coqe5r-0Ss3o6SKgSRGztzoqGRT4yjuMJBrIok0ikIXZzER7Qh3OtgGsEHhl&sig=Cg0ArKJSzE3A9idv8_awEAE&id=ampim&o=315,150&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=303&tls=1304&g=100&h=100&tt=1304&r=v&avms=ampa&adk=1703312837
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 03:46:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DCDD
42 B
107 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxocbnwowloaYnfJLA8wqUIxyxo3RkFH5HT_LQoU_sFc_iH-FHdKWzo03isXkMUSX5P76Urp2g2Py_rWNml9sF0GP_rsrladhVO8LY4gy-15Fzp_OMXnC22wCM2w&sai=AMfl-YSUx4F6hxspBMSrz9Z_EKY-9XTprBgapAyj_ZPYUUgBxncFMzWtMkixRdvGq0LmysGY_9JWzwwKO9eSY_gkKE4sXdPIEAd6P0ijDFytQw&sig=Cg0ArKJSzFu7QzNuWvsREAE&id=ampim&o=1050,559&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=276&tls=1277&g=100&h=100&tt=1277&r=v&avms=ampa&adk=4038910844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wccftech.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 03:46:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/simgad/1153452811013376518?
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssHurOLf4StNj_qtTRcjeQ_Iu6CCDtOWx0MUmlgrJZ3vBCYyWImhfqkEIOPpNkxK1B-2GvGtKYWwdTZM8-C4cp70uxhabe7TrCzt9Uk3CRy1yHO5WSSypFHIWkUfQybVkDLotuk7TMutXZ42q6iZfaHD_WPqN80glCe4asCuwNQBRpF8PnsmANSK_0z9-JC5xMuqxY6bxOdt-ap65gDxZLu6esvRDQp53sqU6jdfxz8MtgmJRSMZq-hV_pFRODn5ldgeUcnSg%26sai%3DAMfl-YQ6UXzLGNOoHzwI2D_XMogTrXa7FsL6RWjmMzDqxu4RRrw8BOHH3kRaj1bU31V8OrFzqDbMB_es-2FcYwJKsHvmbVsWq4MIPUX5mEbIzQ%26sig%3DCg0ArKJSzAEanEnjGZnxEAE%26urlfix%3D1%26adurl%3D
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/simgad/1153452811013376518?
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssSyyQVazHyKqpxlOayvdXaRC1ZosCdtW9w-1M7MsVMHy9lWCHRFsbMiP_s2tWHSmTYL1l-udJVIavxOHtsBz3Gv68k7yz83b5ScRkmlQkEC3-g2YxEHGTa1j1b5fKkb8fUomy1pphj1LbjaqJqU9HtiQTG3u_dEXvGAf6_OUC7Fjh0M4ApEOWObA_ncNXxoWE6cpQ_zsW6k4_3nrOykM4DPLhdE6vFfZNmyGff8ihLXaxl_XhVz3tfiMTi_bP0n6xpWinQeQ%26sai%3DAMfl-YQr3RsCkA8iypknfXrhnOtb0LwgS_sUq5sqVEDPuUt7Szun45B05ywg78JyRhlFSwO0tYdx45ZbtaoCnOiyqM3ykWlYwkIs_LD6R8GzOw%26sig%3DCg0ArKJSzJwiWHC-oWMREAE%26urlfix%3D1%26adurl%3D
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/simgad/1153452811013376518?
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvJyXlOvH9xz-N1Z1Qa0xXDTeePUGKvPwpN4k243eJhAInm-DxCeg40PPv2wPdL-TFftMkfzAXsq2xNOtiOB1qD0ePafWggKy3Fr8UA35e8tI8jg5yEVw7Jb9fax--iYGGXP0C7rjY70vTqZ0a33H2XGszjEnN91Q8TC6pBAPOn8Psgo25SNhuCK02izBCuse6gi94Kkc5kM0g2XcolBuJSD_QKeQXtTAu6YBsAVgqmDh8rP-FfnWrTowPhCSDgEReSHJ2qIA%26sai%3DAMfl-YT1aWIAqFDHpvY-jzkvVdZ3vH4B_8EcjnLsNm00yy3clMpZM7veK59ZZ2IOu4tmxsUTc9a5k-QXwhcYUqw7GaJgKfekG80l4ah16GkZ%26sig%3DCg0ArKJSzKTDh2wdP-fREAE%26urlfix%3D1%26adurl%3D
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjssjF7DQHLS5KFIjp_Fxa-8nyU3h2psL-T44Z6LFOKg4V1loRH74jtPLAmgv8XtcymXNjCR_no2DyrsOvUB81NAZIUGBD2Lz7R8LAC7uXJd68hHCabkt-yRN-JuV3K4U_UuW58H3_jMsdBgpmvi5WP8OaCIMg4WUhcCQ7IML4M1yaE-HxkO65JRe1zGfF72gB6mxvPhyivA_liF1VPb9mkiAFR3NSHWwxknNj2larh0lT-SaiqeRh-8yVFTw-HzflPmIVCJ2Jw%26sai%3DAMfl-YS_tuZ1cNDj-RtgnqDbQN3pKRSA8WPKQaxT41ghz1IPgbmqNY8z7osDlDvHJuCch7sCEokKSnIuxan17R26LHvUgLZEnrkzZ096Kt0b%26sig%3DCg0ArKJSzC82HEx0yzc2EAE%26urlfix%3D1%26adurl%3D
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/simgad/1153452811013376518?
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsuJC-fVJsQeDKbchq-sSu6xh5mkjuJ8lD9Y1rS3ftHTYWHS5SpYVf5OnSIS9iyBhRct4IFaydqWLHfZhnYwNv0eOw9na8uaqj7Ynta9kr4A7vuMK_mBKqxKn7T4gaVd4vS7zjKZM8EeJd-rmigqY_ozwes0wuyEUGN3lcOXeVq07ZltCYaHPOnVFEKVUKBuIfG6Awc6dXmjCZkfUith7D0koRaX_G2QlZRMFVuY_vGS6XZOH2yAUFFW4Az0hCW2W-S5vYJzbg%26sai%3DAMfl-YSZ785dRmsTabkBqyJXNtrtY2RsLu_8g9haPhhmH_ZzvPEHbJTyf-5DiCo9WZxkbO9Exjrm0PPxIOViOkwW8okaTkeqxh5l9XjSJ3nzpw%26sig%3DCg0ArKJSzKw8yfNbViC0EAE%26urlfix%3D1%26adurl%3D
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/simgad/1153452811013376518?
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsuaiUKAlSqYpfQjUoobvNjI-lo-mwrmOk_goRQ8S7NYg8dYKoS7P81W7Kwnv2DwbIQIhMq3NilYP7AELve4PfbO_IwAFB9KBTKijm0RbyCFtEKJuF41dvcPfC4STDK5-Z94WWQ94agAwlmid4iTlPDoXRXsSbbxoVk_3HRVr_H20IShTCMYfCfnO1ihLI5C1tytviMFUNmP2kS7HEF9sZTbOD-ukPM-RGSSx4La76TAkSBEJ8zne0RAuJoDCCJqrPDbLCA6JA%26sai%3DAMfl-YSHyWObseX13DAkmZfsw0pYaE64dlQL25TWwj4vhJMygVMQVIrZ2f2CC7J3VH3DGEuhTWH1tkpsfE6Fde9Wj3ZNUwemi-Nds_Bu-tKBe7uFlf780_bUubR3s0vwcuw%26sig%3DCg0ArKJSzCtupMB-fiFTEAE%26urlfix%3D1%26adurl%3D

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| algolia string| pixelRatio string| GoogleAnalyticsObject function| ga object| elem object| scpt function| __cmp string| mypage object| priceGranularityConfig object| adUnits object| apstagSlots number| PREBID_TIMEOUT string| PG_LOGGER_URL object| PG_BIDDERS_MAPPING object| googletag function| fetchHeaderBids function| _objectSpread function| _defineProperty function| _instanceof function| _classCallCheck function| _defineProperties function| _createClass function| SmartReact function| Slot function| Ad function| isRectVisible object| smartReact function| addSmartReactAdUnits function| PgLogger function| pbjsChunk object| pbjs object| _pbjsGlobals object| __core-js_shared__ object| apstag function| setImmediate function| clearImmediate function| UUIDv1 function| clamp object| STR undefined| UUID object| Audit function| fbq function| _fbq string| disquspageurl function| disqus_config object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof function| ownKeys object| _0x5738 function| _0x1fe0 object| BT object| BT_PAGEVIEW_MAP object| blockthrough object| BT_RETRY object| BT_REDIRECT_RULES function| truncate_text function| do_share function| getParameter function| $ function| jQuery function| Headroom function| wNumb object| noUiSlider function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| NewzmateConfig function| safeLog object| jQuery112407583646881350847 function| pb function| beacon function| amazon_assoc_ir_f_call_associates_ads function| amazon_assoc_ir_f_call function| amazon_assoc_ir_call function| amzn_assoc_ad_spec_type object| amzn_assoc_ad_spec object| amzn_assoc_ad_async_spec object| adUnitDeliveryNetwork object| slotCounter function| cmManager object| amzn_assoc_cm boolean| amzn_assoc_enable_abs object| amzn_assoc_internal_params function| assocUtilsMaker object| amzn_assoc_utils object| amzn_assoc_ad function| amzn_assoc_jsonp_callback_adunit_0 function| amzn_assoc_client_cb_0 undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| $jscomp object| __stitialW function| __NSGPTB function| __NSGPTDummyCMP object| NSGPT object| stitial object| diagPixSentCodes object| __iasPET object| __iasAdRefreshConfig object| Adomik object| _comscore boolean| __NSGPTBp string| google_page_url object| DISQUSWIDGETS undefined| disqus_domain undefined| disqus_shortname object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| core function| __uspapi object| DISQUS boolean| apstagLOADED function| a object| b boolean| d string| e undefined| f object| Traqli number| google_srt function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing function| udm_ object| ns_p object| COMSCORE boolean| SVGFEFuncCMYKElement boolean| YSVGFEFuncCMYKElement object| Ci object| __upo_d boolean| uponitAlreadyLoaded function| trackingUtils function| elemTracker object| amznAutoTagger function| __cmpui number| __google_ad_urls_id number| google_unique_id object| pvar function| gaTraqli function| NolTracker function| nol_t function| logger undefined| _rsCC undefined| _rsCG undefined| _rsDN undefined| v52v53_pvar undefined| v52v53_trac undefined| _rsEvent undefined| _rsLinkTrack undefined| _rsClick boolean| __pvsent object| ampInaboxIframes object| ampInaboxPendingMessages object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| google_image_requests object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| zd object| GoogleGcLKhOms object| dataLayer string| __ZD_CPID_ object| __ZD_USEG_ object| __ZD_SEG_ object| zdcoreSignalBuffer function| Krux object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut

1 Cookies

Domain/Path Name / Value
wccftech.com/ Name: fu
Value: 1

9 Console Messages

Source Level URL
Text
console-api log URL: https://pubgalaxy-com.videoplayerhub.com/gallery.js(Line 1)
Message:
Video gallery initializing
console-api log (Line 1)
Message:
div-gpt-ad-wccftechcom37090 not on page
console-api log (Line 1)
Message:
div-gpt-ad-wccftechcom37089 not on page
console-api log (Line 1)
Message:
div-gpt-ad-wccftechcom35855 not on page
console-api warning URL: https://static.quantcast.mgr.consensu.org/v34/cmpui-popup.js(Line 1)
Message:
Unable to get NonIab Vendor list.
console-api info URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js(Line 410)
Message:
Powered by AMP ⚡ HTML – Version 2005262159000 https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
console-api info URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js(Line 410)
Message:
Powered by AMP ⚡ HTML – Version 2005262159000 https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
console-api info URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js(Line 410)
Message:
Powered by AMP ⚡ HTML – Version 2005262159000 https://wccftech.com/microsoft-fbi-shut-andromeda-botnet/
console-api log URL: https://cdn.static.zdbb.net/js/zd-core-olt.min.js?v=5(Line 1)
Message:
ZD Core :: Outbound Link Tracking Initialized

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4d8103fb21d776cb7a874fb3c68381c4.safeframe.googlesyndication.com
aax-us-east.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
adservice.google.com
adservice.google.de
ap.lijit.com
apex.go.sonobi.com
api.skimlinks.mgr.consensu.org
api.traq.li
apis.quantcast.mgr.consensu.org
as-sec.casalemedia.com
audit.quantcast.mgr.consensu.org
backend.upapi.net
c.amazon-adsystem.com
c.disquscdn.com
cdn-gl.imrworldwide.com
cdn.ampproject.org
cdn.krxd.net
cdn.nsstatic.com
cdn.static.zdbb.net
cdn.wccftech.com
cm.g.doubleclick.net
connect.facebook.net
disqus.com
dsh7ky7308k4b.cloudfront.net
eu-u.openx.net
fastlane.rubiconproject.com
fls-na.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
g.pcmag.com
googleads.g.doubleclick.net
gum.criteo.com
gurgle.zdbb.net
hbopenbid.pubmatic.com
ib.adnxs.com
jadserve.postrelease.com
jogger.zdbb.net
load77.exelator.com
loadeu.exelator.com
mrb.upapi.net
mug.criteo.com
native.sharethrough.com
ns.zdbb.net
p.skimresources.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
prg.smartadserver.com
pubgalaxy-com.videoplayerhub.com
pubgalaxy-d.openx.net
quantcast.mgr.consensu.org
r.skimresources.com
referrer.disqus.com
s.ntv.io
s.skimresources.com
sb.scorecardresearch.com
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
stags.bluekai.com
static.quantcast.mgr.consensu.org
stats.g.doubleclick.net
sync.crwdcntrl.net
t.skimresources.com
tags.bkrtx.com
tpc.googlesyndication.com
us-u.openx.net
vendorlist.consensu.org
wccftech.com
wccftech.disqus.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
x.skimresources.com
z-na.amazon-adsystem.com
zdbb.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
104.111.224.209
104.111.231.145
104.111.238.139
104.111.245.241
13.224.198.18
13.224.198.97
13.224.199.29
13.225.73.116
130.211.23.194
143.204.95.142
147.75.102.200
148.251.128.74
151.101.0.134
151.101.112.134
151.101.114.133
151.139.128.11
172.217.18.162
178.162.133.150
178.250.0.157
18.196.217.48
185.33.220.244
185.64.189.112
185.86.138.78
195.181.175.48
2.18.234.163
2.18.234.21
216.58.210.2
216.58.212.166
23.43.114.84
2600:9000:20eb:ba00:1:af78:4c0:93a1
2600:9000:21f3:3200:2:42d9:3100:93a1
2600:9000:21f3:4200:9:46dc:4700:93a1
2600:9000:21f3:4400:9:46dc:4700:93a1
2606:4700:20::681a:346
2606:4700:20::681a:91b
2606:4700:20::ac43:4acf
2606:4700::6812:a913
2606:4700:e2::ac40:8526
2a00:1450:4001:801::2001
2a00:1450:4001:802::2002
2a00:1450:4001:808::2001
2a00:1450:4001:809::200e
2a00:1450:4001:814::2003
2a00:1450:4001:819::2004
2a00:1450:4001:81a::2001
2a00:1450:4001:81a::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9a
2a02:2638::1c
2a03:2880:f03d:1c:face:b00c:0:3
2a03:2880:f13d:83:face:b00c:0:25de
34.237.225.201
34.253.109.165
34.255.89.80
35.190.40.172
35.190.59.101
35.190.91.160
35.201.67.47
35.244.159.8
35.244.246.232
52.30.27.50
52.46.141.211
52.5.148.243
52.94.237.66
54.172.13.155
54.77.157.39
69.173.144.141
72.251.249.14
78.46.98.130
005cc16db71f1102e421a2c8ae20881c3eaf52f152dc503951ec1b7dd31b193a
00fbfb67b4dac12f83acacf0a9bf38a7dd2cc318e0f96a4c1de87ee4d5c8f331
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06a87bc7a6cd456c39eb8dc4dc9cad3f9c508f503e5d00bd37505629a0876fea
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
082928d3ddb26cb1bc249c81f721b764d624e1cc300fc62c1fcc8f9c3e167c5c
08605dde0f0c8b2b266cb546c7ef8b6c12040db8924bfb4612a0fd39e482f922
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
098b2db1c7c0d5d86b829d845136435d1c9754c2153657557570ea32f6d231b4
0a6ac53afb044518ae02aaccf12cfcd5d8ef3cb4f43fafb80c6b389e91cad05b
0aea393395a2ddccf05360c9f912521494e9f6840464d2c312028765ebbccc04
0dd081b756f78b91ede49dee75a7bc75c17e4058b831a9388821046b08a40083
0e4caaefe6e636e4d3e6b9950f4589681a9b691fd4f54e96eb5cfc914d325aca
0ecb77538949b64f9a16422a41e21694d93b94a840ad6d76fcfc4b971660f8ed
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12b867c531f214d1e45961185edfdfc3553d3207e1c48bb79ccf79910d1567dc
1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2
13e524226cb57622366c08ba4ba0e590e012c76f994cd1167cb2d646cfb537a8
1ab333ecb3ef59c03bd8f3b91ba354a2a754b4c81fe5a6cefbe6b153074b7b02
1ab5373bb8b6a623f8f95c53297b7aa5b59c91a3b7781e30f5205ece928652d4
1bea1bb6bdde76104d013a640114fc2b25a97d250b38b1d4b71b6c475a92ae0f
1eb29ea88ac410c1cf329af83a91d2453b9d9e1f5371eff2f20cdaa379388e43
1ef6b8dd7895bdad76326e7aef51b0ebbfaf5daff8891cad7d4130d6c0beb3b0
20771dcfdb184e0554b5d7e8e997114d44ec4e3d491fec3b4fe2dd2140cbb4f6
2213a2eace5f9bb66a83e282f9955f18ffdf8a7c4cf5b4fcab1afb682c02eb77
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2d233c1838084b7e804e0e7a887190eeeb356132b1f625c7fa96ed3efd61e8b2
2da7bd2aa1105b4c8f6e02d99cf67255fa07f3a99e06f001c50267f965bb26d0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
2f74b30a08aa447804cbab90fd60da5879e441e9b44b22da9aee9187b948e86f
31046614b98ff4b0870e87c117221261220d37a504ce4bf1e4c2487ad1d35bde
3231bc2f052fb20c581286899b6993c53eecfe6baefa71807ed48a04b8d9b69b
345de54e9a54f40ecface810d1c0e557f1c97d3fa8d7ddae3de33bbee6797369
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36635da2181832c45ab3139bf0abe888a3cc9dd82aa13d2ffd20c6817dc1a8ae
3759503231bb02182792f15178222438d49df7307025cd0b7818c421f7380a44
38997f0b9bb8b0d35eb0c1f9e1b05249f6f1e9972419d4f41ff389e3a35eb924
3af1040f40683c251264df004d2ff25d93970cb1300258008256db650dd106fa
3cadc485b9c29303ed57dfb909a3e4acecece8704b3aaca8d22dcc57260ef111
3edae50a98ecc613226e64badf66c9641c26e5451af4fc0618ee6d5b5c140533
3fa473d6b3c64226cfee6729a9c111dcef10b1312b1f5806036e7ea8348b2f7d
3fba340c6314de4aa9ebc5e48e2af7e0eb55506632ce04687fad81655b8752fd
40802b18012d21efc49785fb8b8defab5bf92650667f3d3cc894d8cd4abfac6c
41058e6d31b6d9cc77ab0ecfdf28397f96e4b13cefdce8131004e3db6899263c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
446985e3f4d16f368f010cd7461820dec631794a53fbcc49bb97605f2255720c
44c110b9bb44640e7485739286c8208a4204479b5a62f697eb3cd5ffc44a4fec
459bf4c8e9463bb1488cdd3722c1cfda327d24386e2c23b629eb54bb8681f590
459f8ac1f0c7b7bbf002e9608b5b7b2fac840e9ed60f75987be8b70b5e78b52b
46c9ef7f7c5ddd89e7f67f0816a333af66a151d056f6e4f7d716ddd107589961
46f26760a3f1c3dd2655e9fa62fcaf057c9cc96cf41c96c4132bb6fcbc2fbbcf
478427a0f316adaa1eed5ee53af75b688e4fe81916a493aabb717e87e8992f73
481f0036417fb01173d98ad6708a17387f92ddfb1ed2e424d6e90c0fa168a4ec
48a962ad15a2bc6d1c5384205ca2c0ab3c43a747258204a4f1c5fa52f1bdf889
499721bc8b9008e6012b07c310c97ca23ae655da513893bf1c454fbabd5c0211
4b79ef9757beda3da3a9fc0ea61fe8f9fd994e2117485de2d0ff9882c9b4b8ab
4c4dc2f72703e588d57aa82fd323420635b14ca3f887aac4b27e65bef411343e
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
4d925092717cd45e755be127349de89186b0a879f3f29f0f77172d63f51c173e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1b5e4db91e64909e29b8fadf3d1f6b7eccb0cec39b05d70f47c0ba53742953
4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3
4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
54e079809f5a8840136fdd7f7f50fc5cdb4adefeee57a8bcc087c439652236a1
5a9ae5c1760f19f103a43825fa9fb5d4be966e6bc63509e3aa34810be08c105c
5c1476ae8bb745d2f600abd7d6263f0b8f3bd4acb6b0e31345e11d17742f85ac
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5dc917ab496c27280b16415e26bf3bab653225969054258bfeceae2fb0f525e1
6419e473a8408242b49201c8bfbf2b31116ead7ddd8fe369a2f226a8899d0653
697826ee0c6874562a5f151f0352e0b25208eed7bad2e744b14d7433802a4c82
6b009637beabb9f494ef15cf6c4303652428789993effe3911dbac52d55d516b
6b1adb81e6eef0e62316c8d65a241d0becfd09c40216553791c5448af29b88d7
6db09b8713da8417e6fc56c7aa0d5663158b8081855b84c078d91b862b87b235
6ec26bc7f406efd6544ed1ee5eb108d7c8f449edd950d1c8f79875e15b6eda7e
6f05a83ebb4a781650281794595443eb05cc5cce25da5d6ce986241322949196
7069e9fb020f31adeca9977f0d2b9fc3e9c8485ece27ed5c926fdab0341c418a
71b0eb5c99ee8901f1f040d51d3fe194bd0d505d41cfbba3105a5a187d2e6c8e
72166cc8c1ea2799099c8fd74599445a76ef623744026109a7930624f6d182f5
724c1820cefddc2e026ee1c3baf8903ac8a517bbc486dbcc8976b9ae176449cd
7281df0fc37f02952ecbff4b9f47640a7f193aac19c97f89e3e276b20d47e454
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76e7081c080da7975a6e9e3b189b015889eeef8f164b8b6fe3b39edc24704215
7a9a103620c94bb2e6fb385f31f94a1a68d4b8cb02c133a068d7dc4d3b749766
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85931e517e6710d635a90e749e109df46f53707eae53ccbaf9c4c6a79fcb7b2f
8748bb17bd7f25416d4e476a16f59ab106fbb759ac55647383e48a1dd7458315
87e71034f0094f610d3cab193acd142a20bee189e45aae9b31a286fedd561a34
88e2981a75a7313ee4d962fcd1949f06d4ea5b8452dff9354ed5b1fafa857728
89fb76cd00f3c01233cac293656ae5debc20b6c7d284d69c85d4215eaa104bbc
8d6b682627316bb22e2ce8378f998737edd6ed8b6c4f45413fa39f397b60a163
8fb2aa89f6019fd3dd7f3690c99ae355c8c5b69cfdfa3cec07ceefcee59b293b
90148091592b65c71378d6b4e65fdfdc3d870c8754fb8f83f7c33ab771488808
90ea7ba6aad2b8b419d80b83c476e1fbe366622520507ca3bc220b9708905ab7
95ada40bfc5d4e78b4c5e00d152326be204b4f5e0b0c58661937e7d701a1b51f
9a86c119bda8f4d1d296671a10599893ae222c757a48c547242710ba4c903483
9aae8dacafa5856ab91d8632a1a45d7034bc2e538cf52837fe1a8973c2f44177
9ac54d88b287834c99569e9f5e39c1bf87303abf3dead128f20b88e971b783f6
9b72dd7e2a01859f433e7aee18008c9b522f0b2e0396d5656edd9fb29a305cdb
9c482872445c864da94bad5ace510b7ac3670c31e49830736c920bd4a676033f
a04dedbcaf16c5b0c3cb14f698c571f26a66d77de964d5e9704e2ba1a4f6724b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e44e6f90a843c471084a47ad33fbd4e6bd1e0a39b7f690ebfab937c141c092
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a40cb4a686ad6a3406309564a4c070c7966ae4f105d861d2aa5df75fcf926d37
a499a155cc9b5c460650f7aa7adbe293d1c615c214bcd99a8eb940981fb9d40b
aa15937822be183f506f72f8dcbe9ac3fae76a568bd3e90a587ea040c226ceaf
ae9a4cb28029fecf8f9a50d23d19dc51186f14880768528c8541807615d34327
b05cd38e97f33c84092d4d31c3e0427d5d86ac8f48f0c102678d5704bb4891ba
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b291c3f636f6239c0337b11ce21c7f69ca8858dad82c6403f051b85399ae210f
b388addf9c8ba4bc2852132727bd9df68c99db7ca97d22fdb18ad2a426d02a5b
b3ebbbe85b5d4f669e77027e042e5e8f57044c52a1ff8600b20f5c12a55092b7
b5d557e67b740512e3c68e02d79526f1d7b05aa738450eae084a38db1ef8beaf
b5d9b19a76406ec4dabaa0cd78e52c7e7ae59fdf7bacb434c3640171c1024bb4
b640b9af1e6fa5c035c168701d2c1f5a02f371352cca208fefded3ddea443b6a
b7a580835e59bad7481527ebaf08ca3a959177c48c63d60ef5cdb2e12e8f470e
b98d4ecc129cf6bff775d789e04d479a9b3117820e77d01ebd645fb5179ec494
b9fd4aebf92b3fcaccabb2b38e14c4c9a0eeab59b00625ca684fd2bffae38f2f
ba2ad3ab1a3bc76b2d09ae1becfd7e6bd9d868eecc6af4d2fed12915d1d77315
bbf81561c83bed63934df4870bfe8861e1c650f74867f54b56c753bbb817208d
bca111d2b10d27e08e1852791a85aa63191b0c51da9ccd42dc227bd6dc07adf4
bee86007469e3b5172f2a232741c097f91e84646cb71e18eddd98580b7463763
c25407149a8c6d1fb034c5af2d3e00f2d39abc4766125ee810285a22a59f9489
c33c5a16b17878851070e6fcf711b776dcfa0ec67efc145f79aec0cecedbccbc
c4a50fd25a631d8f7a82c275f2d4e33a021aa54352d1839bd11bfbc2fddf8061
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf21bd1a81e1b035cd81e049532efab8247817310f3219c87ecdb212abe3f0ab
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d35acc22772454bdd4b0b2e6bf9a1e163fe7c68bad3d2ec8eabd25c319293efc
d3e0d96bc30946300f11294e99b288dee62a471acd58112bfc24075fe0eaa528
d406a6cab9bdacdbb630437c932d1c38fa7ebbfedccb57b90952610e8b2b2130
d455c5b5be75f97d7855e2cd4648bbfc378cb7726c6aeeb66a3ae0e124d8cdf9
d6e75fe17442d4cbf42eac9c4cbb2282dffbeacfbc26e79e5dd420fd83035096
d7a633af3df203cdc8665871f1e5f5457c3d8611cb4810836ea294bf281bf421
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3336905ba8f2233efb48c3fd4a4bd1f682afed0a4399c8998a1d32c8d7f2d8e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e442e3b7e78c93f1e7440e6ca120b1ab069160e4524fd6e0e6a932762ce32503
e4c1ad179af2d81c199d829d3954de9158810ba92eb7097f57ffdf3d35ba4339
eaf2af2ebcac36dd63d24e607ba06f2644e48894e2e74b3d4f74858a384cceeb
ecc44ea066e591e5c4a6a40b78a52a2d2201e07969af1c671b622cb1117ff8f8
ed9be3ffe9eae79546e1fd2b98558739f75c814778bfbf04442ab618615b5c47
ee25ff7072bb91c1e6eaee9a51a6fa0bbc0f0b6973f1283bed98d15bf3377b7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16e8a90e2ad605c4bc7aeaaeebcb9599109683f1cef3983d836efd792041c92
f224aee42f316c78aedfb5947c6676ab83f1f2f3edc4cefa79c80cc2fb4f0242
f41029cf587197803d0aec6437264abf98ead3769797ef4f1a87677c36637eb1
f48155f11a2ab68fe1544f625c5692d20863eedb6ae86b09d68503c7181e213b
f5eb20011be76794550282c2735d02cae14d625e025370cd627f76a428d53d23
f66894df73715866eab1ce1ef61b102039652edb12e089afd58457a2029fd21a
f9048a9793b31701e9a90d37f03b7b74d4ec97f07498913582d69e804ce454c4
f96725b06253823ea61d79ddba3108d33a4f59c3b5154e695833d4036a7ef23d
fb6f3becd5ccb301b3912eb991c7e25dfd38d1c56c4590edcecce8309db0c85a
fbd3a1f0d2ceb7b0416c62e29e932c1d774dcd45e0f35857d1aa1415b2bf8b97
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf