www.bleepingcomputer.com Open in urlscan Pro
104.20.59.209 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://us7.mailchimp.com/mctx/clicks?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-att...
Effective URL:
https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Submission: On February 21 via manual (February 21st 2020, 5:38:52 pm UTC) from US

Summary HTTP 731 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 53 IPs in 6 countries across 41 domains to perform 731 HTTP transactions. The main IP is 104.20.59.209, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bleepingcomputer.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on May 12th 2018. Valid for: 2 years.

This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	23.67.139.111 23.67.139.111	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.20.59.209 104.20.59.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE)
32	104.26.12.6 104.26.12.6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:825::2008	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:20:... 2606:4700:20::681a:18b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.79.175.86 178.79.175.86	63949 (LINODE-AP...) (LINODE-AP Linode)
4	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:d800:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:205... 2600:9000:2057:b800:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.210.250.213 23.210.250.213	16625 (AKAMAI-AS) (AKAMAI-AS)
1	50.16.134.22 50.16.134.22	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:205... 2600:9000:2057:f400:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.202.95 143.204.202.95	16509 (AMAZON-02) (AMAZON-02)
3	35.188.71.214 35.188.71.214	15169 (GOOGLE) (GOOGLE)
1	13.35.253.24 13.35.253.24	16509 (AMAZON-02) (AMAZON-02)
4	216.58.207.66 216.58.207.66	15169 (GOOGLE) (GOOGLE)
3	99.86.0.120 99.86.0.120	16509 (AMAZON-02) (AMAZON-02)
3	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
4	52.54.227.62 52.54.227.62	14618 (AMAZON-AES) (AMAZON-AES)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
61	2a02:fa8:8806... 2a02:fa8:8806:16::1460	41041 (VCLK-EU-) (VCLK-EU-)
122	185.33.223.83 185.33.223.83	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2600:1f18:612... 2600:1f18:612b:4264:cb60:d229:2b7e:6919	14618 (AMAZON-AES) (AMAZON-AES)
16	52.21.193.116 52.21.193.116	14618 (AMAZON-AES) (AMAZON-AES)
2 4	104.124.133.20 104.124.133.20	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.35.253.87 13.35.253.87	16509 (AMAZON-02) (AMAZON-02)
1	34.225.196.22 34.225.196.22	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
2	151.101.13.140 151.101.13.140	54113 (FASTLY) (FASTLY)
59	52.49.142.168 52.49.142.168	16509 (AMAZON-02) (AMAZON-02)
59	69.16.175.10 69.16.175.10	20446 (HIGHWINDS3) (HIGHWINDS3)
7	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
59	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
7	35.226.36.58 35.226.36.58	15169 (GOOGLE) (GOOGLE)
1	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
58	52.18.86.70 52.18.86.70	16509 (AMAZON-02) (AMAZON-02)
1	143.204.202.117 143.204.202.117	16509 (AMAZON-02) (AMAZON-02)
57	54.171.158.217 54.171.158.217	16509 (AMAZON-02) (AMAZON-02)
1 2	52.57.79.171 52.57.79.171	16509 (AMAZON-02) (AMAZON-02)
1	23.210.249.92 23.210.249.92	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.210.249.83 23.210.249.83	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.37.55.184 23.37.55.184	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
56	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
731	53

1 23.67.139.111 (Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-67-139-111.deploy.static.akamaitechnologies.com

us7.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.59.209 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bleepingcomputer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 104.26.12.6 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bleepstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdns.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ck.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s9.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:18b (United States)

ASN13335 (CLOUDFLARENET, US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.175.86 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-178-79-175-86.london.nodebalancer.linode.com

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:d800:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:b800:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.250.213 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-213.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.16.134.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-134-22.compute-1.amazonaws.com

core.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:f400:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.95 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-95.fra53.r.cloudfront.net

api.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.188.71.214 (United States)

ASN15169 (GOOGLE, US)
PTR: 214.71.188.35.bc.googleusercontent.com

d.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.24 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-24.fra6.r.cloudfront.net

freestar-io.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.0.120 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-0-120.fra6.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.54.227.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-227-62.compute-1.amazonaws.com

rtb.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 2a02:fa8:8806:16::1460 (Sweden)

ASN41041 (VCLK-EU-, SE)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

122 185.33.223.83 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:612b:4264:cb60:d229:2b7e:6919 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

slckg-phfiv.ads.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.21.193.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-193-116.compute-1.amazonaws.com

trk.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.124.133.20 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-124-133-20.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.253.87 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-87.fra6.r.cloudfront.net

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.196.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-196-22.compute-1.amazonaws.com

cluster-na.cdnjquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 52.49.142.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com

vid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 69.16.175.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)

cdn-ssl.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.226.36.58 (United States)

ASN15169 (GOOGLE, US)
PTR: 58.36.226.35.bc.googleusercontent.com

c.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 52.18.86.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com

bc-rtb-dub.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.117 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-117.fra53.r.cloudfront.net

audit.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 54.171.158.217 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com

vid-io.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.79.171 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-79-171.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.92 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-92.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.83 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-83.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.55.184 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-55-184.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
freestar-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
233	springserve.com vid.springserve.com vpaid.springserve.com bc-rtb-dub.springserve.com vid-io.springserve.com	6 MB
123	adnxs.com ib.adnxs.com acdn.adnxs.com	119 KB
61	dotomi.com web.hb.ad.cpe.dotomi.com	21 KB
59	vidible.tv cdn-ssl.vidible.tv	457 KB
56	sonobi.com apex.go.sonobi.com Failed	34 KB
32	bleepstatic.com www.bleepstatic.com	280 KB
31	connatix.com cdn.connatix.com cdns.connatix.com ck.connatix.com core.connatix.com rtb.connatix.com i.connatix.com trk.connatix.com	665 KB
12	pub.network a.pub.network d.pub.network prebid.pub.network Failed c.pub.network	225 KB
9	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	121 KB
7	doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net ad.doubleclick.net	121 KB
6	consensu.org quantcast.mgr.consensu.org static.quantcast.mgr.consensu.org vendorlist.consensu.org api.quantcast.mgr.consensu.org audit.quantcast.mgr.consensu.org	140 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com	4 KB
4	gstatic.com fonts.gstatic.com	44 KB
3	tremorhub.com slckg-phfiv.ads.tremorhub.com	3 KB
3	openx.net freestar-d.openx.net Failed u.openx.net	728 B
3	fastly.net confiant-integrations.global.ssl.fastly.net	82 KB
3	amazon-adsystem.com c.amazon-adsystem.com	29 KB
3	googletagservices.com www.googletagservices.com	68 KB
3	addthis.com s9.addthis.com s7.addthis.com	189 KB
3	google.com 1 redirects www.google.com cse.google.com adservice.google.com	2 KB
2	reddit.com www.reddit.com	928 B
2	facebook.com graph.facebook.com	1023 B
2	ad-delivery.net ad-delivery.net	1 KB
2	3lift.com tlx.3lift.com Failed eb2.3lift.com	310 B
2	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	122 B
2	google-analytics.com www.google-analytics.com	18 KB
1	cdnjquery.com cluster-na.cdnjquery.com	356 B
1	districtm.io dmx.districtm.io Failed cdn.districtm.io
1	rubiconproject.com fastlane.rubiconproject.com Failed eus.rubiconproject.com
1	videoplayerhub.com freestar-io.videoplayerhub.com	25 KB
1	addthisedge.com v1.addthisedge.com	855 B
1	moatads.com z.moatads.com	1 KB
1	google.de adservice.google.de	171 B
1	analysis.fi ecdn.analysis.fi	2 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	bleepingcomputer.com www.bleepingcomputer.com	15 KB
1	mailchimp.com 1 redirects us7.mailchimp.com	2 KB
0	advertising.com Failed adserver-us.adtech.advertising.com Failed
0	casalemedia.com Failed as-sec.casalemedia.com Failed
0	sharethrough.com Failed btlr.sharethrough.com Failed
731	41

	Domain	Requested by
122	ib.adnxs.com	a.pub.network vpaid.springserve.com
61	web.hb.ad.cpe.dotomi.com	a.pub.network vpaid.springserve.com
59	cdn-ssl.vidible.tv	vpaid.springserve.com
59	vpaid.springserve.com	cdns.connatix.com
59	vid.springserve.com	cdns.connatix.com
58	bc-rtb-dub.springserve.com	vpaid.springserve.com
57	vid-io.springserve.com	vpaid.springserve.com
56	apex.go.sonobi.com	vpaid.springserve.com
32	www.bleepstatic.com	www.bleepingcomputer.com cdn.connatix.com www.bleepstatic.com
16	trk.connatix.com	www.bleepingcomputer.com
7	c.pub.network	a.pub.network
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net confiant-integrations.global.ssl.fastly.net
7	i.connatix.com	www.bleepingcomputer.com
4	sb.scorecardresearch.com	2 redirects www.bleepingcomputer.com
4	rtb.connatix.com	cdns.connatix.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.bleepingcomputer.com
4	fonts.gstatic.com	cdn.connatix.com www.bleepstatic.com
3	slckg-phfiv.ads.tremorhub.com	cdns.connatix.com
3	confiant-integrations.global.ssl.fastly.net	a.pub.network confiant-integrations.global.ssl.fastly.net
3	c.amazon-adsystem.com	a.pub.network c.amazon-adsystem.com
3	d.pub.network	a.pub.network
3	www.googletagservices.com	pagead2.googlesyndication.com a.pub.network www.bleepingcomputer.com
2	u.openx.net	1 redirects a.pub.network
2	eb2.3lift.com	1 redirects a.pub.network
2	www.reddit.com	s9.addthis.com
2	graph.facebook.com	s9.addthis.com
2	ad-delivery.net	freestar-io.videoplayerhub.com www.bleepingcomputer.com
2	s7.addthis.com	s9.addthis.com
2	static.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.bleepingcomputer.com
2	a.pub.network	www.bleepingcomputer.com a.pub.network
2	pagead2.googlesyndication.com	www.bleepingcomputer.com pagead2.googlesyndication.com
1	eus.rubiconproject.com	a.pub.network
1	cdn.districtm.io	a.pub.network
1	acdn.adnxs.com	a.pub.network
1	ads.pubmatic.com	a.pub.network
1	audit.quantcast.mgr.consensu.org	static.quantcast.mgr.consensu.org
1	ad.doubleclick.net	www.bleepingcomputer.com
1	cluster-na.cdnjquery.com	freestar-io.videoplayerhub.com
1	freestar-d.openx.net	a.pub.network
1	hbopenbid.pubmatic.com	a.pub.network
1	freestar-io.videoplayerhub.com	a.pub.network
1	api.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	vendorlist.consensu.org	quantcast.mgr.consensu.org
1	core.connatix.com	cdns.connatix.com
1	v1.addthisedge.com	s9.addthis.com
1	z.moatads.com	s9.addthis.com
1	ck.connatix.com	cdns.connatix.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	quantcast.mgr.consensu.org	www.bleepstatic.com
1	cdns.connatix.com	cdn.connatix.com
1	ecdn.analysis.fi	www.bleepingcomputer.com
1	s9.addthis.com	www.bleepingcomputer.com
1	cse.google.com	www.bleepingcomputer.com
1	www.google.com	1 redirects
1	www.googletagmanager.com	www.bleepingcomputer.com
1	cdn.connatix.com	www.bleepingcomputer.com
1	fonts.googleapis.com	www.bleepingcomputer.com
1	www.bleepingcomputer.com
1	us7.mailchimp.com	1 redirects
0	dmx.districtm.io Failed	a.pub.network
0	adserver-us.adtech.advertising.com Failed	a.pub.network
0	tlx.3lift.com Failed	a.pub.network
0	as-sec.casalemedia.com Failed	a.pub.network
0	fastlane.rubiconproject.com Failed	a.pub.network
0	btlr.sharethrough.com Failed	a.pub.network
0	prebid.pub.network Failed	a.pub.network
731	69

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
deals.bleepingcomputer.com
connatix.com
www.virustotal.com

Subject Issuer	Validity	Valid
bleepingcomputer.com COMODO RSA Domain Validation Secure Server CA	`2018-05-12` - `2020-05-17`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-11` - `2020-10-09`	a year	crt.sh
j3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-02-20` - `2021-01-14`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2020-09-04`	a year	crt.sh
*.analysis.fi Sectigo RSA Domain Validation Secure Server CA	`2019-06-13` - `2020-06-12`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2019-05-06` - `2020-06-06`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.connatix.com Amazon	`2019-10-19` - `2020-11-19`	a year	crt.sh
vendorlist.consensu.org Amazon	`2020-02-07` - `2021-03-07`	a year	crt.sh
*.pub.network Go Daddy Secure Certificate Authority - G2	`2019-02-09` - `2020-05-16`	a year	crt.sh
*.videoplayerhub.com Amazon	`2019-07-18` - `2020-08-18`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-12-18` - `2020-12-18`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-10-16` - `2020-05-25`	7 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.tremorhub.com Amazon	`2019-08-22` - `2020-09-22`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
ad-delivery.net Amazon	`2019-03-07` - `2020-04-07`	a year	crt.sh
*.assetbucket.net Amazon	`2019-09-11` - `2020-10-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2018-08-17` - `2020-09-02`	2 years	crt.sh
*.springserve.com Amazon	`2020-01-21` - `2021-02-21`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
cdn-ycs.vidible.tv DigiCert SHA2 High Assurance Server CA	`2020-01-30` - `2020-07-28`	6 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
districtm.io CloudFlare Inc ECC CA-2	`2019-03-26` - `2020-03-26`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2019-02-01` - `2021-02-04`	2 years	crt.sh

This page contains 77 frames:

Primary Page: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Frame ID: 692E161A68398B2E8329E38CFAB3E402
Requests: 165 HTTP requests in this frame

Frame: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Frame ID: 2BB64936EADB332079DF67CD30E1FEA8
Requests: 83 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200219/r20190131/zrt_lookup.html
Frame ID: A5971AA87E9252691CB425CDB048DDCA
Requests: 1 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v29/cmp-3pc-check.html
Frame ID: 306570B0C66178CF1ECDD0C807686198
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1582050353&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1582306696187&bpp=4&bdt=284&fdt=135&idt=135&shv=r20200219&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3677340578298&frm=20&pv=2&ga_vid=666705958.1582306696&ga_sid=1582306696&ga_hid=1031337554&ga_fc=0&iag=0&icsg=2199025885184&dssz=44&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064523%2C21065304%2C21065305&oid=3&pvsid=3228714976394348&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=146
Frame ID: 45E6491141812801E495470A6EAB74E6
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: BFC99D53F1671BB79A42D5CC2CEE594E
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 7A288E11E755F1222723271F5469B132
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 904CF54D8B0C9BDC6297BB682AC3C094
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 71E375DF4268685461236DE349C3E842
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 39B73F03ABA85D0B0684CCC0AE0C46AD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 2AE3A88ACF943C04646BD0749DB156AA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVVyC9Oyy-qwi5-9yH_XI1pb_6clFbf0Qzv2rZfd3t-Uak6ot_s7xcBTWTMx5hzbhm0ZXjLRb_LwPaEy8pY32QaC8AhiorC69YTsuKERgRvf8woUwQTdEIzgbDdG6eN5FJlg91F-Nlh3jjghz3lZXfsnzu_NdxiZrsZ_SUx2mx9hAp5-VWDK-7UapD40rpsU09br__FhrPAjCxQGsPLWSx25cwfoU45CJGtgu-d6ONIKZr1TXM6skz-eMXfhxI0avCAmGw_zW_yfZhzxLevCHWtshW-iKWyfFo&sig=Cg0ArKJSzD1uJi08gwWSEAE&urlfix=1&adurl=
Frame ID: B157369B2793846DDF68971A8B9E828D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 47542B2D7062E5137FF9C3002C5E9F1A
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: FC4555FE1EDC4CE2CCE779F54455914E
Requests: 8 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 97A3A8B654584C1755676FCCF8234975
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 71B05EE837B6C4571AA294F8E921BFB2
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 87B26573C45E0E9B703956E33AA1F81A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 896C8B05B3A459633520C0D8443953AD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A482478BD45FE791AF110A3379A84DC5
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=
Frame ID: 262A7A8E2B6191F371F0AF72C5BD70E0
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: DF421B6DB83E222060E46825B0E8F4E6
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 3D6F1BFD0EA93181C788795B26722EC7
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 97963201909231215FB8797B000D075C
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 1F6B8E8599134D280B9970B15CA654B9
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 183C06C19E938B42AB3899AE09804A63
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 800493CC17C05901053EB246629A5A10
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 6DC060C37EAC964E9C9E12C6340D6AF2
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 84D5E6A7943E88D98F85B6B48CCC97D3
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 249E65E8D40FBE0193EED41C011ADBEC
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: A92A88D443E3AD179347CD7A1FD8A69C
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 356701B8253B193DAA5CE87C8F5C2C71
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 736DF672750E693494906DCEC66A62FA
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 9F42E1A636802AE9D4F496C80D159737
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 8B6EC3C0C584C6E247B54CA4785F34E9
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: CDB5651FCDD5BDD73CC145CBEDD303E1
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 734F29A236B39730AAD1408DE282A95D
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: F0DCFA0DC4E96BFE0B190A181C0B5917
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 1D2DC6C10E9D2CF6832B9119BC36F32C
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: A9D20427AA1E887537F560680A55A8CA
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 06C3457ED1E71A4CB73D7B2F9348F097
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: E228C7EB69835E6B627A6FBA0C782D08
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 3A668050C9C801D2B73BEC821AA4F5C4
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 90B8874D89F1D3138933FCAF374B0652
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 3421DE6714D5E767286A1605713B13AA
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 4B9AA6E09DB8F0F3FAEC2FE2A2544073
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 45A8A4484C40FDB2201BDD1FA2659175
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: F772FE102E59044758D8F5F30C1C6C38
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 15272410877AF87EA734695F78FB51A2
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 78D5639A588B214767E8CB230530D4F7
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 60824FF258500372D706A30F0C8BB968
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 5E05D53A6EADE8116523EE4B65947063
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 7CB708CC9D3E92C85823A19660BE617C
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: D45BA2EC1CA2FDFF9C56A39CA8296C66
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 35328DF05B4B6B4A94DD769C061F12CD
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 5446E57D288DBA5716EDCD89D7A192A7
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 11F5391E03708AEFE08A796BD9886768
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: D7ACB0D560D5C6614F55AA1A28F38C63
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 42F8C66AC2FC279223D30337875B5926
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: F311CE86F51AD823A118A6C29663AAE1
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 1D743E651598976A9A4E79767B9A0F24
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 8782E69AAF6B5B2ECDFDE785E30CDC1C
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: BA7A2EBF1926A2818325200B540531CE
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: D7ABF9CC9BF0EDD429A0F12CC8D14204
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 67FB5454935B6569B12E1F802EC6608E
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 6CE298F8C62FFF70CF20A74BFF7D513A
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 666E6A76EE1071D5F5306800FF4BDC5E
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 219BB9F141F665D9BADA4F797852DB47
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 4B32B06D50662714F1E0260D41B684E5
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 99818C825A2AED4C4A38B3C44315D15E
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: DD78D95F2D5377911F0C1F17EE0ED046
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 77CC5A29D3CAB0C9B4AB4E7A68F154E6
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 005413EDCB228C93DF86698D7F749772
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 5F9DE730688D487FB69BC86D4C402F66
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: BF1EF3E4944B14E132B063D58A0B8CD9
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: A745A8329301729A6C033D479871FA8D
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 4F62C72458AB914634E2FB7F87ACF8CC
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Frame ID: 52A6EA6E12B37F0FA203B8ED734F2314
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://us7.mailchimp.com/mctx/clicks?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ft... HTTP 302
https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

731
Requests

92 %
HTTPS

33 %
IPv6

41
Domains

69
Subdomains

53
IPs

6
Countries

8353 kB
Transfer

32031 kB
Size

0
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/BleepingComputer

Search URL Search Domain Scan URL

URL: https://twitter.com/BleepinComputer

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BleepingComputer

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/
Title: Deals

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/deals/elearning?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: eLearning

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/deals/certifications?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: IT Certification Courses

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/deals/gear-gadgets?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: Gear + Gadgets

Search URL Search Domain Scan URL

URL: https://deals.bleepingcomputer.com/collections/tag-cyber-security?utm_source=bleepingcomputer.com&utm_medium=dd_cat
Title: Security

Search URL Search Domain Scan URL

URL: https://twitter.com/malwrhunterteam/status/1228252672475750412
Title: discovered by MalwareHunterTeam

Search URL Search Domain Scan URL

URL: https://connatix.com/
Title: .st0{fill:#FFFFFF;}.st1{fill:#0099FF;}

Search URL Search Domain Scan URL

URL: http://www.virustotal.com/gui/file/a939d7c672de6c9bf67050a83e22cd96f7c5d1f80d6a2492a404875a8d7451b6/detection
Title: 1

Search URL Search Domain Scan URL

URL: http://www.virustotal.com/gui/file/f75480160748779eca6d5d3c5422fb48494e96c2090542f7bff99d4ff01252f6/detection
Title: 2

Search URL Search Domain Scan URL

URL: http://www.virustotal.com/gui/file/daff083981ef3107a16c404c1f4d0388e3452619f7054ab7a17578ea4eb85a2b/detection
Title: 3

Search URL Search Domain Scan URL

URL: http://www.virustotal.com/gui/file/01f4c4a3d550d430be1e613ea31c97799c40cce1c4cf85f43bfecc57d971f7fc/detection
Title: 4

Search URL Search Domain Scan URL

URL: http://www.virustotal.com/gui/file/35c3bc54dcfdf36ea570b4829939fec1e3cd9e45756c9463ab8865ab0b550fbd/detection
Title: 5

Search URL Search Domain Scan URL

URL: http://www.virustotal.com/gui/file/092f6cfb26d34f6cd037631618f4cbdc5d77b9db1d41774c4ad1c42fa0a26b89/detection
Title: 6

Search URL Search Domain Scan URL

URL: http://www.virustotal.com/gui/file/0c263468101a161376543cc3d742e9800f11299871d047ec13c9223d250c76c0/detection
Title: Messer LLC.slk

Search URL Search Domain Scan URL

URL: https://twitter.com/LawrenceAbrams

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://us7.mailchimp.com/mctx/clicks?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&h=d95003584b4da424234593fa955175370a063f98d1b90418a8843626e5c5a230&v=1&xid=aa051d9a97&uid=108928914&pool=&subject= HTTP 302
https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 302
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en

Request Chain 131

https://sb.scorecardresearch.com/p?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1582306696830&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=30000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_639404&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1582306696831&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=1&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&c8=&c9=&cs_ucfr=0 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1582306696830&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=30000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_639404&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1582306696831&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=1&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&c8=&c9=&cs_ucfr=0

Request Chain 148

https://sb.scorecardresearch.com/p?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1582306696830&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=1236&ns_st_cl=30000&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_639404&ns_st_pt=1236&ns_st_dpt=1236&ns_st_ipt=1236&ns_st_et=1236&ns_st_det=1236&ns_st_upc=1236&ns_st_dupc=1236&ns_st_iupc=1236&ns_st_upa=1236&ns_st_dupa=1236&ns_st_iupa=1236&ns_st_lpc=1236&ns_st_dlpc=1236&ns_st_lpa=1236&ns_st_dlpa=1236&ns_st_pa=1236&ns_ts=1582306698067&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&c8=&c9=&cs_ucfr=0 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1582306696830&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=1236&ns_st_cl=30000&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_639404&ns_st_pt=1236&ns_st_dpt=1236&ns_st_ipt=1236&ns_st_et=1236&ns_st_det=1236&ns_st_upc=1236&ns_st_dupc=1236&ns_st_iupc=1236&ns_st_upa=1236&ns_st_dupa=1236&ns_st_iupa=1236&ns_st_lpc=1236&ns_st_dlpc=1236&ns_st_lpa=1236&ns_st_dlpa=1236&ns_st_pa=1236&ns_ts=1582306698067&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&c8=&c9=&cs_ucfr=0

Request Chain 177

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 182

https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent= HTTP 302
https://u.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=

731 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Redirect Chain

https://us7.mailchimp.com/mctx/clicks?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&h=d95003584b4da424234593fa95517...
https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

69 KB
15 KB

693ms
646ms

Document
text/html

104.20.59.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.59.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00036659b9582555aa0a8cf2358984030c682b5045bcd4d2d74fe765b29e5758

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.bleepingcomputer.com
:scheme: https
:path: /news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Fri, 21 Feb 2020 17:38:15 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d56010c33ee0652afcac1735513326fac1582306695; expires=Sun, 22-Mar-20 17:38:15 GMT; path=/; domain=.bleepingcomputer.com; HttpOnly; SameSite=Lax; Secure session_id=8b28f2b79e2d9eb8a24a49edc08a0c6d; path=/; domain=.bleepingcomputer.com; httponly;Secure lav=7771; expires=Sun, 22-Mar-2020 17:38:15 GMT; Max-Age=2592000; path=/;Secure
content-security-policy: upgrade-insecure-requests;
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
last-modified: Tue, 18 Feb 2020 18:25:53 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 568a7e2d6996c779-AMS
content-encoding: br

Redirect headers

status: 302
server: openresty
content-type: text/html; charset=UTF-8
content-length: 20
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-ua-compatible: IE=edge,chrome=1
location: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 21 Feb 2020 17:38:15 GMT
set-cookie: _AVESTA_ENVIRONMENT=prod; path=/ PHPSESSID=6a96532c55a504b9f9cf6ea536463fcb; expires=Fri, 21-Feb-2020 18:02:15 GMT; Max-Age=1440; path=/; secure; HttpOnly _mcid=1.4b88d57a7a9838537fa3bd4670b6bee3.80971c64bcd56bad87ce59c0a517117732211810d504d67b8639f72490a2989d; expires=Sat, 20-Feb-2021 17:38:15 GMT; Max-Age=31536000; path=/; domain=.mailchimp.com PHPSESSDATA=8ff1b4df38c9aa12c08cf1d06f526a23b48e7ddc%3A1582308135%3AeNoDAAAAAAE%3D; expires=Fri, 21-Feb-2020 18:02:15 GMT; Max-Age=1440; path=/; domain=us7.mailchimp.com; secure; HttpOnly ak_bmsc=0C1941223120EEEB7B18E14B36F35EE10210B5060C3C00008715505EFB7DA41C~plCBU8jtEPJGlCG4fUbnSumBX0z96FhY0uuLSvlsafL20L0zQ2B5eIuNGNNAQgVFKAuRKA1mMah5tDY72ySYH4/TXG9CgrUzU3PkxJw/lKPQ3L9zUNxGB2gutqEv0d645q9Ut+SYry0YWfn0LJyKS8V0eI6nKIG37DFvVATNpqjZEsVMZ3ctqh14XAb3A8jDgrCQvD1RJd6OOjizVKf+toa2cBty0Gd0URm9U+7SSdJS0=; expires=Fri, 21 Feb 2020 19:38:15 GMT; max-age=7200; path=/; domain=.mailchimp.com; HttpOnly bm_sz=53B5A46A7C2F6D1624DA375B5D5456AE~YAAQBrUQAueCBmBwAQAAGxjUaAY3jlpfmHcnlfpjl9gxbLvXi1UA2FQ0o7SyL5jw0gNKa3lB7Jd7HohTLUgUo8WZKJddtYW+4D54Hg979wCCOiWIAN3SbDx4bPALJuHUfz3kFtaFIjUQn5cxCUfzj42V/EtUyhPbne+ENcSFdWdeSoQsL1bPGdm5bSvCEgJwKi9h; Domain=.mailchimp.com; Path=/; Expires=Fri, 21 Feb 2020 21:38:15 GMT; Max-Age=14400; HttpOnly _abck=0DA883A0312AE76794FEC67F8F944D92~-1~YAAQBrUQAuiCBmBwAQAAGxjUaAMvIGRJVHw5iqDiC4PUzKMhV6dIZVz3Z5OTQOYa165aXpqaf4lfb9+bMyrEq+fe30/rz65O7QFwMtM1cL5So+RxawUo/5/1h7xNj0jzP9YPhFp4HPaT1n+9F+dThlSfBWhNZ+Vb/wIqP4k1y8j20fmOq8hGlH0Wo16HVX1I2tRGR2Q1iAZhaip1s1R7qkeouvOsvnA7cMgNm0sm2F7S9w2WPELPfYqJzmasBD3F90qzxyq6lXJBpDAG0tP2rHAGKFGuc02TpSb2/3UOnjaAMcLqO3i/sidtfVrL~-1~-1~-1; Domain=.mailchimp.com; Path=/; Expires=Sat, 20 Feb 2021 17:38:15 GMT; Max-Age=31536000; Secure

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dda7ea92135dcf21660d4d79391d303fc38f6a6524ae74bbe2986f1d2e990d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Feb 2020 17:38:15 GMT
server: ESF
date: Fri, 21 Feb 2020 17:38:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Feb 2020 17:38:15 GMT

GET
H2 200 bootstrap.css
www.bleepstatic.com/css/redesign/ 111 KB
17 KB 145ms
60ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/bootstrap.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 408
cf-polished: origSize=137522
status: 200
cf-bgj: minify
last-modified: Fri, 23 Sep 2016 14:33:06 GMT
server: cloudflare
etag: W/"2184297232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 568a7e31f820d92d-AMS
expires: Thu, 12 Dec 2019 03:43:51 GMT

GET
H2 200 main.css
www.bleepstatic.com/css/redesign/ 51 KB
10 KB 117ms
32ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9e727b37a735a7983ea8bdad06a38b246261c239bb80b86cc0ff3663c910adb

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 7042
cf-polished: origSize=60842
status: 200
cf-bgj: minify
last-modified: Thu, 16 Aug 2018 15:28:40 GMT
server: cloudflare
etag: W/"4249134023"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 568a7e31f823d92d-AMS
expires: Sun, 03 Nov 2019 05:26:10 GMT

GET
H2 200 home.css
www.bleepstatic.com/css/redesign/ 12 KB
3 KB 119ms
34ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/home.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 6102
cf-polished: origSize=14998
status: 200
cf-bgj: minify
last-modified: Sat, 24 Mar 2018 16:18:00 GMT
server: cloudflare
etag: W/"2402535603"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 568a7e31f827d92d-AMS
expires: Wed, 27 Mar 2019 21:45:08 GMT

GET
H2 200 news.css
www.bleepstatic.com/css/redesign/ 27 KB
5 KB 130ms
46ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/news.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d44b93a0af159f0d547d7ec89e9227a5667ce1171bc630e6fbf79dae0e596e2d

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 4529
cf-polished: origSize=32905
status: 200
cf-bgj: minify
last-modified: Tue, 26 Nov 2019 02:56:16 GMT
server: cloudflare
etag: W/"400467278"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 568a7e31f826d92d-AMS
expires: Thu, 09 Jan 2020 10:58:56 GMT

GET
H2 200 jquery-1.11.1.min.js Show response
www.bleepstatic.com/js/redesign/ 94 KB
32 KB 132ms
47ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/jquery-1.11.1.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Apr 2015 12:36:44 GMT
server: cloudflare
age: 319
etag: W/"3647451394"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=3024000
cf-ray: 568a7e31f82ad92d-AMS
access-control-allow-origin: *
expires: Tue, 10 Dec 2019 08:09:38 GMT

GET
H2 200 news.js Show response
www.bleepstatic.com/js/redesign/ 183 B
250 B 119ms
35ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/news.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 4529
cf-polished: origSize=247
status: 200
cf-bgj: minify
last-modified: Wed, 16 Dec 2015 15:41:46 GMT
server: cloudflare
etag: W/"4218930423"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 568a7e31f82dd92d-AMS
expires: Wed, 11 Dec 2019 05:46:52 GMT

GET
H2 200 connatix.renderer.infeed.min.js Show response
cdn.connatix.com/min/ 957 B
1 KB 83ms
21ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: c04e801c7134d872e0d41c00348c6ee4806f4a86027ec10e6787e502bfba0063

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:15 GMT
via: 1.1 varnish
server: Varnish
age: 0
x-cache: HIT
content-type: application/javascript
status: 200
x-referer-host: bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-cache-hits: 0
accept-ranges: bytes
x-timer: S1582306696.979291,VS0,VE0
content-length: 957
retry-after: 0
x-served-by: cache-hhn4062-HHN

GET
H2 200 qc-consent.js Show response
www.bleepstatic.com/js/qc-consent/ 3 KB
1 KB 65ms
64ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b6a84a416edfb98ed7608dad8cd26ffd7123e54bce2bb13a4a3394e0b948382

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 728471
cf-polished: origSize=3848
status: 200
cf-bgj: minify
last-modified: Thu, 07 Feb 2019 13:49:44 GMT
server: cloudflare
etag: W/"3981350888"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 568a7e31f82ed92d-AMS
expires: Thu, 19 Mar 2020 07:17:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-91740-1

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

01ed5024d3b2067a5f268cd76d0d521f482879188c26cc6d809ec8cb2f069c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28487
x-xss-protection: 0
last-modified: Fri, 21 Feb 2020 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Feb 2020 17:38:16 GMT

GET
H2 200 logo.png
www.bleepstatic.com/images/site/ 1 KB
1 KB 25ms
23ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/logo.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
cf-cache-status: HIT
age: 158781
cf-polished: origFmt=png, origSize=1882
status: 200
content-disposition: inline; filename="logo.webp"
cf-bgj: imgq:85
content-length: 1152
last-modified: Sat, 04 Mar 2017 04:12:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 568a7e3279d0d92d-AMS
expires: Fri, 20 Mar 2020 21:31:55 GMT

GET
H2

200

brand Show response
cse.google.com/coop/cse/
Redirect Chain

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en

3 KB
2 KB

19ms
6ms

Script
text/javascript

2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

pfe /

Resource Hash

4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 21 Feb 2020 17:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: pfe
age: 1302
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1181
x-xss-protection: 0
expires: Fri, 21 Feb 2020 17:46:34 GMT

Redirect headers

date: Fri, 21 Feb 2020 17:38:16 GMT
x-content-type-options: nosniff
server: sffe
location: https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 266
x-xss-protection: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 106 KB
38 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b98f6a5ce66e34aa8219d1208b3534ccb4850e5b530390c7e757ecd62a8e733b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38660
x-xss-protection: 0
server: cafe
etag: 1699192081238138211
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 21 Feb 2020 17:38:16 GMT

GET
H2 200 twitter.png
www.bleepstatic.com/images/site/login/ 282 B
579 B 25ms
23ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/login/twitter.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
cf-cache-status: HIT
age: 154294
cf-polished: origFmt=png, origSize=475
status: 200
content-disposition: inline; filename="twitter.webp"
cf-bgj: imgq:85
content-length: 282
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 568a7e3279d4d92d-AMS
expires: Fri, 20 Mar 2020 22:46:42 GMT

GET
H2 200 bootstrap.js Show response
www.bleepstatic.com/js/redesign/ 44 KB
10 KB 30ms
28ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/bootstrap.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 185
cf-polished: origSize=65813
status: 200
cf-bgj: minify
last-modified: Thu, 23 Apr 2015 12:36:43 GMT
server: cloudflare
etag: W/"3930092018"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 568a7e3279d7d92d-AMS
expires: Tue, 10 Dec 2019 08:11:55 GMT

GET
H2 200 blazy.min.js Show response
www.bleepstatic.com/js/blazy/ 5 KB
2 KB 32ms
31ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/blazy/blazy.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Aug 2018 21:06:19 GMT
server: cloudflare
age: 319
etag: W/"753357888"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=3024000
cf-ray: 568a7e3238f1d92d-AMS
access-control-allow-origin: *
expires: Thu, 28 Mar 2019 08:32:18 GMT

GET
H2 200 bleep.js Show response
www.bleepstatic.com/js/redesign/ 3 KB
779 B 27ms
26ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/bleep.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 1284849
cf-polished: origSize=3600
status: 200
cf-bgj: minify
last-modified: Mon, 01 Oct 2018 12:47:57 GMT
server: cloudflare
etag: W/"2696894447"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 568a7e3279d9d92d-AMS
expires: Thu, 12 Mar 2020 20:44:07 GMT

GET
H2 200 jquery.fancybox.js Show response
www.bleepstatic.com/js/redesign/fancybox/ 31 KB
9 KB 26ms
25ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 1265699
cf-polished: origSize=48706
status: 200
cf-bgj: minify
last-modified: Wed, 14 Oct 2015 20:25:51 GMT
server: cloudflare
etag: W/"327140449"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 568a7e3279dcd92d-AMS
expires: Fri, 13 Mar 2020 02:03:17 GMT

GET
H2 200 fixto.min.js Show response
www.bleepstatic.com/js/fixto/ 8 KB
3 KB 29ms
28ms Script
text/javascript 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 13 Jun 2015 21:34:42 GMT
server: cloudflare
age: 1185
etag: W/"1740214911"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: max-age=3024000
cf-ray: 568a7e3279ccd92d-AMS
access-control-allow-origin: *
expires: Wed, 11 Dec 2019 05:46:52 GMT

GET
H2 200 addthis_widget.js Show response
s9.addthis.com/js/300/ 349 KB
113 KB 85ms
32ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s9.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 21 Jan 2020 20:57:37 GMT
server: nginx/1.15.8
etag: "5e2765c1-57446"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Fri, 21 Feb 2020 17:38:16 GMT
x-host: s9.addthis.com
content-length: 114924

GET
H2 200 pubfig.min.js Show response
a.pub.network/bleepingcomputer-com/ 438 KB
117 KB 355ms
326ms Script
application/javascript 2606:4700:20::681a:18b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 447feed7ecdb9ff0a9d1989b533a8be53b4cad398d6e428dc271de64956e0c95

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 43
status: 200
x-guploader-uploadid: AEnB2UolUXfgJfr_B0tXvCuW0PNgWTvmeB4-zJnYhx8V884K__CCpDyuNVs6n7r7DHnwTSzRgPv6tfABvmqhI_aHwy14kqjDbA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Fri, 14 Feb 2020 16:42:47 GMT
server: cloudflare
etag: W/"8a09cb84f790f774960c0ff22e558250"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=9J1TzA==, md5=ignLhPeQ93SWDA/yLlWCUA==
content-type: application/javascript
x-goog-generation: 1581698567600045
cache-control: public, max-age=1800
x-goog-stored-content-length: 448740
cf-ray: 568a7e329d42c2a4-FRA
expires: Fri, 21 Feb 2020 17:38:33 GMT

GET
H/1.1 200
OK fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
2 KB 3367ms
21ms Script
application/javascript 178.79.175.86
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.79.175.86 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-178-79-175-86.london.nodebalancer.linode.com
Software: nginx/1.12.2 /
Resource Hash: affd87461f2babd57a2f7aec75e9193e8e71a377e8249a02c95a5f43326e289e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 21 Feb 2020 17:37:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jul 2015 00:00:00 GMT
Server: nginx/1.12.2
ETag: "55a5a280-560"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: close
Content-Length: 1376
Expires: Fri, 21 Feb 2020 18:37:41 GMT

GET
H2 200 login_bg.png
www.bleepstatic.com/images/site/ 126 B
376 B 35ms
35ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/login_bg.png
Requested by: Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
cf-cache-status: HIT
age: 150054
cf-polished: origFmt=png, origSize=187
status: 200
content-disposition: inline; filename="login_bg.webp"
cf-bgj: imgq:85
content-length: 126
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 568a7e3289ead92d-AMS
expires: Fri, 20 Mar 2020 23:57:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 19:10:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 2500065
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Fri, 22 Jan 2021 19:10:31 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 18 Jan 2020 01:07:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 2997026
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 0
expires: Sun, 17 Jan 2021 01:07:50 GMT

GET
H2 200 connatix.renderer.infeed.min_dc.js Show response
cdns.connatix.com/p/1899/min/ Frame 2BB6 723 KB
189 KB 33ms
21ms Script
application/x-javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Requested by: Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4719d610d09328651636e3798841131926090fb0250fe1537aa9b12be332a42b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: gzip
age: 92887
x-cache: HIT, HIT
status: 200
content-length: 193700
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-dca17748-DCA, cache-hhn4062-HHN
last-modified: Thu, 20 Feb 2020 15:49:10 GMT
x-timer: S1582306696.098173,VS0,VE0
etag: "2f9f89cdf1a786d52d7516fa900c99d1"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31557600
accept-ranges: bytes
x-cache-hits: 1, 32458

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 cmp.js Show response
quantcast.mgr.consensu.org/ 223 KB
60 KB 37ms
22ms Script
text/javascript 2600:9000:2057:d800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/cmp.js
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:d800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a59183305b5edc165b30e0a9dd7d12e23c07aa0706c8a6e0bea700b772921067

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: gzip
last-modified: Wed, 05 Feb 2020 23:13:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-meta-qc-ineu: True
x-amz-cf-id: QjwCjS3hXkxWaVlIvViMO2uRJkKbxqMLiLBhZ3UjmmIajSUQrckthQ==
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)

GET
H2 200 nav_bg.png
www.bleepstatic.com/images/site/ 72 B
234 B 34ms
33ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/nav_bg.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/qc-consent/qc-consent.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
cf-cache-status: HIT
age: 156514
cf-polished: origFmt=png, origSize=83
status: 200
content-disposition: inline; filename="nav_bg.webp"
cf-bgj: imgq:85
content-length: 72
last-modified: Sat, 04 Mar 2017 07:57:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 568a7e329a22d92d-AMS
expires: Fri, 20 Mar 2020 22:09:42 GMT

GET
H2 200 20x20-printer.png
www.bleepstatic.com/images/site/ 422 B
685 B 26ms
26ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/20x20-printer.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
cf-cache-status: HIT
age: 149371
cf-polished: origFmt=png, origSize=824
status: 200
content-disposition: inline; filename="20x20-printer.webp"
cf-bgj: imgq:85
content-length: 422
last-modified: Sat, 03 Oct 2015 03:18:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 568a7e32ba68d92d-AMS
expires: Sat, 21 Mar 2020 00:08:44 GMT

GET
H2 200 calendar.png
www.bleepstatic.com/images/site/ 86 B
271 B 31ms
30ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/calendar.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
cf-cache-status: HIT
age: 151871
cf-polished: origFmt=png, origSize=129
status: 200
content-disposition: inline; filename="calendar.webp"
cf-bgj: imgq:85
content-length: 86
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 568a7e32ba6cd92d-AMS
expires: Fri, 20 Mar 2020 23:27:05 GMT

GET
H2 200 clock.png
www.bleepstatic.com/images/site/ 252 B
522 B 26ms
26ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/clock.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
cf-cache-status: HIT
age: 291436
cf-polished: origFmt=png, origSize=1316
status: 200
content-disposition: inline; filename="clock.webp"
cf-bgj: imgq:85
content-length: 252
last-modified: Fri, 29 May 2015 07:08:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 568a7e32ba72d92d-AMS
expires: Thu, 19 Mar 2020 08:40:59 GMT

GET
H2 200 comment-light.png
www.bleepstatic.com/images/site/ 96 B
264 B 28ms
27ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/comment-light.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e

Request headers

Referer: https://www.bleepstatic.com/css/redesign/news.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
cf-cache-status: HIT
age: 1955110
cf-polished: origFmt=png, origSize=1034
status: 200
content-disposition: inline; filename="comment-light.webp"
cf-bgj: imgq:85
content-length: 96
last-modified: Fri, 29 May 2015 07:08:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 568a7e32ba76d92d-AMS
expires: Sat, 29 Feb 2020 02:33:06 GMT

GET
H2 200 32x32-printer.png
www.bleepstatic.com/images/site/ 256 B
464 B 22ms
21ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/32x32-printer.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
cf-cache-status: HIT
age: 148488
cf-polished: origFmt=png, origSize=618
status: 200
content-disposition: inline; filename="32x32-printer.webp"
cf-bgj: imgq:85
content-length: 256
last-modified: Fri, 02 Oct 2015 21:57:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 568a7e32ba78d92d-AMS
expires: Sat, 21 Mar 2020 00:23:27 GMT

GET
H2 200 21beb902b545b086a90ec39f1df36b94.jpg
www.bleepstatic.com/author/photos/ 7 KB
8 KB 23ms
23ms Image
image/jpeg 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/author/photos/21beb902b545b086a90ec39f1df36b94.jpg
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19e1dbba639ba68ceb71cdada9621e11d0aec6edba410971f1937d6cc4935b32

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
cf-cache-status: HIT
age: 2333018
cf-polished: origSize=7617, status=webp_bigger
status: 200
cf-bgj: imgq:85
content-length: 7581
last-modified: Mon, 26 Oct 2015 17:15:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 568a7e32ba7ad92d-AMS
expires: Mon, 24 Feb 2020 17:34:37 GMT

GET
H2 200 h4-bg.png
www.bleepstatic.com/images/site/ 38 B
200 B 24ms
24ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/h4-bg.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
cf-cache-status: HIT
age: 150826
cf-polished: origFmt=png, origSize=72
status: 200
content-disposition: inline; filename="h4-bg.webp"
cf-bgj: imgq:85
content-length: 38
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 568a7e32ba7ed92d-AMS
expires: Fri, 20 Mar 2020 23:44:30 GMT

GET
H2 200 news_email_icon.png
www.bleepstatic.com/images/site/ 126 B
426 B 30ms
30ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/news_email_icon.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a

Request headers

Referer: https://www.bleepstatic.com/css/redesign/home.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
cf-cache-status: HIT
age: 159527
cf-polished: origFmt=png, origSize=1105
status: 200
content-disposition: inline; filename="news_email_icon.webp"
cf-bgj: imgq:85
content-length: 126
last-modified: Fri, 29 May 2015 07:10:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 568a7e32ba7fd92d-AMS
expires: Fri, 20 Mar 2020 21:19:29 GMT

GET
H2 200 news_footer_icon.png
www.bleepstatic.com/images/site/ 110 B
365 B 27ms
27ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/images/site/news_footer_icon.png
Requested by: Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d

Request headers

Referer: https://www.bleepstatic.com/css/redesign/main.css?v=3.29.17.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
cf-cache-status: HIT
age: 149831
cf-polished: origFmt=png, origSize=186
status: 200
content-disposition: inline; filename="news_footer_icon.webp"
cf-bgj: imgq:85
content-length: 110
last-modified: Sat, 04 Mar 2017 20:46:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 568a7e32ba82d92d-AMS
expires: Sat, 21 Mar 2020 00:01:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 10:12:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 2532361
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11180
x-xss-protection: 0
expires: Fri, 22 Jan 2021 10:12:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/js/fixto/fixto.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 23:33:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 1793077
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11056
x-xss-protection: 0
expires: Sat, 30 Jan 2021 23:33:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 6586
date: Fri, 21 Feb 2020 15:48:30 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Fri, 21 Feb 2020 17:48:30 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.bleepingcomputer.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bleepingcomputer.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200219/r20190131/ 221 KB
83 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200219/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a450a92da271041893a519c9b9e1050b2229f74eb83ca5346e76203456d3691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84526
x-xss-protection: 0
server: cafe
etag: 16542440073614270090
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Feb 2020 17:38:16 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200219/r20190131/ Frame A597 0
0 6ms
5ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200219/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200219/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 20 Feb 2020 01:55:47 GMT
expires: Thu, 05 Mar 2020 01:55:47 GMT
content-type: text/html; charset=UTF-8
etag: 3560819023258359450
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4495
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 142949
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 Phishing3.jpg
www.bleepstatic.com/content/hl-images/2019/10/17/ 40 KB
40 KB 31ms
31ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2019/10/17/Phishing3.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1712e0c26e80483039d612778473f17a79d5a226fafc09d3d8bb129af4faee02

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
cf-cache-status: HIT
age: 80661
cf-polished: qual=85, origFmt=jpeg, origSize=105260
status: 200
content-disposition: inline; filename="Phishing3.webp"
cf-bgj: imgq:85
content-length: 40536
last-modified: Thu, 17 Oct 2019 12:02:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 568a7e335c5dd92d-AMS
expires: Sat, 21 Mar 2020 19:13:54 GMT

GET
H2 200 292x176_Windows_10.png
www.bleepstatic.com/content/hl-images/2019/03/13/thumb/ 50 KB
51 KB 25ms
24ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/hl-images/2019/03/13/thumb/292x176_Windows_10.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66aff1522e84087d9e91ec11610257a785bf9cc413dcaee2a2048bfcc2f27732

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
cf-cache-status: HIT
age: 90430
cf-polished: origFmt=png, origSize=73566
status: 200
content-disposition: inline; filename="292x176_Windows_10.webp"
cf-bgj: imgq:85
content-length: 51646
last-modified: Wed, 13 Mar 2019 23:31:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 568a7e335c60d92d-AMS
expires: Sat, 21 Mar 2020 16:31:05 GMT

GET
H2 200 292x176_0_Tesla.jpg
www.bleepstatic.com/content/posts/2020/02/19/thumb/ 6 KB
6 KB 22ms
22ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/content/posts/2020/02/19/thumb/292x176_0_Tesla.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 541588a3b6acb1f7c637ee958762788106f7fc4cec988bc3ec348602d0d79c83

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
cf-cache-status: HIT
age: 41460
cf-polished: qual=85, origFmt=jpeg, origSize=7133
status: 200
content-disposition: inline; filename="292x176_0_Tesla.webp"
cf-bgj: imgq:85
content-length: 6024
last-modified: Wed, 19 Feb 2020 23:30:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 568a7e335c61d92d-AMS
expires: Sun, 22 Mar 2020 06:07:16 GMT

GET
H2 200 jquery.fancybox.css
www.bleepstatic.com/js/redesign/fancybox/ 4 KB
1 KB 28ms
28ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 4944
cf-polished: origSize=4895
status: 200
cf-bgj: minify
last-modified: Wed, 14 Oct 2015 20:25:51 GMT
server: cloudflare
etag: W/"9108074"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 568a7e335c67d92d-AMS
expires: Fri, 01 Nov 2019 06:12:37 GMT

GET
H2 200 font-awesome.css
www.bleepstatic.com/css/redesign/ 22 KB
5 KB 28ms
27ms Stylesheet
text/css 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/css/redesign/font-awesome.css
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 147
cf-polished: origSize=26776
status: 200
cf-bgj: minify
last-modified: Tue, 03 May 2016 04:39:29 GMT
server: cloudflare
etag: W/"1700274315"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 568a7e335c68d92d-AMS
expires: Wed, 03 Jul 2019 05:12:31 GMT

GET
H2 200 cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v29/ Frame 3065 0
0 23ms
8ms Document
text/html 2600:9000:2057:b800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v29/cmp-3pc-check.html
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:b800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: static.quantcast.mgr.consensu.org
:scheme: https
:path: /v29/cmp-3pc-check.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Response headers

status: 200
content-type: text/html
content-length: 645
last-modified: Wed, 05 Feb 2020 23:13:01 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Fri, 21 Feb 2020 17:32:46 GMT
etag: "55b98270d639ef0c34781d9f03cce91f"
x-cache: Hit from cloudfront
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 70YZ-PLdOszU4jrhfju7bqAt0fr4rhSTEKyYRPrsb_5dAwB3xFPUjg==
age: 1067

GET
H2 200 g Show response
ck.connatix.com/ 46 B
103 B 27ms
20ms Script
text/plain 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ck.connatix.com/g?callback=cnxJSONP_1bb790617580caa6a7af1582306696231
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 8d6d7d3c56565498244aeee3d4c6baf4a1ff81c67bf4d8c25f816fde581f94b4

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
via: 1.1 varnish
server: Varnish
age: 0
x-cache: HIT
status: 200
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-cache-hits: 0
accept-ranges: bytes
x-timer: S1582306696.248932,VS0,VE0
content-length: 46
retry-after: 0
x-served-by: cache-hhn4062-HHN

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 14ms
14ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1031337554&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&ul=en-us&de=UTF-8&dt=Targeted%20Phishing%20Attack%20Aims%20For%20Well-Known%20Corporate%20Brands&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1970783466&gjid=1981166971&cid=666705958.1582306696&tid=UA-91740-1&_gid=865012501.1582306696&_r=1&gtm=2ou2c0&z=135155745

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 25ms
25ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 21 Feb 2020 17:38:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Nov 2019 20:13:52 GMT
Server: AmazonS3
x-amz-request-id: FBAF69B7861DE212
ETag: "f14b4e1f799b14f798a195f43cf58376"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=33226
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 948
x-amz-id-2: mINJDBnKUfP83RzDJ6hQaYSGPvMPOM770jd+gXVSD8LFScfPdVPaVzI4W2IwmrtEKhDna93Nv9A=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/ 2 KB
855 B 220ms
215ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-561517d2c7f964d6/_ate.track.config_resp
Requested by: Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d23d10111755a12c87198df1c71cce449de31eca9643030c6327a2157f9bd86

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: gzip
etag: -1659864586--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 678

GET
H2 200 cmpui-popup.js Show response
static.quantcast.mgr.consensu.org/v29/ 230 KB
61 KB 12ms
11ms Script
text/javascript 2600:9000:2057:b800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v29/cmpui-popup.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:b800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a48318a5693f53e553b5cf31728f63b87894dee6eb24e296e074a79101989362

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:30:45 GMT
content-encoding: gzip
last-modified: Wed, 05 Feb 2020 20:12:51 GMT
server: AmazonS3
age: 528
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: zct8PsGhinbsuBMZdKZPI-DOrFLCmsyItRUrNBnu7-TTT4qw2Yh_4g==
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)

GET
H2 200 fontawesome-webfont.woff
www.bleepstatic.com/fonts/ 64 KB
64 KB 70ms
31ms Font
application/octet-stream 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bleepstatic.com/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer: https://www.bleepstatic.com/css/redesign/font-awesome.css
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
cf-cache-status: HIT
last-modified: Thu, 23 Apr 2015 09:36:00 GMT
server: cloudflare
age: 206
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
status: 200
accept-ranges: bytes
cf-ray: 568a7e342bb9733b-AMS
access-control-allow-origin: *
content-length: 65452

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 45E6 0
0 71ms
70ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1582050353&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1582306696187&bpp=4&bdt=284&fdt=135&idt=135&shv=r20200219&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3677340578298&frm=20&pv=2&ga_vid=666705958.1582306696&ga_sid=1582306696&ga_hid=1031337554&ga_fc=0&iag=0&icsg=2199025885184&dssz=44&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064523%2C21065304%2C21065305&oid=3&pvsid=3228714976394348&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=146

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200219/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1582050353&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1582306696187&bpp=4&bdt=284&fdt=135&idt=135&shv=r20200219&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3677340578298&frm=20&pv=2&ga_vid=666705958.1582306696&ga_sid=1582306696&ga_hid=1031337554&ga_fc=0&iag=0&icsg=2199025885184&dssz=44&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064523%2C21065304%2C21065305&oid=3&pvsid=3228714976394348&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&dtd=146
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 21 Feb 2020 17:38:16 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-Feb-2020 17:53:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Fri, 21 Feb 2020 17:38:16 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200219/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

753def12fae8722bef366a340b5ab7c34a15c8cd8432cdddb30d8f91ab987b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582122122802407"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27674
x-xss-protection: 0
expires: Fri, 21 Feb 2020 17:38:16 GMT

GET
H2 200 pls Show response
core.connatix.com/ Frame 2BB6 7 KB
3 KB 336ms
116ms Script
text/plain 50.16.134.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://core.connatix.com/pls?callback=jQuery32102854291291746778_1582306696229&token=83c6e833-8c07-474c-b10f-079d46320a80&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&c_v=1899_1_0_0_0&page_guid=bf16e54c0ec96611144b1582306696339&spp=1&_=1582306696230
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.134.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-134-22.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: 1afb078b0ae5d01405463d22c55e32d1469cec5eaf2ffc52ec8fe527b4906a95

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

status: 200
date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: gzip
server: nginx/1.15.9 (Ubuntu)
access-control-allow-origin: *

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 93 KB
17 KB 21ms
7ms XHR
application/json 2600:9000:2057:f400:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:f400:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4370188e3b8f3641ad43ef72bfa9e8bc5e519da306984c328fc1885d621c470

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 16:16:31 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 91306
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 20 Feb 2020 16:00:54 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: L0crZbDtq.lFwCMFonQA4ZA5hP.DwxFe
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b845.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA6-C1
content-type: application/json; charset=utf-8
x-amz-cf-id: L3lgD29Jwg4qe86wH4t8aiMgCnpLR7p4O8WtzY7CsfX7fG_IywS7qg==

GET
H2 404 CookieAccess Show response
api.quantcast.mgr.consensu.org/ 30 B
596 B 3218ms
138ms XHR
application/json 143.204.202.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.quantcast.mgr.consensu.org/CookieAccess
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-95.fra53.r.cloudfront.net
Software: /
Resource Hash: 5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 21 Feb 2020 17:38:19 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 20052506-573d-44a2-a3e3-30768a858204
x-cache: Error from cloudfront
status: 404
x-amz-apigw-id: IQhN0GZ7oAMF9Zw=
content-length: 50
access-control-allow-origin: https://www.bleepingcomputer.com
x-amzn-trace-id: Root=1-5e50158b-5cfa5aeaf9d4a2020b7acf2e;Sampled=0
vary: Origin
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
x-amz-cf-id: zHXmKHsH9XaQ2whbBh7hZLtOWDgmZakF3ovJ2dQDwiNxT6VAd-Ko4w==

GET
H/1.1 200
OK cookie Show response
d.pub.network/ 36 B
472 B 474ms
115ms XHR
text/plain 35.188.71.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/cookie
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.71.188.35.bc.googleusercontent.com
Software: /
Resource Hash: 4281986b6a197a976186b989271d56c212506e18f5a480055c599a107eda570c

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:16 GMT
Access-Control-Allow-Credentials: true
Content-Length: 36
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain;charset=utf-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 43 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba465c06c5d97a14eb025f350f3e13a660571debe2831841097479465dc3a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "434 / 532 of 1000 / last-modified: 1582237388"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14536
x-xss-protection: 0
expires: Fri, 21 Feb 2020 17:38:16 GMT

GET
H/1.1 200
OK gallery.js Show response
freestar-io.videoplayerhub.com/ 94 KB
25 KB 86ms
20ms Script
application/javascript 13.35.253.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://freestar-io.videoplayerhub.com/gallery.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-24.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf967132b3fa51348203d93b4a33b3d9ab76ab896cd8622afeb1cd433cfb3f20

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: gnEy7cHp43SrKSuFmecGZMtzYYhBUqcF
Content-Encoding: gzip
Last-Modified: Wed, 19 Feb 2020 19:47:29 GMT
Server: AmazonS3
Age: 25
Date: Fri, 21 Feb 2020 17:37:55 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA6-C1
Connection: keep-alive
X-Amz-Cf-Id: FdGmlQJqkKClsT3ovzPkausbI5aF0VCWsg0_z_SuaIqyfhi1Yu4qgw==

GET
H2 200 prebid-analytics-3.6.0.js Show response
a.pub.network/core/ 338 KB
103 KB 150ms
150ms Script
text/html 2606:4700:20::681a:18b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/prebid-analytics-3.6.0.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a910d1809939ab14b9d05a15c1bc8736f2997bc39b37d576264dfa3b70c9b45

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: br
cf-cache-status: BYPASS
status: 200
x-guploader-uploadid: AEnB2UqteDycn66mh2FYJlAiFbSDsrsIHYZ7qfVw92VzoSqo6ufqqWm3mNxdtKrsnaxJPSkKjQYP7oNVsdNHFieLtcl_8v486Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
last-modified: Mon, 10 Feb 2020 17:48:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=NtYd2Q==, md5=QRGG5MzqUJfSkUH1MbEZLw==
content-type: text/html
x-goog-generation: 1581356889589820
cache-control: private
x-goog-stored-content-length: 346359
cf-ray: 568a7e354c92c2a4-FRA
expires: Sat, 20 Feb 2021 17:38:16 GMT

GET
H/1.1 200
OK location Show response
d.pub.network/ 51 B
498 B 1512ms
118ms XHR
application/json 35.188.71.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/location
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.71.188.35.bc.googleusercontent.com
Software: /
Resource Hash: 6358c6ea8da1fcf2fc88c991a803c1a5f63b13247d7c546f1e3365ce17ec484d

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:17 GMT
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding: chunked
Content-Type: application/json

GET
H2 200 layers.ab5cd98fe1b9a38a4a9f.js Show response
s7.addthis.com/static/ 263 KB
76 KB 29ms
28ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Fri, 21 Feb 2020 17:38:16 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77528

GET
H2 200 pubads_impl_2020021802.js Show response
securepubads.g.doubleclick.net/gpt/ 167 KB
61 KB 32ms
31ms Script
text/javascript 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020021802.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

sffe /

Resource Hash

06c08e3ba81a0a899a551a554791954c7b40ff431de2c6a206e166617578903d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Feb 2020 20:41:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62262
x-xss-protection: 0
expires: Fri, 21 Feb 2020 17:38:16 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 87 KB
25 KB 77ms
35ms Script
application/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: ac2a58f9d55c4642121cfb6f7e213cbc882bbdd75ef171ca8a07ed982ef693ce

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 02:32:10 GMT
content-encoding: gzip
server: Server
age: 54369
etag: 1dcfbf3986ee8b9c3abbc67eb808ab43
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: dcSzPMhiFJF-Vri51KyQmijIajMkjAEuPOaVR_6UACq_usY-ajtiPQ==
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/d5CEaYYEzMwqV3dGpQ3IFjCM27s/gpt_and_prebid/ 163 KB
36 KB 63ms
20ms Script
text/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/d5CEaYYEzMwqV3dGpQ3IFjCM27s/gpt_and_prebid/config.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4752c7c08ff8dc4f8189305362acfb7c67fa71d9cd5895910cde310632c250d4

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 21 Feb 2020 17:38:16 GMT
Content-Encoding: gzip
Age: 156
X-Cache: HIT
Connection: keep-alive
Content-Length: 35802
x-amz-id-2: RMOy0pg353KOIJt0Cd5WdAkAxSY8BYPLVDdbn2vnnoxKnoBQa0FRxgNEe+PclyE0hSsNyb5Nkvo=
X-Served-By: cache-hhn4082-HHN
Last-Modified: Fri, 21 Feb 2020 17:19:43 GMT
Server: AmazonS3
X-Timer: S1582306697.654367,VS0,VE0
ETag: "8dfed5227e77ef4ed2c9e7fc396b258a"
x-amz-request-id: CB08F94AA9D825B4
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 11

GET
H/1.1 200
OK v2 Show response
d.pub.network/floors/ 1 KB
2 KB 468ms
116ms XHR
application/json 35.188.71.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/floors/v2?key=535desktop
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.188.71.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.71.188.35.bc.googleusercontent.com
Software: /
Resource Hash: a8c5be46c8a4a075dbb81757ada7779edca96a639f375a06f09719155324836d

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:17 GMT
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Transfer-Encoding: chunked
Content-Type: application/json

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 66ms
22ms XHR
application/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 21 Feb 2020 07:49:01 GMT
content-encoding: gzip
vary: Origin
age: 35356
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Wed, 08 Jan 2020 04:09:03 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: xOt2k8K2HO1J1dVgjqN8YQkeQ0dkmNBpEcpYuKpoAfpg4wX9kPcXZQ==

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gpt/202002111741/ 94 KB
32 KB 21ms
20ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202002111741/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/d5CEaYYEzMwqV3dGpQ3IFjCM27s/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5cc925a803eea0cf13c9dbc56a885d897a93429a7982412fd0bac3653e36936d

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 21 Feb 2020 17:38:16 GMT
Content-Encoding: gzip
Age: 393
X-Cache: HIT
Connection: keep-alive
Content-Length: 32593
x-amz-id-2: fk17vI3G+bl9jendp357Qd+Jp4QCnTaPHmc7smsQE3UWHRkg7CE5IeNZ/cBAw2GamnjTTMTQg6k=
X-Served-By: cache-hhn4082-HHN
Last-Modified: Thu, 13 Feb 2020 21:03:49 GMT
Server: AmazonS3
X-Timer: S1582306697.704967,VS0,VE0
ETag: "cac43688d7889ff31926c5bf63262683"
x-amz-request-id: 552F12698A03D2F9
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 270

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/prebid/202002111741/ 37 KB
14 KB 48ms
20ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202002111741/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/d5CEaYYEzMwqV3dGpQ3IFjCM27s/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54a5f6b6e229bcae1a84f6c08614287d0770c96b7d2cfeffe9da6c6c90df2364

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 21 Feb 2020 17:38:16 GMT
Content-Encoding: gzip
Age: 418
X-Cache: HIT
Connection: keep-alive
Content-Length: 13451
x-amz-id-2: DfNMQr58CcxGDUNJNSyuQpv41D2teSZefFkA7I7IhsocDLEp985rdhWuMa5+LmtaYM3yYBwnaMg=
X-Served-By: cache-hhn4082-HHN
Last-Modified: Thu, 13 Feb 2020 21:03:50 GMT
Server: AmazonS3
X-Timer: S1582306697.731929,VS0,VE0
ETag: "c719a162b103ae2c7d189335197ab2f8"
x-amz-request-id: BC333502F8299EE5
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 1141

GET
DATA 200
OK truncated
/ 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK g Show response
rtb.connatix.com/ 142 B
323 B 477ms
153ms Script
text/plain 52.54.227.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.connatix.com/g?c_pw=834&c_ph=469&c_tk=C018218D-4AD0-4E01-8158-045425E65946&c_bu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&c_ivt=0&connatix_sess=hPNiO8CAQZ9cSAUJUVVtK8a7f4N0OBJwz2-JvhgYkD2hL-LQe91mQSZ4h03FOUvus5x7L9FntdbMKep4LbFo95l6K3Syea909c_kEe8S6_gWCyRUXmO86UN5LQW-eXTU3FFmpzhqJB-Mpq-uSzJau2Q66VRxpXF-rbIK4sZv7w01JwtdNPpRKOQ227RM9jbO&notServed=false&xplr=true&c_s=false&c_pl=d_uu07TFtSURWUvkPIyf9Mq2aydZwR_ypzH4aqGwj0UC33xRY4bgdPPxAQo5ExW9_-2cj0KGWzhG1eiYjK4jS-DuMkj25fflSKOpf74HpOQ3Tk_NUU4PIJSjfw9aw5oooRckk73tBh6r_LlypchkoZKUrupMdlEnagS9EiYSmK_MOaa9ckpnOUaY83i9PhcSDPTNrT3cGc0ry_Y05u_l3Z6x8lOv4xj14xRRIuJk2bMUC05vVKeiSjZMHyPDP8Pb8PpGHZUQGv86ziZ6eZjmmg&gdpr=1&is_ccpa_b=false&med_id=639404&req_no=0&v=1&c_pt=1&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporat&c_v=1899_1_0_0_0&spp=1&callback=cnxJSONP_ca09823367a02462e7fb1582306696738
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.227.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-227-62.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: 6978bf2b663a5809f8dd22e6c4c72f1e597831a1a793187106a8c38919eb1eb8

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 17:38:17 GMT
Content-Encoding: gzip
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 135

GET
H2 200 397.jpg
i.connatix.com/s3/connatix-uploads/af391ba1-47b0-4ff1-87cb-08a6df11845f/ 18 KB
19 KB 42ms
22ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/af391ba1-47b0-4ff1-87cb-08a6df11845f/397.jpg?mode=stretch&connatiximg=true&scale=both&height=469&width=834
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fb624eb182dd1aace32416024e0abb3f0ed91df37857e7f5dab317640e6fb783

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 56561
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 2, 2
accept-ranges: bytes
x-timer: S1582306697.768815,VS0,VE0
access-control-allow-origin: *
content-length: 18858
x-served-by: cache-sjc10037-SJC, cache-hhn4062-HHN

GET
H2 200 1.jpg
i.connatix.com/s3/connatix-uploads/3bc5a624-2712-4319-b3fc-e5e045ab4808/ 22 KB
22 KB 41ms
22ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/3bc5a624-2712-4319-b3fc-e5e045ab4808/1.jpg?mode=crop&width=1001&height=563
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 610785c771b1f0bf52920fef087c1d0e64c0c2140114f13bd6da2542581d5b48

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 56560
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 2, 3
accept-ranges: bytes
x-timer: S1582306697.768829,VS0,VE0
access-control-allow-origin: *
content-length: 22709
x-served-by: cache-sjc10021-SJC, cache-hhn4062-HHN

GET
H2 200 1.jpg
i.connatix.com/s3/connatix-uploads/72846656-5d11-4149-ad63-9bb6238355a5/ 46 KB
46 KB 43ms
23ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/72846656-5d11-4149-ad63-9bb6238355a5/1.jpg?mode=crop&width=1001&height=563
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7e277e6b5dfa033f783e999b9b3a67fda4e863bb0315345d74d6ff60eba84d7c

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 56561
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 1, 2
accept-ranges: bytes
x-timer: S1582306697.769152,VS0,VE0
access-control-allow-origin: *
content-length: 47430
x-served-by: cache-sjc10036-SJC, cache-hhn4062-HHN

GET
H2 200 1.jpg
i.connatix.com/s3/connatix-uploads/2d485612-4cc4-4df3-9d4b-1bc15a3222f5/ 83 KB
84 KB 43ms
24ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/2d485612-4cc4-4df3-9d4b-1bc15a3222f5/1.jpg?mode=crop&width=1001&height=563
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ecbef308fdb35a153dcff1b6bfdfcbdfb8ba333a597000c5e2b7e4662e45a7fb

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 56561
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 12, 439
accept-ranges: bytes
x-timer: S1582306697.769153,VS0,VE0
access-control-allow-origin: *
content-length: 85360
x-served-by: cache-sjc10026-SJC, cache-hhn4062-HHN

GET
H2 200 1.jpg
i.connatix.com/s3/connatix-uploads/34d5fd1a-7ad8-435d-8a3c-b0fbc14b93fa/ 147 KB
147 KB 46ms
27ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/34d5fd1a-7ad8-435d-8a3c-b0fbc14b93fa/1.jpg?mode=crop&width=1001&height=563
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1a601d2d87e0c3c022b3a867b41316b808ec518621b21a2a72b26a1560db275e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 56561
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 1, 1
accept-ranges: bytes
x-timer: S1582306697.769158,VS0,VE1
access-control-allow-origin: *
content-length: 150451
x-served-by: cache-sjc10032-SJC, cache-hhn4062-HHN

GET
H2 200 1.jpg
i.connatix.com/s3/connatix-uploads/f9ba6974-ea4b-46e4-947e-0601dbc0c571/ 126 KB
126 KB 46ms
27ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-uploads/f9ba6974-ea4b-46e4-947e-0601dbc0c571/1.jpg?mode=crop&width=1001&height=563
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d6fa9bf6487fd619d0f2cdddbd707b911f84f013a0d0b52bf2919d207316f5fd

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 56561
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 1, 1
accept-ranges: bytes
x-timer: S1582306697.769110,VS0,VE1
access-control-allow-origin: *
content-length: 129242
x-served-by: cache-sjc10049-SJC, cache-hhn4062-HHN

GET
H2 200 bleeping-computerlogo-lg.png
www.bleepstatic.com/logos/ 7 KB
7 KB 33ms
32ms Image
image/webp 104.26.12.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bleepstatic.com/logos/bleeping-computerlogo-lg.png
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a56e644a617b2d1e4e7d808dfc334a7ea8622979f22999dc9eccd21c61958b3

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
cf-cache-status: HIT
age: 663112
cf-polished: origFmt=png, origSize=15281
status: 200
content-disposition: inline; filename="bleeping-computerlogo-lg.webp"
cf-bgj: imgq:85
content-length: 7156
last-modified: Wed, 07 Jan 2015 22:52:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 568a7e36ae18d92d-AMS
expires: Sun, 15 Mar 2020 01:26:24 GMT

GET
H2 200 0_th_1.jpg
i.connatix.com/s3/connatix-videos/af391ba1-47b0-4ff1-87cb-08a6df11845f/ Frame 2BB6 23 KB
23 KB 22ms
22ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.connatix.com/s3/connatix-videos/af391ba1-47b0-4ff1-87cb-08a6df11845f/0_th_1.jpg
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c3034d0370c5faa09e7a8d7b0c48925afa0371cf17e4827dde23059f56019dae

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
via: 1.1 varnish, 1.1 varnish
age: 15356916
x-cache: HIT, HIT
content-type: image/jpeg
status: 200
cache-control: max-age=31557600
x-cache-hits: 1, 2
accept-ranges: bytes
x-timer: S1582306697.791665,VS0,VE0
access-control-allow-origin: *
content-length: 23507
x-served-by: cache-sjc3139-SJC, cache-hhn4062-HHN

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
375 B 76ms
76ms XHR
text/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&pid=Y5tPthFbuwVUE&cb=0&ws=1600x1200&v=7.47.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_BTF%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_1%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_2%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_320x50_InContent_1%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_3%22%7D%5D&cfgv=0&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22cmp-error%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 21 Feb 2020 17:38:16 GMT
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: wwjiKaCUJzg2-brYyFFen3Myf-dQP3om1Jar71qxNXxIcteB6sCinw==

POST cookie_sync
prebid.pub.network/ 0
0

POST auction
prebid.pub.network/openrtb2/ 0
0

GET v1
btlr.sharethrough.com/WYu2BXv1/ 0
0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
122 B 1160ms
114ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.6.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 21 Feb 2020 17:38:17 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.bleepingcomputer.com

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 518 B
709 B 43ms
15ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.6.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: c051c24eb2950d58f2878487153695bc7c04957221482e3ea885cca0babc3590

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:16 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 518
expires: 0

GET arj
freestar-d.openx.net/w/1.0/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 730 B
1 KB 67ms
30ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.6.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

61958bb842839bd577f7e68d33088778fd44db4ccedd0031554cb7f61aff8f7d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:18 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.49:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: bbd1ed05-e332-4141-930c-22882964ac85
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 729 B
1 KB 106ms
39ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.6.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

d6726d91652b924807414195306930adeeccbafe41b4fc4e11511a0045072e86

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:18 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.173:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3b954f1d-daba-4839-a663-00b8c7ff5f38
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

GET cygnus
as-sec.casalemedia.com/ 0
0

POST auction
tlx.3lift.com/header/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=134527c7ba1d8e01;misc=1582306696810;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185819/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=135a0227f0ba3741;misc=1582306696810;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185817/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=1367f42931a39dd6;misc=1582306696810;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185818/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=137adbe6ae5bdd2b;misc=1582306696810;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185819/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=1388befb0b226403;misc=1582306696810;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185817/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=13992b22169c7d06;misc=1582306696810;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185818/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=1408115453091b0c;misc=1582306696810;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185823/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=141ebe89ff09fe4b;misc=1582306696810;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185820/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=142ca17f741d4318;misc=1582306696810;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185823/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=143aa6f33172096d;misc=1582306696810;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185820/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=144a4eb918926cb9;misc=1582306696810;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185818/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=1451059043dbb439;misc=1582306696810;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185823/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=1463eeb9114b2bdf;misc=1582306696810;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185820/0/0/ 0
0

POST v1
dmx.districtm.io/b/ 0
0

GET
H2 403 tag Show response
slckg-phfiv.ads.tremorhub.com/ad/ Frame 2BB6 949 B
1 KB 288ms
88ms XHR
text/html 2600:1f18:612b:4264:cb60:d229:2b7e:6919
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://slckg-phfiv.ads.tremorhub.com/ad/tag?adCode=slckg-bwjaw&playerWidth=834&playerHeight=469&playerPosition=1&mediaTitle=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&mediaDesc=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&mediaId=639404&mediaUrl=&srcPageUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&contentLength=30&gdpr=1&gdpr_consent=&schain=1.0,1!connatix.com,102734,1,,,,
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:cb60:d229:2b7e:6919 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 21 Feb 2020 17:38:17 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
status: 403
content-language: en
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
x-tremorvideo-status: REJECTED_BY_SEAT_QPS_LIMIT
content-type: text/html;charset=utf-8
content-length: 949

GET
H/1.1 200
OK r
trk.connatix.com/ Frame 2BB6 0
162 B 6329ms
105ms Image
text/plain 52.21.193.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/r?connatix_sess=hPNiO8CAQZ9cSAUJUVVtK8a7f4N0OBJwz2-JvhgYkD2hL-LQe91mQSZ4h03FOUvus5x7L9FntdbMKep4LbFo95l6K3Syea909c_kEe8S6_gWCyRUXmO86UN5LQW-eXTU3FFmpzhqJB-Mpq-uSzJau2Q66VRxpXF-rbIK4sZv7w01JwtdNPpRKOQ227RM9jbO&videoID=639404&c_pl=d_uu07TFtSURWUvkPIyf9Mq2aydZwR_ypzH4aqGwj0UC33xRY4bgdPPxAQo5ExW9_-2cj0KGWzhG1eiYjK4jS-DuMkj25fflSKOpf74HpOQ3Tk_NUU4PIJSjfw9aw5oooRckk73tBh6r_LlypchkoZKUrupMdlEnagS9EiYSmK_MOaa9ckpnOUaY83i9PhcSDPTNrT3cGc0ry_Y05u_l3Z6x8lOv4xj14xRRIuJk2bMUC05vVKeiSjZMHyPDP8Pb8PpGHZUQGv86ziZ6eZjmmg&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporat&c_v=1899_1_0_0_0&spp=1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.193.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-193-116.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 17:38:23 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/ Frame 2BB6
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1582306696830&ns_st_ec=1&ns_st_sp=1&ns...
https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1582306696830&ns_st_ec=1&ns_st_sp=1&n...

43 B
309 B

58ms
26ms

Image
image/gif

104.124.133.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1582306696830&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=30000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_639404&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1582306696831&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=1&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&c8=&c9=&cs_ucfr=0
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.124.133.20 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-124-133-20.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:18 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1582306696830&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=30000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_639404&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1582306696831&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=1&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&c8=&c9=&cs_ucfr=0
Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:18 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK g Show response
rtb.connatix.com/ 142 B
324 B 532ms
148ms Script
text/plain 52.54.227.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.connatix.com/g?c_pw=834&c_ph=470&c_tk=C018218D-4AD0-4E01-8158-045425E65946&c_bu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&c_ivt=0&connatix_sess=hPNiO8CAQZ9cSAUJUVVtK8a7f4N0OBJwz2-JvhgYkD2hL-LQe91mQSZ4h03FOUvus5x7L9FntdbMKep4LbFo95l6K3Syea909c_kEe8S6_gWCyRUXmO86UN5LQW-eXTU3FFmpzhqJB-Mpq-uSzJau2Q66VRxpXF-rbIK4sZv7w01JwtdNPpRKOQ227RM9jbO&notServed=false&xplr=true&c_s=false&c_pl=d_uu07TFtSURWUvkPIyf9Mq2aydZwR_ypzH4aqGwj0UC33xRY4bgdPPxAQo5ExW9_-2cj0KGWzhG1eiYjK4jS-DuMkj25fflSKOpf74HpOQ3Tk_NUU4PIJSjfw9aw5oooRckk73tBh6r_LlypchkoZKUrupMdlEnagS9EiYSmK_MOaa9ckpnOUaY83i9PhcSDPTNrT3cGc0ry_Y05u_l3Z6x8lOv4xj14xRRIuJk2bMUC05vVKeiSjZMHyPDP8Pb8PpGHZUQGv86ziZ6eZjmmg&gdpr=1&is_ccpa_b=false&med_id=639404&req_no=1&v=2&c_pt=1&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporat&c_v=1899_1_0_0_0&spp=1&callback=cnxJSONP_47d034f1be42452907c01582306696833
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.227.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-227-62.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: de807e9f5de9efdfcb8596c0807ecd9034413a144c263030d66d11090567868a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 17:38:17 GMT
Content-Encoding: gzip
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 136

GET
H2 200 beacon.js Show response
ad-delivery.net/ 1 KB
987 B 528ms
23ms Script
application/x-javascript 13.35.253.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-delivery.net/beacon.js
Requested by: Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-87.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 31 Jan 2017 15:06:54 GMT
server: AmazonS3
age: 896
date: Fri, 21 Feb 2020 17:23:29 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: AxgiMRwnKVrIDIjiLNjLRynpjky-d5Dx9wh6lvoa_lEEUkFtNZMT5A==
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)

GET
H2 200 tag Show response
slckg-phfiv.ads.tremorhub.com/ad/ Frame 2BB6 119 B
462 B 178ms
177ms XHR
text/xml 2600:1f18:612b:4264:cb60:d229:2b7e:6919
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://slckg-phfiv.ads.tremorhub.com/ad/tag?adCode=slckg-nac38&playerWidth=834&playerHeight=470&playerPosition=1&mediaTitle=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&mediaDesc=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&mediaId=639404&mediaUrl=&srcPageUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&contentLength=30&gdpr=1&gdpr_consent=&schain=1.0,1!connatix.com,102734,1,,,,
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:cb60:d229:2b7e:6919 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:17 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
status: 200
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: text/xml;charset=UTF-8

GET
H/1.1 200
OK jquery.color-2.1.2.min.js Show response
cluster-na.cdnjquery.com/color/ 92 B
356 B 665ms
311ms Script
text/javascript 34.225.196.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cluster-na.cdnjquery.com/color/jquery.color-2.1.2.min.js?integrity=btjsonpcallback1582306697302&checksum=%7B%22cbc%22%3A0%2C%22st%22%3A2%2C%22au%22%3A%5B%5D%2C%22hau%22%3A%5B%5D%2C%22ref%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F%22%2C%22aa%22%3A3%2C%22pgid%22%3A%22f15b6950-54d0-11ea-a86c-933e6932593e%22%2C%22v%22%3A1%2C%22format%22%3A%22jsonp%22%7D&o=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&csVersion=1.21.38&clearThroughOptions=undefined

Requested by

Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.196.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-225-196-22.compute-1.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

0fe892cf75dbf4cd9f18730300e35c044a77cb671582ba1304b20e3a3cd5d859

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 21 Feb 2020 17:38:17 GMT
Content-Encoding: gzip
Server: nginx/1.12.1
ETag: W/"5c-QEZYxLd9wxGQ6wF88/0ZSZsalLY"
X-Frame-Options: DENY
Content-Type: text/javascript; charset=utf-8
Charset: utf8
Connection: keep-alive
Content-Length: 84

GET
H2 200 px.gif
ad-delivery.net/ 43 B
384 B 69ms
22ms Image
image/gif 13.35.253.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.05805573671204112
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-87.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-amz-version-id: null
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2017 18:59:05 GMT
server: AmazonS3
age: 71444
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
x-cache: Hit from cloudfront
content-type: image/gif
status: 200
date: Fri, 21 Feb 2020 11:59:58 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 43
x-amz-cf-id: cetVbpdPfXSUUVS_29VyB7-kk0XBLwf8nCWjK_GY04RoghkmiciKoQ==

GET
H2 403 tag Show response
slckg-phfiv.ads.tremorhub.com/ad/ Frame 2BB6 949 B
1 KB 88ms
87ms XHR
text/html 2600:1f18:612b:4264:cb60:d229:2b7e:6919
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://slckg-phfiv.ads.tremorhub.com/ad/tag?adCode=slckg-wc2tk&playerWidth=834&playerHeight=470&playerPosition=1&mediaTitle=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&mediaDesc=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&mediaId=639404&mediaUrl=&srcPageUrl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&contentLength=30&gdpr=1&gdpr_consent=&schain=1.0,1!connatix.com,102734,1,,,,
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:cb60:d229:2b7e:6919 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 21 Feb 2020 17:38:17 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
status: 403
content-language: en
access-control-allow-origin: https://www.bleepingcomputer.com
access-control-allow-credentials: true
x-tremorvideo-status: REJECTED_BY_SEAT_QPS_LIMIT
content-type: text/html;charset=utf-8
content-length: 949

GET
H2 200 48.008759e9efe1c1b693dd.js Show response
s7.addthis.com/static/ 281 B
486 B 37ms
36ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/48.008759e9efe1c1b693dd.js

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-119"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Fri, 21 Feb 2020 17:38:17 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 246

GET
H2 200 / Show response
graph.facebook.com/ 311 B
688 B 61ms
50ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_cyse0

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6bd9996bbb85892eeb2699fb476067382aee1649f3f49f5d8f612432535e662f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
date: Fri, 21 Feb 2020 17:38:17 GMT, Fri, 21 Feb 2020 17:38:17 GMT
x-fb-rev: 1001742341
alt-svc: h3-24=":443"; ma=3600
content-length: 214
pragma: no-cache
x-fb-debug: SXyk7uDxBFbQZLa6+Ytlb7O232GwcEZybaWufrq9NMP89+P7UUb5C42wClAfQTNUrILhMgeFTrIAFxT6hxSIRg==
x-fb-trace-id: CG9ZiIhnFx7
etag: "6d50a065c499c6f285b56fe3ffc64fe07e89e66f"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AoA5XKMvakBjbz0xDlILeRJ
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.12
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 info.json Show response
www.reddit.com/api/ 126 B
669 B 3237ms
156ms Script
application/javascript 151.101.13.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&jsonp=_ate.cbs.rcb_7rgj0

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

d6aadd6b412d2183cc35497075550f4e16c51fbf798e16812f622fe2bde27eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:20 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
status: 200
x-cache-hits: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 126
x-xss-protection: 1; mode=block
x-served-by: cache-fra19148-FRA
x-moose: majestic
server: snooserv
x-timer: S1582306700.450284,VS0,VE118
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
expires: -1

GET
H2 200 / Show response
graph.facebook.com/ 149 B
335 B 38ms
38ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_cri60

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8f7be384b0b2f860067e816b30acb596f981c47327787ab9aee287a92e6d80d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15552000; preload
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
date: Fri, 21 Feb 2020 17:38:17 GMT, Fri, 21 Feb 2020 17:38:17 GMT
x-fb-rev: 1001742341
alt-svc: h3-24=":443"; ma=3600
content-length: 149
pragma: no-cache
x-fb-debug: zASZKX4ST71/Uz8ftcTyZHG4qCBRlOjV3l376GtuLrnU9Unlpu4Ng2fNVUsPftc5ZokO9uxe4dVuglKKuu+I8Q==
x-fb-trace-id: GVeMfI5rhDx
etag: "a696d6a76aa591fbf9efbc8d35b8bc11dc3acab6"
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AeQHfMt5CZVJKxmDkSDaaXR
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.12
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 info.json Show response
www.reddit.com/api/ 126 B
259 B 3218ms
160ms Script
application/javascript 151.101.13.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=http%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&jsonp=_ate.cbs.rcb_c6rf0

Requested by

Host: s9.addthis.com
URL: https://s9.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

1491f9d163d870233275833fa3e50f003405161f121a165707b907c289fe1a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:20 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
status: 200
x-cache-hits: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 126
x-xss-protection: 1; mode=block
x-served-by: cache-fra19148-FRA
x-moose: majestic
server: snooserv
x-timer: S1582306700.450275,VS0,VE123
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
expires: -1

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
2 KB 156ms
38ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aa1c32964a1315d6f61dbcc34210b0b5e8c96479daac6af29cfb2a6a5dd05e3a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:17 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 900

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame BFC9 421 KB
94 KB 1164ms
48ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:18 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306698.dop006.wa1.t,1582306698.cds006.wa1.hn,1582306698.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974448
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 96 KB
35 KB 550ms
550ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3228714976394348&correlator=1047329963312675&output=ldjh&impl=fifs&adsid=NT&eid=21064523%2C21065304%2C21065305&vrg=2020021802&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200221&iu_parts=15184186%2Cbleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_300x250_300x600_160x600_Right_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_1x1%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%2C1x1%2C300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7C%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=user-agent%3DChrome&cookie_enabled=1&bc=31&abxe=1&lmt=1582050353&dt=1582306698022&dlt=1582306695904&idt=691&frm=20&biw=1585&bih=1200&oid=3&adxs=429%2C429%2C1075%2C1075%2C261%2C792%2C1075&adys=146%2C9066%2C327%2C1136%2C7635%2C9572%2C1661&adks=960084856%2C976516616%2C771041174%2C2389526111%2C4047242158%2C2635258439%2C523518761&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&dssz=59&icsg=140737658232832&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1170x120%7C1200x90%7C306x250%7C306x250%7C834x90%7C1585x9573%7C306x250&msz=1170x90%7C1170x90%7C306x250%7C306x250%7C834x90%7C1585x1%7C306x250&ga_vid=666705958.1582306696&ga_sid=1582306696&ga_hid=1031337554&fws=0%2C0%2C0%2C0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020021802.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

3bfe05e54a95fffc77cbd75a8011da5f16a3c63f8e83113d5d369c57d76b137f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 21 Feb 2020 17:38:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35360
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,4893662829,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-1,138254592126,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020021802.js Show response
securepubads.g.doubleclick.net/gpt/ 66 KB
24 KB 31ms
30ms Script
text/javascript 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020021802.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020021802.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

sffe /

Resource Hash

1a36f0a6f239c7826ac18991fae20560138d016bbd336c5e5156b9ef15ebf523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Feb 2020 20:41:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24891
x-xss-protection: 0
expires: Fri, 21 Feb 2020 17:38:18 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020021802.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/ Frame 2BB6
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1582306696830&ns_st_ec=2&ns_st_sp=1&ns...
https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1582306696830&ns_st_ec=2&ns_st_sp=1&n...

43 B
309 B

48ms
27ms

Image
image/gif

104.124.133.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1582306696830&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=1236&ns_st_cl=30000&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_639404&ns_st_pt=1236&ns_st_dpt=1236&ns_st_ipt=1236&ns_st_et=1236&ns_st_det=1236&ns_st_upc=1236&ns_st_dupc=1236&ns_st_iupc=1236&ns_st_upa=1236&ns_st_dupa=1236&ns_st_iupa=1236&ns_st_lpc=1236&ns_st_dlpc=1236&ns_st_lpa=1236&ns_st_dlpa=1236&ns_st_pa=1236&ns_ts=1582306698067&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&c8=&c9=&cs_ucfr=0
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.124.133.20 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-124-133-20.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:18 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1582306696830&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=1236&ns_st_cl=30000&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_639404&ns_st_pt=1236&ns_st_dpt=1236&ns_st_ipt=1236&ns_st_et=1236&ns_st_det=1236&ns_st_upc=1236&ns_st_dupc=1236&ns_st_iupc=1236&ns_st_upa=1236&ns_st_dupa=1236&ns_st_iupa=1236&ns_st_lpc=1236&ns_st_dlpc=1236&ns_st_lpa=1236&ns_st_dlpa=1236&ns_st_pa=1236&ns_ts=1582306698067&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=1&ns_st_dpc=1&ns_st_pp=1&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=BleepingComputer%20Highlights%20Feed%20-%20Daily%20Highlights&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&c8=&c9=&cs_ucfr=0
Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:18 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 7A28 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202002111741/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Fri, 21 Feb 2020 16:50:37 GMT
expires: Sat, 20 Feb 2021 16:50:37 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2861
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 904C 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202002111741/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Fri, 21 Feb 2020 16:50:37 GMT
expires: Sat, 20 Feb 2021 16:50:37 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2861
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 71E3 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202002111741/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Fri, 21 Feb 2020 16:50:37 GMT
expires: Sat, 20 Feb 2021 16:50:37 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2861
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 39B7 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202002111741/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Fri, 21 Feb 2020 16:50:37 GMT
expires: Sat, 20 Feb 2021 16:50:37 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2861
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 2AE3 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202002111741/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Fri, 21 Feb 2020 16:50:37 GMT
expires: Sat, 20 Feb 2021 16:50:37 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2861
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B157 0
0 34ms
34ms Fetch
image/gif 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVVyC9Oyy-qwi5-9yH_XI1pb_6clFbf0Qzv2rZfd3t-Uak6ot_s7xcBTWTMx5hzbhm0ZXjLRb_LwPaEy8pY32QaC8AhiorC69YTsuKERgRvf8woUwQTdEIzgbDdG6eN5FJlg91F-Nlh3jjghz3lZXfsnzu_NdxiZrsZ_SUx2mx9hAp5-VWDK-7UapD40rpsU09br__FhrPAjCxQGsPLWSx25cwfoU45CJGtgu-d6ONIKZr1TXM6skz-eMXfhxI0avCAmGw_zW_yfZhzxLevCHWtshW-iKWyfFo&sig=Cg0ArKJSzD1uJi08gwWSEAE&urlfix=1&adurl=

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Fri, 21 Feb 2020 17:38:18 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 21 Feb 2020 17:38:18 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame B157 71 KB
27 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b7f95ea376c84f25dd1359009f53c0a00a2999c897fde63e84d8384c019f614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582122122802407"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27379
x-xss-protection: 0
expires: Fri, 21 Feb 2020 17:38:18 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 4754 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202002111741/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Fri, 21 Feb 2020 16:50:37 GMT
expires: Sat, 20 Feb 2021 16:50:37 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2861
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame BFC9 29 KB
8 KB 73ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668012
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BFC9 160 B
864 B 28ms
28ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

d3754af01f753467f9e757b771901b55301bdf53e3a5489ba9a8a3e7f1782c73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:20 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.108:80
AN-X-Request-Uuid: 13595060-5d0d-416c-b5ec-2e38fc041271
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame BFC9 150 B
340 B 17ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 0c43dea597eda2cfe1b97b35cae36726fe35e744a79084ad9520b342e0e0f85b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:18 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET trinity.json
apex.go.sonobi.com/ Frame BFC9 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BFC9 166 B
1 KB 82ms
79ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

9b18c2c7604a4b0cb73d1b40e9d39f3a2aaa6d9ec047c479878635cd2f0340f3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:20 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.238:80
AN-X-Request-Uuid: c4ddde6c-f6d5-4873-9e50-460b05e05f83
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK c Show response
c.pub.network/ 0
267 B 485ms
119ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:19 GMT
Access-Control-Allow-Credentials: true
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
456 B 70ms
23ms Image
image/x-icon 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 06:38:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39586
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 22 Feb 2020 06:38:33 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame BFC9 20 B
320 B 1205ms
68ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=ec8ede0b-16b0-4353-af57-fc86a3efef28-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:21 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 / Show response
audit.quantcast.mgr.consensu.org/ 80 B
487 B 1070ms
22ms XHR
text/html 143.204.202.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit.quantcast.mgr.consensu.org/?log=;1582306699850;BleepingComputer.com;https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F;;;;;p,off,false,,1,en,29,190,true,false,false;displayConsentUi:mandatory,;GDPR-ni11m184hfos7cdvyjx2
Requested by: Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v29/cmpui-popup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.117 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-117.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 21 Feb 2020 03:07:09 GMT
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf567.cloudfront.net (CloudFront)
vary: Origin
age: 52272
x-cache: Hit from cloudfront
status: 200
content-length: 80
last-modified: Mon, 11 Jun 2018 22:07:34 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: E_380yuhCR_E8NNn1T7h4Z-SFiu6TphGnJOUeeD96lmyfiNUSgIGQA==

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame BFC9 0
217 B 1188ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=ec8ede0b&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:22 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
2 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5416f2cee07a77980f33d1020a54d7cc30010d7f6ce1a1e26b1546c41b328ccd

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:22 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 893

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame FC45 421 KB
94 KB 44ms
44ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:22 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306702.dop006.wa1.t,1582306702.cds006.wa1.hn,1582306702.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974444
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame FC45 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668016
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame FC45 160 B
864 B 19ms
19ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

f8be1c771ef58a9275da7f0564e035199980ec29df8af2b52206e4db29007122

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:24 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.184:80
AN-X-Request-Uuid: ed029d6e-379f-477d-8d4a-fd31d357f0db
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame FC45 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 7ae3275f8bfdb6b2a4300b5b59f26cf3b15acefb57ca60690f5d235c384638b1

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:22 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET trinity.json
apex.go.sonobi.com/ Frame FC45 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame FC45 166 B
1 KB 98ms
80ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

5c1520b103ac61b4d6d7e0d59156d2c0e743bb237d0264a6891099c5ba38f41c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:24 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.85:80
AN-X-Request-Uuid: ee1fa2d4-bb1c-44fe-8f2a-bb99581fc138
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 2BB6 0
162 B 524ms
105ms Image
text/plain 52.21.193.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:4457,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=8d7581d221c2c11184b41582306702736&c_pl=d_uu07TFtSURWUvkPIyf9Mq2aydZwR_ypzH4aqGwj0UC33xRY4bgdPPxAQo5ExW9_-2cj0KGWzhG1eiYjK4jS-DuMkj25fflSKOpf74HpOQ3Tk_NUU4PIJSjfw9aw5oooRckk73tBh6r_LlypchkoZKUrupMdlEnagS9EiYSmK_MOaa9ckpnOUaY83i9PhcSDPTNrT3cGc0ry_Y05u_l3Z6x8lOv4xj14xRRIuJk2bMUC05vVKeiSjZMHyPDP8Pb8PpGHZUQGv86ziZ6eZjmmg&c_v=1899_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporat&xplt=false&spp=1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.193.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-193-116.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 17:38:23 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame FC45 20 B
320 B 1196ms
109ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=73681b75-6da3-4daf-ad30-117c15f1abc4-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:24 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2

200

sync
eb2.3lift.com/ Frame 97A3
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

0
0

21ms
21ms

Document
text/html

52.57.79.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.6.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.79.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-79-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?&ld=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=10721825679007963723
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Response headers

status: 200
date: Fri, 21 Feb 2020 17:38:24 GMT
content-type: text/html; charset=utf-8
content-length: 493
set-cookie: sync=CgoIgQIQifbQxoYuCgoI4gEQifbQxoYuCgoI5gEQifbQxoYuCgkICRCJ9tDGhi4KCgipARCJ9tDGhi4KCQg5EIn20MaGLgoJCDoQifbQxoYuCgkICxCJ9tDGhi4KCgjOARCJ9tDGhi4KCQgfEIn20MaGLg==; Max-Age=7776000; Expires=Thu, 21 May 2020 17:38:24 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=10721825679007963723; Max-Age=7776000; Expires=Thu, 21 May 2020 17:38:24 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

status: 302
date: Fri, 21 Feb 2020 17:38:24 GMT
content-length: 0
set-cookie: tluid=10721825679007963723; Max-Age=7776000; Expires=Thu, 21 May 2020 17:38:24 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 71B0 0
0 3116ms
38ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.6.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Response headers

Last-Modified: Tue, 04 Feb 2020 05:12:07 GMT
ETag: "13006b6-9f85-59db914d12ccf"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14955
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=32013
Expires: Sat, 22 Feb 2020 02:32:00 GMT
Date: Fri, 21 Feb 2020 17:38:27 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 87B2 0
0 3104ms
27ms Document
text/html 23.210.249.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.6.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-83.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgI8sBeEAoYASABKAEwkKvA8gU4AUABSAEQkKvA8gUYAA..; uuid2=370094305202699514
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Sat, 20 Feb 2021 17:38:27 GMT
Date: Fri, 21 Feb 2020 17:38:27 GMT
Connection: keep-alive

GET
H2 200 index.html
cdn.districtm.io/ids/ Frame 896C 0
0 202ms
161ms Document
text/html 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.districtm.io/ids/index.html

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.6.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: cdn.districtm.io
:scheme: https
:path: /ids/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Response headers

status: 200
date: Fri, 21 Feb 2020 17:38:24 GMT
content-type: text/html
set-cookie: __cfduid=d1ad7ed672f040d90e978a21dca1e02671582306704; expires=Sun, 22-Mar-20 17:38:24 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
cf-ray: 568a7e64cea89bdf-AMS
cache-control: s-maxage=1209600, max-age=14400
last-modified: Thu, 10 Jan 2019 16:50:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
content-encoding: br

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame A482 0
0 4773ms
70ms Document
text/html 23.37.55.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.6.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-55-184.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 12 Feb 2020 18:47:41 GMT
Content-Encoding: gzip
Content-Length: 7693
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=48210
Expires: Sat, 22 Feb 2020 07:01:58 GMT
Date: Fri, 21 Feb 2020 17:38:28 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

pd
u.openx.net/w/1.0/ Frame 262A
Redirect Chain

https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
https://u.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=

0
0

38ms
38ms

Document
text/html

34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.6.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=7673a071-70bb-4c73-a8db-0f4f7586131c|1582306711
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=7673a071-70bb-4c73-a8db-0f4f7586131c|1582306711; Version=1; Expires=Sat, 20-Feb-2021 17:38:31 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1582306711|mOgikimWiygu; Version=1; Expires=Sat, 07-Mar-2020 17:38:31 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.176.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 21 Feb 2020 17:38:31 GMT
content-type: text/html
content-length: 374
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=7673a071-70bb-4c73-a8db-0f4f7586131c|1582306711; Version=1; Expires=Sat, 20-Feb-2021 17:38:31 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.176.1
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u.openx.net/w/1.0/pd?cc=1&gdpr=0&gdpr_consent=
date: Fri, 21 Feb 2020 17:38:31 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame FC45 0
217 B 1142ms
38ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=73681b75&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:25 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 119ms
42ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7706de76b9b44c34413fe506fcdcd8750ecc68e1c9784ab169b73661fe8d2d90

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:25 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 910

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame DF42 421 KB
94 KB 44ms
43ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:25 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306705.dop006.wa1.t,1582306705.cds006.wa1.hn,1582306705.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974441
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame DF42 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668019
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame DF42 160 B
1017 B 345ms
29ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a85550f23eef6fceec698f0ffc36ecc907b9d2596ae408449644071ff98f45ad

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:27 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.46:80
AN-X-Request-Uuid: f6962c1a-0532-4d39-bf72-758587967e17
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame DF42 150 B
340 B 14ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: c48202f6f4b2b0ccaa71f714c68ba0541d126b09795bf9acef3b87b9babd9390

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:25 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET trinity.json
apex.go.sonobi.com/ Frame DF42 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame DF42 160 B
1017 B 363ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

59114ae819f73a763f282533482de704e6035f9eb42d6622006f7979917ad280

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:28 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.85:80
AN-X-Request-Uuid: 887482e4-be98-4d9f-8a03-5134dc5c264b
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 2BB6 0
162 B 316ms
105ms Image
text/plain 52.21.193.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:3286,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=9058a8aa77d219d4305e1582306705736&c_pl=d_uu07TFtSURWUvkPIyf9Mq2aydZwR_ypzH4aqGwj0UC33xRY4bgdPPxAQo5ExW9_-2cj0KGWzhG1eiYjK4jS-DuMkj25fflSKOpf74HpOQ3Tk_NUU4PIJSjfw9aw5oooRckk73tBh6r_LlypchkoZKUrupMdlEnagS9EiYSmK_MOaa9ckpnOUaY83i9PhcSDPTNrT3cGc0ry_Y05u_l3Z6x8lOv4xj14xRRIuJk2bMUC05vVKeiSjZMHyPDP8Pb8PpGHZUQGv86ziZ6eZjmmg&c_v=1899_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporat&xplt=false&spp=1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.193.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-193-116.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 17:38:25 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame DF42 20 B
320 B 152ms
76ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=1614095e-4016-4f78-ae9b-8a936fc73379-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:26 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H/1.1 200
OK g Show response
rtb.connatix.com/ 107 B
302 B 363ms
133ms Script
text/plain 52.54.227.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.connatix.com/g?c_pw=834&c_ph=470&c_tk=C018218D-4AD0-4E01-8158-045425E65946&c_bu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&c_ivt=0&connatix_sess=hPNiO8CAQZ9cSAUJUVVtK8a7f4N0OBJwz2-JvhgYkD2hL-LQe91mQSZ4h03FOUvus5x7L9FntdbMKep4LbFo95l6K3Syea909c_kEe8S6_gWCyRUXmO86UN5LQW-eXTU3FFmpzhqJB-Mpq-uSzJau2Q66VRxpXF-rbIK4sZv7w01JwtdNPpRKOQ227RM9jbO&notServed=false&xplr=true&c_s=false&c_pl=d_uu07TFtSURWUvkPIyf9Mq2aydZwR_ypzH4aqGwj0UC33xRY4bgdPPxAQo5ExW9_-2cj0KGWzhG1eiYjK4jS-DuMkj25fflSKOpf74HpOQ3Tk_NUU4PIJSjfw9aw5oooRckk73tBh6r_LlypchkoZKUrupMdlEnagS9EiYSmK_MOaa9ckpnOUaY83i9PhcSDPTNrT3cGc0ry_Y05u_l3Z6x8lOv4xj14xRRIuJk2bMUC05vVKeiSjZMHyPDP8Pb8PpGHZUQGv86ziZ6eZjmmg&gdpr=1&is_ccpa_b=false&med_id=639404&req_no=2&v=1&c_pt=1&c_f=[{id:14547,r:4,i:0,f:2.08}]&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporat&c_v=1899_1_0_0_0&spp=1&callback=cnxJSONP_413fb9a408e75862c20f1582306706819
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.227.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-227-62.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: 4eb3a58aec789d8c0f7fa649698925e05b4d96b07ff494a63de4c0b0c0f01f93

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 17:38:27 GMT
Content-Encoding: gzip
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 114

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame DF42 0
217 B 1118ms
37ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=1614095e&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:27 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
2 KB 110ms
38ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 79ff6a26f7cfe8f359618e554eb624503ddd9f82cef777b7f28a77859ec0c2fc

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:27 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 900

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 3D6F 421 KB
94 KB 41ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:27 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306707.dop006.wa1.t,1582306707.cds006.wa1.hn,1582306707.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974439
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 3D6F 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668022
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3D6F 160 B
863 B 61ms
20ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

f56c07bd75b0bec96555e655043342a2862c79961358533a3c7b59bd23288b49

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:30 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.48:80
AN-X-Request-Uuid: 092c4d70-c6d6-487f-8516-3e6c2d2aae84
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 3D6F 150 B
340 B 14ms
14ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 2ce557bfe9ae0ab6039d8475521b6cd49826181ec380e981ed46acab499111e1

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:28 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 3D6F 44 B
667 B 120ms
61ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%2290410378%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=90410378-a134-4d0e-95e0-d41f3dd66323&pv=90410378-a134-4d0e-95e0-d41f3dd66323&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

ceafd5ec42d22f6d58ce6f3fcb9a9414b753c5eaf940631f1d6e8e8fe5c5b220

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:28 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3D6F 159 B
863 B 83ms
20ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

f833b4ea1969c7e3ad63c919894c6f0a4ceedaa4cdb6a8616d2f906831d7f75a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:30 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.155:80
AN-X-Request-Uuid: 5e5df7ef-f361-4922-abef-b002e4e291dd
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 3D6F 20 B
320 B 149ms
70ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=90410378-a134-4d0e-95e0-d41f3dd66323-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:28 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST i
vid-io.springserve.com/vd/ Frame 3D6F 0
0

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 2BB6 0
162 B 395ms
108ms Image
text/plain 52.21.193.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:2300,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=1c3e3cb1772d1b39a93d1582306708774&c_pl=d_uu07TFtSURWUvkPIyf9Mq2aydZwR_ypzH4aqGwj0UC33xRY4bgdPPxAQo5ExW9_-2cj0KGWzhG1eiYjK4jS-DuMkj25fflSKOpf74HpOQ3Tk_NUU4PIJSjfw9aw5oooRckk73tBh6r_LlypchkoZKUrupMdlEnagS9EiYSmK_MOaa9ckpnOUaY83i9PhcSDPTNrT3cGc0ry_Y05u_l3Z6x8lOv4xj14xRRIuJk2bMUC05vVKeiSjZMHyPDP8Pb8PpGHZUQGv86ziZ6eZjmmg&c_v=1899_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporat&xplt=false&spp=1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.193.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-193-116.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 17:38:29 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 394ms
40ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3b343a94a1668adc6d85e7693b9fc9bc1ea01dc5d5345fa3218b07d7a5210391

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:29 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 913

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 9796 421 KB
94 KB 124ms
42ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:29 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306709.dop010.wa1.t,1582306709.cds010.wa1.hc,1582306709.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974437
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 9796 29 KB
8 KB 48ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668024
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9796 160 B
864 B 19ms
19ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

8b07014144b47fe3041d1900c1660e25c83c485a586206d4a7aabfc7ac0d8782

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:32 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.106:80
AN-X-Request-Uuid: 8d5a8e0b-6baf-4d45-8e0e-7268e9d39716
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 9796 150 B
341 B 38ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: da9897288af905e1697a4d141bcc99c65268214b1097925e08b0c5215ab89f55

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:30 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 9796 44 B
667 B 76ms
39ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22a5c06822%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=a5c06822-45c4-4b15-a7f8-855dd8f4e75e&pv=a5c06822-45c4-4b15-a7f8-855dd8f4e75e&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

070a8f5e032b2ed02998921e9ff7786e3789ad80c5b47fb221771e886a2b4e8c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:30 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9796 160 B
864 B 19ms
19ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

eee186181877559e303cac7a2b6fd048b24df69ab68278ec1dddf13c3e6e12f3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:32 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.106:80
AN-X-Request-Uuid: 135bdfef-424c-446a-918d-984ed8d7a815
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 9796 20 B
320 B 145ms
72ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=a5c06822-45c4-4b15-a7f8-855dd8f4e75e-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:30 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 9796 0
217 B 115ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=a5c06822&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:30 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fcb056591fcd425e291aae17220d3ef296699cbe6bb69f417f2345f454b6dbce

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:30 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 914

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 1F6B 421 KB
94 KB 42ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:30 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306710.dop010.wa1.t,1582306710.cds010.wa1.hc,1582306710.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974436
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 1F6B 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668024
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1F6B 160 B
864 B 19ms
19ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

82c9003f38df5df49beef5694fece360557bb37b1a36b58e0ec9777dd1ce63e2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:32 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.116:80
AN-X-Request-Uuid: 9335b5f1-6130-4706-92a4-327166ca9d0d
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1F6B 160 B
863 B 20ms
19ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

23458ab4400bdb14bf1c1ed42695f018b0f8a537be736937a477e624fdf5256f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:32 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.60:80
AN-X-Request-Uuid: f38b9785-4e2f-434f-a170-fe09a8eaa229
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 1F6B 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 6b1e5d87d088e7f39d375ee2390ab2081d40c43fca404b7859326a52122f1865

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:30 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 1F6B 44 B
604 B 35ms
35ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22f8ffd359%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=f8ffd359-3a5d-4b25-9db2-180bdf02a233&pv=f8ffd359-3a5d-4b25-9db2-180bdf02a233&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

d072b333e6271bd46a5c85b2aa8b1b163ae25a717ffc399f2c5b48916bc904e5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:30 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 1F6B 20 B
320 B 68ms
68ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=f8ffd359-3a5d-4b25-9db2-180bdf02a233-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:30 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 1F6B 0
217 B 41ms
40ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=f8ffd359&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:30 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 40ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: db3cd5e69df8b1e12d18ff611f60204b16be2e6e11888497005da136e55e4944

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:30 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 888

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 183C 421 KB
94 KB 43ms
43ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:30 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306710.dop010.wa1.t,1582306710.cds010.wa1.hc,1582306710.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974436
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 183C 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668024
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 183C 159 B
862 B 22ms
22ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

9613d99baf8cd5c0aa3cd1a824331c2f159050337c57b4b354d2d3418d32fb71

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:32 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.56:80
AN-X-Request-Uuid: 649d9b90-b254-4b60-8e93-a3c08f1334fe
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 183C 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: aec78106427133d45e31eac825c2517af770d3ec5530ebdad9940e8e88b8480b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:30 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 183C 44 B
604 B 40ms
39ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22e9f98096%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=e9f98096-4bd0-4b59-806e-c7da145e35a2&pv=e9f98096-4bd0-4b59-806e-c7da145e35a2&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

3f4f894858b12ccef194aa94c8f592a8cca008185ac7612fd3a4c78d18656af1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:30 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 183C 159 B
863 B 20ms
20ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

5117f17be4723f54eb3a94cb07730816cccc79624a2a08f11a9968b43b7f749e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:32 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.102:80
AN-X-Request-Uuid: f1b7a805-2228-4e42-bacb-46aa0ba09ee0
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 183C 20 B
320 B 68ms
67ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=e9f98096-4bd0-4b59-806e-c7da145e35a2-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:30 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 183C 0
217 B 39ms
38ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=e9f98096&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:30 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 92428941ebe99723a5511e43d09eee74cd0ff63d68a82d2910d14610603f81e4

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:30 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 908

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 8004 421 KB
94 KB 45ms
44ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:31 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306711.dop010.wa1.t,1582306711.cds010.wa1.hc,1582306711.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974435
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 8004 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668025
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8004 160 B
863 B 35ms
35ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4118cccc3da0e570e04c5ef085395ed6e78bca5cf628a191bcb2c5aeef459ba9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:33 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.45:80
AN-X-Request-Uuid: 795084a0-422a-4d3d-b3dd-cb8b39b68fdb
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 8004 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 2ec79ed74f55a1a8e3864ced3215c75822cc03a1c3599ef61694f38f8842c8ae

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:31 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 8004 44 B
604 B 39ms
38ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%221896298a%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=1896298a-37a5-4c02-bd5b-ffd9fede6088&pv=1896298a-37a5-4c02-bd5b-ffd9fede6088&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

45f8091b16924167e343838c7fe5c372889e789a64b1b2e24d6b6b6809fe338a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:31 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8004 160 B
863 B 19ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e2ddb430852cd73fc452805803e561c9fa986e5afd5cd6bfd7b3de2a0fc30ab6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:33 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.43:80
AN-X-Request-Uuid: 869b8c69-a298-40a4-8736-619388d143c3
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 8004 20 B
320 B 70ms
69ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=1896298a-37a5-4c02-bd5b-ffd9fede6088-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:31 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 8004 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=1896298a&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:31 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 40ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3656dd4a2eb1e936fa216ffc8c7966068c3cde3495305b979608ef4845a7b1ff

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:31 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 924

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 6DC0 421 KB
94 KB 41ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:31 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306711.dop010.wa1.t,1582306711.cds010.wa1.hc,1582306711.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974435
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 6DC0 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668025
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6DC0 160 B
864 B 38ms
38ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

9630d960006b25383f3830b895fa04ffbf170f1f6a8caee1f9665a311ecea5ed

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:33 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.171:80
AN-X-Request-Uuid: 299095a7-7a08-469d-9623-401bed93294c
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 6DC0 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: bf3539aa255ea8538105016528351c891ef554dabf512df8c5965435159a417c

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:31 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 6DC0 44 B
604 B 34ms
34ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%228780dc9c%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=8780dc9c-dfbc-45af-a527-f802deaede48&pv=8780dc9c-dfbc-45af-a527-f802deaede48&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

ab12f5be0ef87ea47f0ee5b1d6a34ab46ffb01aca6f9ef4cc397afa5419d9908

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:31 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6DC0 160 B
864 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

12476ad8b15c7da2da293fd0f3e983f633c45e7e6396f4af0a548f52c1c9c5f1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:33 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.235:80
AN-X-Request-Uuid: 03ab3b92-436a-4786-b7a2-c9c9a322a39e
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 6DC0 20 B
320 B 68ms
67ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=8780dc9c-dfbc-45af-a527-f802deaede48-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:31 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 6DC0 0
217 B 39ms
38ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=8780dc9c&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:31 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 91f56da98ee9959497a4aeecdd0b16a2d12ec8a44ad535133e426028000d2a86

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:31 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 898

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 84D5 421 KB
94 KB 42ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:31 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306711.dop010.wa1.t,1582306711.cds010.wa1.hc,1582306711.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974435
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 84D5 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668025
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 84D5 160 B
863 B 19ms
19ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

7880306a50ea0ee4bacd648619702956c1d887ecc3aa7c1cf3cdcb49ac4fa7d2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:33 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.54:80
AN-X-Request-Uuid: cc2575e4-6f80-411d-9f7b-80b230784ea0
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 84D5 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 69467d3f6c049914d898ff644873a6292edd5b8d5643a3595e723370f0f92d1d

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:31 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 84D5 44 B
604 B 61ms
61ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22bae9b6f5%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=bae9b6f5-5e39-4054-bcd0-29dbe580950c&pv=bae9b6f5-5e39-4054-bcd0-29dbe580950c&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

430245404c03b816d4fd706d8903abffde2173cf34e6336a84592e52d8f84683

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:31 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 84D5 160 B
863 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

12db7168d9ebde8d6bbb26655815ccaf6b01c76b553fcd00b4fb7642004c69f3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:33 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.69:80
AN-X-Request-Uuid: 435453a8-e96e-4430-b71c-fc019a248ec4
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 84D5 20 B
320 B 69ms
69ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=bae9b6f5-5e39-4054-bcd0-29dbe580950c-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:31 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 2BB6 0
162 B 109ms
109ms Image
text/plain 52.21.193.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:218,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:256,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:249,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:238,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:558,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=060881932faba1beaaf01582306711775&c_pl=d_uu07TFtSURWUvkPIyf9Mq2aydZwR_ypzH4aqGwj0UC33xRY4bgdPPxAQo5ExW9_-2cj0KGWzhG1eiYjK4jS-DuMkj25fflSKOpf74HpOQ3Tk_NUU4PIJSjfw9aw5oooRckk73tBh6r_LlypchkoZKUrupMdlEnagS9EiYSmK_MOaa9ckpnOUaY83i9PhcSDPTNrT3cGc0ry_Y05u_l3Z6x8lOv4xj14xRRIuJk2bMUC05vVKeiSjZMHyPDP8Pb8PpGHZUQGv86ziZ6eZjmmg&c_v=1899_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporat&xplt=false&spp=1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.193.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-193-116.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 17:38:31 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 2BB6 0
162 B 218ms
109ms Image
text/plain 52.21.193.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:1375,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=c58c44c53ca139c9de3a1582306711775&c_pl=d_uu07TFtSURWUvkPIyf9Mq2aydZwR_ypzH4aqGwj0UC33xRY4bgdPPxAQo5ExW9_-2cj0KGWzhG1eiYjK4jS-DuMkj25fflSKOpf74HpOQ3Tk_NUU4PIJSjfw9aw5oooRckk73tBh6r_LlypchkoZKUrupMdlEnagS9EiYSmK_MOaa9ckpnOUaY83i9PhcSDPTNrT3cGc0ry_Y05u_l3Z6x8lOv4xj14xRRIuJk2bMUC05vVKeiSjZMHyPDP8Pb8PpGHZUQGv86ziZ6eZjmmg&c_v=1899_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporat&xplt=false&spp=1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.193.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-193-116.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 17:38:31 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 84D5 0
217 B 38ms
38ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=bae9b6f5&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:31 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
2 KB 39ms
38ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8691570f53cd198041c31c21695b7b5122f1d0b8b3bf2edff7d1253a25ee1486

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:31 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 909

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 249E 421 KB
94 KB 41ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:31 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306711.dop010.wa1.t,1582306711.cds010.wa1.hc,1582306711.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974435
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 249E 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668025
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 249E 159 B
863 B 20ms
20ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

3c5aaaff66d8ee21438e49c9529b1032dd2028a700dfea1df4b643356a00268a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:33 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.165:80
AN-X-Request-Uuid: da466b5c-e500-4d85-8f3a-d8ced6ba4e2b
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 249E 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 46fbdf9f32c575ac886278d2103276c55e3e2e0ca13ae03fb152ed6e63683b15

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:31 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 249E 44 B
667 B 37ms
36ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%220470c975%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=0470c975-9779-44fd-8b6a-31a5e002ee85&pv=0470c975-9779-44fd-8b6a-31a5e002ee85&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

bab886eea220ca75835c0fd196f4ab6ec6d43cb3933eb278b9d0f7bab80cafe9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:32 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 249E 160 B
864 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

945fc7ff0dafc2c5cfe5c8b253fefae6a3f4265e3a37eab7c7a05497a540420c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:33 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.134:80
AN-X-Request-Uuid: 0eef2b9e-cb45-456a-ba31-8144d4fcc8d0
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK c Show response
c.pub.network/ 0
267 B 473ms
116ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:32 GMT
Access-Control-Allow-Credentials: true
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 249E 20 B
320 B 64ms
64ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=0470c975-9779-44fd-8b6a-31a5e002ee85-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:32 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 249E 0
217 B 38ms
38ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=0470c975&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:32 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
38ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 59bae69eba5261f1ce89af49ae31335b17964e93a939c03830d7b7b53d8ca288

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:32 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 911

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame A92A 421 KB
94 KB 42ms
42ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:32 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306712.dop010.wa1.t,1582306712.cds010.wa1.hc,1582306712.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974434
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame A92A 29 KB
8 KB 17ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668026
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A92A 160 B
864 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

5fc86c00269641db9472985e5b72106879354e11d0639cddd733b0798255ddc0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:34 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.184:80
AN-X-Request-Uuid: dc827e7a-9572-4950-8417-fb597267ab69
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame A92A 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: b34a48d259e5765f85ba696caab5bbbbd6d6d3004f3edf8431d8ac3bb530088c

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:32 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame A92A 44 B
604 B 40ms
40ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22cf751cae%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=cf751cae-4651-47b7-9fee-096f3b9da27b&pv=cf751cae-4651-47b7-9fee-096f3b9da27b&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

52bb68b88422ee62092238d2d4b4b7e17bd14c728f6fcf17ded8422a66f95e45

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:32 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A92A 160 B
864 B 27ms
27ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

73883b3f159ef3a32c46f47fa960a8abc3712640168d77f19d6d32365c5a486d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:34 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.106:80
AN-X-Request-Uuid: 3e102e65-5f28-4b6d-8b5f-394751277ba8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame A92A 20 B
320 B 69ms
69ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=cf751cae-4651-47b7-9fee-096f3b9da27b-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:32 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame A92A 0
217 B 39ms
38ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=cf751cae&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:32 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 40ms
40ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 33de09907a0ace6ea19ac47cc786149ed723bd025b32632b989712c2b614ac20

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:32 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 910

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 3567 421 KB
94 KB 41ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:32 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306712.dop010.wa1.t,1582306712.cds010.wa1.hc,1582306712.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974434
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 3567 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668026
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3567 160 B
863 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

3442e41bed4bbedbc95bbd645ea454a0282407e4b361c38592d0f4e2ee97a4b7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:34 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.90:80
AN-X-Request-Uuid: 63ac5b09-2bd8-4cda-a3cd-acbdef9180db
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 3567 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 63d7628647230d09593dacb9624a635883a5377df73997d8304eee9dfd1ab41d

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:32 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 3567 44 B
604 B 34ms
33ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22d021fe75%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=d021fe75-fb46-405b-bcfc-893bb494a03e&pv=d021fe75-fb46-405b-bcfc-893bb494a03e&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

398723607f83d608f2ab999cba4a9a9375f508550be79433126f18325d0c505d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:32 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3567 160 B
863 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

6584e16ab12779a6481e19db1213b994bf1a55076508217348aeafb0d81b1115

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:34 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.90:80
AN-X-Request-Uuid: a6b7ee55-9670-4e65-9d09-b3748065ed8d
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 3567 20 B
320 B 66ms
66ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=d021fe75-fb46-405b-bcfc-893bb494a03e-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:32 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 3567 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=d021fe75&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:32 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 78a26a4797791ebc3e3a4b52915cdc12e601e577cae47290f26d9781f96f46c7

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:32 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 891

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 736D 421 KB
94 KB 41ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:32 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306712.dop010.wa1.t,1582306712.cds010.wa1.hc,1582306712.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974434
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 736D 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668026
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 736D 160 B
864 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

37156fd1c9940a524470a004c74bd8b813bac5fbf039f0f3459cb3be9ab7a32e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:34 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.173:80
AN-X-Request-Uuid: 483460c0-35c7-4f96-aabd-7771505682e8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 736D 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: a4f14dd3f87737dd610c9e6f356b3524c972c245c2c211821ca27dd7fcdfc1cd

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:32 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 736D 160 B
864 B 19ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

5bab2b9a43fed222342ce29326628df0a4df777b847e50d09563dc416faccce5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:34 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.250:80
AN-X-Request-Uuid: 08f7a2c5-46f8-49c8-aad5-38d6ba13234f
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 736D 44 B
604 B 34ms
34ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22cf50c894%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=cf50c894-a731-4924-af43-58f628d2efd7&pv=cf50c894-a731-4924-af43-58f628d2efd7&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

dedd701c278018b9a6ca9524dca3d0d96c9e9f808e8b53d7a8dfdec091842d6e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:32 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 736D 20 B
320 B 69ms
69ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=cf50c894-a731-4924-af43-58f628d2efd7-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:32 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 736D 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=cf50c894&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:32 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2dbcbccb6ed1d5e6001aa7ca3f20e9cbb480adfac58da2499c29afb3ac5353bc

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:33 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 925

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 9F42 421 KB
94 KB 41ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:33 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306713.dop010.wa1.t,1582306713.cds010.wa1.hc,1582306713.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974433
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 9F42 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668027
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9F42 160 B
864 B 27ms
26ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

c7190e9fa97993379ac13912fe6659cf0f54184e85c9e2e9e806ed70915ac9a8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:35 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.105:80
AN-X-Request-Uuid: a1a784b0-470b-41d5-bab2-37d4e92fcf97
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 9F42 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: a6149a13a6d3cddd1c2822f777c5790605e63fd6c9cf8a91a8cb0cab0805dae6

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:33 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 9F42 44 B
667 B 34ms
34ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22ed4496b4%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=ed4496b4-a34b-4e38-8944-91bf3bf8aa74&pv=ed4496b4-a34b-4e38-8944-91bf3bf8aa74&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

bc5cd671d67f8c0dd098bc1ed69087bc08b7c3ce67644a3088c2d0f210514b37

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:33 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9F42 160 B
863 B 19ms
19ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

665a84bc1a63086901838ee25646a332bdc323f54617f233d334538671e356e8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:35 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.39:80
AN-X-Request-Uuid: 163cb00d-f615-4664-8511-34cd8f84665e
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 9F42 20 B
320 B 71ms
71ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=ed4496b4-a34b-4e38-8944-91bf3bf8aa74-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:33 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 9F42 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=ed4496b4&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:33 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c3a914afbdddb803f626269f05bf1b3d026e7c8234d935b3e175994dec7e52dd

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:33 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 920

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 8B6E 421 KB
94 KB 41ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:33 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306713.dop010.wa1.t,1582306713.cds010.wa1.hc,1582306713.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974433
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 8B6E 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668027
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8B6E 160 B
863 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

ab37c65a71def4d216373b2bdcd51efb1a9d7519a744900f4101f8528c9afe13

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:35 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.27:80
AN-X-Request-Uuid: 211965a0-c78b-41c8-a132-ed13db1cf107
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 8B6E 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 42576fc1e668b7f8c844787f417bb5551293e8770e88b580e6ec2b3c47f4d9e9

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:33 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 8B6E 44 B
604 B 34ms
34ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%220434ca97%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=0434ca97-764c-4e81-ae90-b672a76341e4&pv=0434ca97-764c-4e81-ae90-b672a76341e4&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

1778ae1753db90778dd6d87fe1261babcdf932cc66759482f28a5b7a6b01b17c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:33 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8B6E 160 B
864 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

598fced2dc64cc12870e25256c5070347002bc5e189ebaae12a13146483a68c4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:35 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.249:80
AN-X-Request-Uuid: 056c0e1c-ef86-4845-86c8-bf4d69e40eed
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 8B6E 20 B
320 B 66ms
65ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=0434ca97-764c-4e81-ae90-b672a76341e4-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:33 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 8B6E 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=0434ca97&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:33 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 45ms
44ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7d4f1867c091c297e6de34e8b3ea56de6de6903fe9be8b082398b6f021d63c27

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:33 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 907

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame CDB5 421 KB
94 KB 43ms
43ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:33 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306713.dop010.wa1.t,1582306713.cds010.wa1.hc,1582306713.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974433
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame CDB5 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668027
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame CDB5 160 B
864 B 19ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a5fb13ead681567ade849bb165a8caf29dce571f7c7e657abb132b76d86d0709

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:35 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.199:80
AN-X-Request-Uuid: 6958f34f-6959-41f2-9857-b41243d70a05
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame CDB5 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 864a4d18bff5dda81380ec1c76178a00767cb5843d8f25c9c61a82fcd15b0150

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:33 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame CDB5 44 B
604 B 85ms
85ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%220d1a356c%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=0d1a356c-68e8-4fc8-a092-79ad6ee36446&pv=0d1a356c-68e8-4fc8-a092-79ad6ee36446&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

044dc7fd6e3480e12db420544f9f9baff80b6d8121fe611824f72e33a63f60df

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:33 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame CDB5 160 B
863 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

5891c3b694a4c9e28378ec46c107eb41f6b60c94b2609d153a2d2731b08138a6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:35 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.58:80
AN-X-Request-Uuid: 7c6d5de0-4d93-4e50-a6ec-dc05abe775f5
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame CDB5 20 B
320 B 119ms
119ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=0d1a356c-68e8-4fc8-a092-79ad6ee36446-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:33 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame CDB5 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=0d1a356c&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:33 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cb1f20f1d663d16beca71a2f9b981c8e8212db3de9a8497a81c73b87de09b285

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:33 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 903

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 734F 421 KB
94 KB 41ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:33 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306713.dop010.wa1.t,1582306713.cds010.wa1.hc,1582306713.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974433
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 734F 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668028
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 734F 160 B
863 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

50ab92203105007c64c9c1ebc9899032554d40455aa978fb97ed0bf82489329b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:36 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.54:80
AN-X-Request-Uuid: a8049595-dd2b-4170-8981-c3b2a6a8ef85
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 734F 150 B
340 B 14ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 8ca5d034a0cf40c4565595d2c71ce9b9cdc897c69d72572537bedfbaa8a44823

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:34 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 734F 160 B
863 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e04b963298e3b45923f866928531076a6f44e5348c72da33667f35a33add1885

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:36 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.78:80
AN-X-Request-Uuid: c611fe1a-1a77-4f7b-b11d-6a89e8ee551f
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 734F 44 B
604 B 126ms
126ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22fdaafe51%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=fdaafe51-2fa2-4a10-bc69-c28bb70365b5&pv=fdaafe51-2fa2-4a10-bc69-c28bb70365b5&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

760ac76cd0c102d08787e7fd55c0332fa7e2655c9b0a97a2860de8d57bd9a641

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:34 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 734F 20 B
320 B 69ms
69ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=fdaafe51-2fa2-4a10-bc69-c28bb70365b5-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:34 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 734F 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=fdaafe51&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:34 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 40ms
40ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d0f32a2aaf3f20f6b2c8227a6211bb3186cc29d6f2afeb18707d5ec999c371c5

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:34 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 912

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame F0DC 421 KB
94 KB 41ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:34 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306714.dop010.wa1.t,1582306714.cds010.wa1.hc,1582306714.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974432
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame F0DC 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668028
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F0DC 160 B
864 B 19ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

914fdeb029f7933054cadd424dd8761c9dbc6d1f17053a7366e2cfaf62df9f63

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:36 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.141:80
AN-X-Request-Uuid: 13781de7-9c74-40b1-a389-d45d819e62f0
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame F0DC 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e4a77b13401e36cfd8f7c3f7fab76606e7ba74330a02e0f1f275ee3fa0de6554

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:34 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F0DC 160 B
864 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

9b60d22a30633e0fb6f4dab8000ad2c2439927868a37cc648be89b6da92d1b06

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:36 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.149:80
AN-X-Request-Uuid: afd9dbc6-3556-407e-bad5-5b3b81c586d8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame F0DC 44 B
604 B 39ms
39ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%220c0f2ae9%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=0c0f2ae9-3b42-4129-870a-e31f098d5b51&pv=0c0f2ae9-3b42-4129-870a-e31f098d5b51&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

447fd265cd4912b6286b11b2d6adf4732f27dd2447914416fc23ea725a721a20

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:34 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame F0DC 20 B
320 B 72ms
72ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=0c0f2ae9-3b42-4129-870a-e31f098d5b51-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:34 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame F0DC 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=0c0f2ae9&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:34 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 42ms
42ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ac342de9769ddc6dca847f0c6293af8724cf9fbef1cadcbf23ce449fc71d56b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:34 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 916

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 1D2D 421 KB
94 KB 42ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:34 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306714.dop010.wa1.t,1582306714.cds010.wa1.hc,1582306714.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974432
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 1D2D 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668028
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1D2D 160 B
863 B 21ms
21ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

5129647826b3f8e2d5c14c20ffc5a9b2b44440125806bf872a919ee00bf42088

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:36 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.21:80
AN-X-Request-Uuid: afdeeab5-71ec-45d0-8344-a2b1cfc42903
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 1D2D 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 62921fb36246461fdb81c30e18ad7dba53d74451cdca5684d546deb3df0cfb9e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:34 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 1D2D 44 B
604 B 134ms
134ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%220ce8d2c5%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=0ce8d2c5-7cae-4040-9f24-053890bf961a&pv=0ce8d2c5-7cae-4040-9f24-053890bf961a&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

6cb16bfae53244a060693698a4884cd6734cebb7f44d9efbd9670701c5fc7ed0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:34 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1D2D 166 B
1 KB 67ms
67ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4cb55e164641c6b0d742a68730fe4ec46a3d0fad2d4d3d789ada7ad77052ee83

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:36 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.71:80
AN-X-Request-Uuid: f863b649-b822-49f6-a19c-568cc56301ab
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 2BB6 0
162 B 108ms
108ms Image
text/plain 52.21.193.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:224,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:308,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:320,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:221,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:223,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=54174521d486556460df1582306714775&c_pl=d_uu07TFtSURWUvkPIyf9Mq2aydZwR_ypzH4aqGwj0UC33xRY4bgdPPxAQo5ExW9_-2cj0KGWzhG1eiYjK4jS-DuMkj25fflSKOpf74HpOQ3Tk_NUU4PIJSjfw9aw5oooRckk73tBh6r_LlypchkoZKUrupMdlEnagS9EiYSmK_MOaa9ckpnOUaY83i9PhcSDPTNrT3cGc0ry_Y05u_l3Z6x8lOv4xj14xRRIuJk2bMUC05vVKeiSjZMHyPDP8Pb8PpGHZUQGv86ziZ6eZjmmg&c_v=1899_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporat&xplt=false&spp=1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.193.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-193-116.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 17:38:34 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 2BB6 0
162 B 105ms
105ms Image
text/plain 52.21.193.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:216,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:212,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:261,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:214,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:244,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=aee8c8def9b812681c1d1582306714776&c_pl=d_uu07TFtSURWUvkPIyf9Mq2aydZwR_ypzH4aqGwj0UC33xRY4bgdPPxAQo5ExW9_-2cj0KGWzhG1eiYjK4jS-DuMkj25fflSKOpf74HpOQ3Tk_NUU4PIJSjfw9aw5oooRckk73tBh6r_LlypchkoZKUrupMdlEnagS9EiYSmK_MOaa9ckpnOUaY83i9PhcSDPTNrT3cGc0ry_Y05u_l3Z6x8lOv4xj14xRRIuJk2bMUC05vVKeiSjZMHyPDP8Pb8PpGHZUQGv86ziZ6eZjmmg&c_v=1899_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporat&xplt=false&spp=1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.193.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-193-116.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 17:38:34 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 1D2D 20 B
320 B 66ms
66ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=0ce8d2c5-7cae-4040-9f24-053890bf961a-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:34 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 1D2D 0
217 B 38ms
38ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=0ce8d2c5&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:34 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
38ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4cfe73f71fb3a556751fd69fcc74f1a11a21e9e35ab58378ae13245246ac7fc7

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:34 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 927

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame A9D2 421 KB
94 KB 42ms
42ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:34 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306714.dop010.wa1.t,1582306714.cds010.wa1.hc,1582306714.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974432
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame A9D2 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668029
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A9D2 160 B
1018 B 20ms
20ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0be02e60ffdb355e4a3a58d4081fe6fe1c2e89acdc070ac00d4eafc3a6a7d112

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:37 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.54:80
AN-X-Request-Uuid: 98a5e33a-1233-4c76-bd13-44ab9040357f
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame A9D2 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 8c10d02509bbbec44953f78619569b38b04f3c9e9702c60cf4b357b5c6591705

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:35 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame A9D2 44 B
604 B 91ms
90ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22b0152dee%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=b0152dee-77a1-4444-b776-d064d8931995&pv=b0152dee-77a1-4444-b776-d064d8931995&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

5bb492068895c1c36d0e0611ba52313206be55df41da4827b5f033774587ddbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:35 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A9D2 159 B
1018 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

5b74d266e8e826958a5e59a4ec4f051334d9ec73d323c3bc28988067030a72b2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:37 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.118:80
AN-X-Request-Uuid: c5cb41c7-a157-4c42-875d-d57944fcfbe2
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame A9D2 20 B
320 B 81ms
80ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=b0152dee-77a1-4444-b776-d064d8931995-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:35 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame A9D2 0
217 B 39ms
38ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=b0152dee&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:35 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9f34320deda66de131958a8423e9fa53e09abf4d0521f4c0cb67b11b6f037b44

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:35 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 919

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 06C3 421 KB
94 KB 42ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:35 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306715.dop010.wa1.t,1582306715.cds010.wa1.hc,1582306715.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974431
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 06C3 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668029
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 06C3 160 B
1019 B 20ms
19ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

658d82670f53e6e8103d8afd121a7ffd8e31a690449082fb7243687b5d4f2f2b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:37 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.183:80
AN-X-Request-Uuid: 536c461e-d985-4da0-a780-f84afce2fdf4
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 06C3 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d73a7a8a375f2e2e865474b719368a2712ded97d564acb3e7e78f08e7196af4e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:35 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 06C3 160 B
1018 B 19ms
19ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

47e41d9b79c62b5cab368d5618593369e99a6002e979afe784398e4fa411229d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:37 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.41:80
AN-X-Request-Uuid: 795f27ea-d9ea-4453-bfc3-17bf701d09ea
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 06C3 44 B
604 B 35ms
34ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22d8706771%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=d8706771-d028-4cfc-860e-085981ca21f0&pv=d8706771-d028-4cfc-860e-085981ca21f0&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

331aa207311226338e49a889436e6030d37944d54d0cdaaaabb5a24b995aa3a0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:35 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 06C3 20 B
320 B 110ms
110ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=d8706771-d028-4cfc-860e-085981ca21f0-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:35 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 06C3 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=d8706771&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:35 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 15028330643c3606f2b33954b4253e96ac62c388f5a09001120198f3834a1109

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:35 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 903

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame E228 421 KB
94 KB 41ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:35 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306715.dop010.wa1.t,1582306715.cds010.wa1.hc,1582306715.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974431
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame E228 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668029
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E228 166 B
1 KB 42ms
42ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

70a64b4d78fc0547158da6cb98e000f8eee53effa2a8260cd556899fdc5a38ae

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:37 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.118:80
AN-X-Request-Uuid: 4ab5b51c-eae6-4f26-aa1b-4022ce19c58a
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame E228 150 B
340 B 14ms
14ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: a7e2f99a492d279564603e01c9f7a16727074c48bc717f9ec42336b40c0e94da

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:35 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E228 160 B
1018 B 20ms
19ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

f9f70b25f19c23fc490db0116d3b59f8ee97c276c435c4f2dc502fcd46c11949

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:37 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.45:80
AN-X-Request-Uuid: fed77944-cd7f-461d-a08f-e7d069adac6c
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame E228 44 B
604 B 51ms
51ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%229a63aa90%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=9a63aa90-69af-4909-bf8b-2804e88f28a8&pv=9a63aa90-69af-4909-bf8b-2804e88f28a8&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

0e8d963a284a3d3f5e6dd70bf380a55243eadb68c2639374de3b4b8a6c30e39b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:35 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame E228 20 B
320 B 68ms
68ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=9a63aa90-69af-4909-bf8b-2804e88f28a8-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:35 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame E228 0
217 B 38ms
38ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=9a63aa90&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:35 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
38ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2c61208c6f77d46fe33b1b37f8b089cc62d640f373339bc1bf9519c9b9e62fc3

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:35 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 920

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 3A66 421 KB
94 KB 42ms
42ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:35 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306715.dop010.wa1.t,1582306715.cds010.wa1.hc,1582306715.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974431
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 3A66 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668029
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3A66 159 B
1018 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

cb00af18f8521135295cd4cf8aeda8886dfd351858ca52bbeaacd1f11cfa9cd6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:37 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.134:80
AN-X-Request-Uuid: 1164153f-e0e5-431b-a62b-5446aa28a9cc
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 3A66 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 2c7e0765e094f8dbcf2030303678562dfe59ab5bb282269e0469e11f77762c8e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:35 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 3A66 44 B
604 B 39ms
38ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22f2a0ebe1%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=f2a0ebe1-ef68-479b-8616-4ba5ed95e09d&pv=f2a0ebe1-ef68-479b-8616-4ba5ed95e09d&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

3ed31a44acc3f6a72ab3fe1d0beef994ed2632c59e78f19f8d7523bc21559fcb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:36 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3A66 160 B
1018 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

f658e58f607d9d747253921ccd88b301bdd12085e11720fd99a1aafa3bd0771a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:37 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.72:80
AN-X-Request-Uuid: d764edab-26a4-4f30-a770-e5fbcc57a0f3
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 3A66 20 B
320 B 70ms
70ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=f2a0ebe1-ef68-479b-8616-4ba5ed95e09d-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:36 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 3A66 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=f2a0ebe1&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:36 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d25d8e5290c8cd52e7bd033f3062ed25d89aec6d5f494da7d581c6144a313463

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:36 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 902

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 90B8 421 KB
94 KB 43ms
43ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:36 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306716.dop010.wa1.t,1582306716.cds010.wa1.hc,1582306716.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974430
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 90B8 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668030
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 90B8 160 B
1019 B 19ms
19ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

7eeb34eca88eb81908f756c6257073b59ed6813074062c16333ff75db837b95f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:38 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.136:80
AN-X-Request-Uuid: 351874b3-4e57-4cf5-a41b-bab799a8135d
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 90B8 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 2327594c7cd9cbd477d337ecd8c78972957d0c9cee949507278155f03ee95a87

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:36 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 90B8 44 B
604 B 37ms
36ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22a294f7d6%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=a294f7d6-68cf-444c-bdf8-c23bdf12b562&pv=a294f7d6-68cf-444c-bdf8-c23bdf12b562&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

78353077f95d1e7cd7218b5cff3b3836c27daf02c4c93e15c424b718a14af70d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:36 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 90B8 160 B
1018 B 19ms
19ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

c5a5aad4b20b0a3e151b279aafbdfde18f808202b6aecb81828300e9a241070a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:38 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.44:80
AN-X-Request-Uuid: bebba59a-97e0-4725-8d9e-ed3f2828fc00
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 90B8 20 B
320 B 75ms
75ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=a294f7d6-68cf-444c-bdf8-c23bdf12b562-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:36 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 90B8 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=a294f7d6&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:36 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 41ms
40ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: af8ed8265d2e6f4b504779e6bb2de959eda8ccde7d70ca3f9c2b9a1596c2735d

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:36 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 907

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 3421 421 KB
94 KB 42ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:36 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306716.dop010.wa1.t,1582306716.cds010.wa1.hc,1582306716.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974430
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

POST
H/1.1 200
OK c Show response
c.pub.network/ 0
267 B 117ms
116ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:36 GMT
Access-Control-Allow-Credentials: true
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 3421 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668030
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3421 160 B
1018 B 21ms
21ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

7f1f5ebf9669d1793569f0747cc8f1f26d67836fb081668479e5021e768b9ae3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:38 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.53:80
AN-X-Request-Uuid: 633ba879-4699-42d3-8eca-20005aadcbaf
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 3421 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: b055d1edd7b183745c2466c7b75b85bbeddc9083d291c3c14f1fd31124937e1f

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:36 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 3421 44 B
604 B 42ms
42ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%225290d7b8%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=5290d7b8-8b30-4c32-bd18-259a1d182be0&pv=5290d7b8-8b30-4c32-bd18-259a1d182be0&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

7983d7b8c3b39f23dffbab7cb5c4b8f66a5afd0d60d5b23088496ad4e574ad59

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:36 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3421 160 B
1019 B 20ms
20ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

660ca7b7fdf098a1576cca912c9944766fcaf470838870c9cf19e9ec3b1f26b9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:38 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.185:80
AN-X-Request-Uuid: 461f6ebf-a051-4a59-b5b9-75165d7c202d
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 3421 20 B
320 B 70ms
70ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=5290d7b8-8b30-4c32-bd18-259a1d182be0-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:36 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 3421 0
217 B 40ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=5290d7b8&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:36 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 40ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 91eccc494b2eb83e324d7634cc872e3eec562ada2720998eea09dba0292a7b93

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:36 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 899

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 4B9A 421 KB
94 KB 42ms
42ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:36 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306716.dop010.wa1.t,1582306716.cds010.wa1.hc,1582306716.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974430
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 4B9A 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668030
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4B9A 160 B
1019 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

9b163e49368f6f883829a3ee1670036950d461a709bd07dd5b2fba2f9c522a38

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:38 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.211:80
AN-X-Request-Uuid: 12b14ae7-c600-45cc-ba41-89ef6ab3e692
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 4B9A 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 5d208c168dad30251e30d5d3da0745a33ecce9ade3248320aa0c0d84dedefd0a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:36 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 4B9A 44 B
604 B 44ms
43ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22136d5fce%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=136d5fce-1557-4e86-8a0d-244be41cbb09&pv=136d5fce-1557-4e86-8a0d-244be41cbb09&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

7a6c104cbe6596403d3970005f12113b10dd150be77bc9b5fd52791ae09af304

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:36 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4B9A 160 B
1018 B 19ms
19ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e447fdd02c699d7b974d193a8c4676532923dede7a7dceb7b0dff5dbddcdb895

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:38 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.49:80
AN-X-Request-Uuid: 96f6b679-8114-481e-9d82-a235c3d739c0
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 4B9A 20 B
320 B 72ms
71ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=136d5fce-1557-4e86-8a0d-244be41cbb09-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:37 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK c Show response
c.pub.network/ 0
267 B 119ms
118ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:37 GMT
Access-Control-Allow-Credentials: true
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 4B9A 0
217 B 40ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=136d5fce&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:37 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 40ms
40ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 155d6f1320008aad28ca1659e9c082e07889a5eb8e5e634598f91897c1f7b019

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:37 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 912

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 45A8 421 KB
94 KB 41ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:37 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306717.dop010.wa1.t,1582306717.cds010.wa1.hc,1582306717.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974429
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 45A8 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668031
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 45A8 160 B
1019 B 19ms
19ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

3a4921ea23b5e74ba836617ba25cd780f7b5ed3d765f3df9f44e4bc9254ce1b6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:39 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.134:80
AN-X-Request-Uuid: ec66aa6e-7d46-4846-a8d0-844fd01322a2
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 45A8 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 970b5054c1c59c7055a55aaa6748abfeedfb44923e596ba048d01feb3698a5d6

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:37 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 45A8 44 B
667 B 39ms
39ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22996750f5%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=996750f5-9d5a-496c-a0ce-cab0aac047d5&pv=996750f5-9d5a-496c-a0ce-cab0aac047d5&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

56d59cd0070b1dabed2459a365733c8bc82f7c6e8162cc528bffdf1fbd75da1e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:37 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 45A8 166 B
1 KB 92ms
92ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

3cb7e8e5922f618b55af6f0aaff98a3ea1b1a0fd2bcd109d5b3bd15e2ab92545

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:39 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.141:80
AN-X-Request-Uuid: 0edb4f5d-b2f6-4050-a23a-4db57f73148d
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 45A8 20 B
320 B 69ms
69ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=996750f5-9d5a-496c-a0ce-cab0aac047d5-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:37 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 45A8 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=996750f5&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:37 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
2 KB 40ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d6fd2d25aaaa144bd88f20e2256ba096884611812e21cf320bb4f28d6f423aba

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:37 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 907

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame F772 421 KB
94 KB 41ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:37 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306717.dop010.wa1.t,1582306717.cds010.wa1.hc,1582306717.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974429
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame F772 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668031
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F772 160 B
864 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

7688a9786ea4c66bb1f656e1684fd6c9fcac248bc5b0cf969ad82cf058418e96

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:39 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.101:80
AN-X-Request-Uuid: 94d70861-4073-415c-bba2-c6c1cea7b9ec
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame F772 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 89d44c7901590acb1c025613d863b54a6b10a58f05ad086c5b569df8f1310eef

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:37 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame F772 44 B
671 B 39ms
39ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22c2fb3ae4%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=c2fb3ae4-8b98-439f-b1ee-bc397a52e872&pv=c2fb3ae4-8b98-439f-b1ee-bc397a52e872&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

400e7d426d20339562987c6094c26b9e925f928439d6ec13b9d9a6a7c0965860

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:37 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F772 160 B
863 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

c47ab623b7ce80082e44fe69c7472846dc99ae4e4e874f0937ea04b4a4f77380

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:39 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.80:80
AN-X-Request-Uuid: 5b7d6128-d468-4345-9c6b-e619f8d0403c
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame F772 20 B
320 B 68ms
68ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=c2fb3ae4-8b98-439f-b1ee-bc397a52e872-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:37 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame F772 0
217 B 40ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=c2fb3ae4&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:37 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
38ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9b22f21be9fa4851af90ab644548a2ce77bad23a28d626d2083db4ccb30715a5

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:37 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 902

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 1527 421 KB
94 KB 84ms
82ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:37 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306717.dop010.wa1.t,1582306717.cds010.wa1.hc,1582306717.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974429
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 2BB6 0
162 B 108ms
107ms Image
text/plain 52.21.193.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:230,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:279,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:254,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:268,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:228,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=1be94498caaa053343731582306717776&c_pl=d_uu07TFtSURWUvkPIyf9Mq2aydZwR_ypzH4aqGwj0UC33xRY4bgdPPxAQo5ExW9_-2cj0KGWzhG1eiYjK4jS-DuMkj25fflSKOpf74HpOQ3Tk_NUU4PIJSjfw9aw5oooRckk73tBh6r_LlypchkoZKUrupMdlEnagS9EiYSmK_MOaa9ckpnOUaY83i9PhcSDPTNrT3cGc0ry_Y05u_l3Z6x8lOv4xj14xRRIuJk2bMUC05vVKeiSjZMHyPDP8Pb8PpGHZUQGv86ziZ6eZjmmg&c_v=1899_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporat&xplt=false&spp=1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.193.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-193-116.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 17:38:37 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 2BB6 0
162 B 105ms
104ms Image
text/plain 52.21.193.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:223,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:232,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:258,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:285,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:315,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=21b280e46b28590475b81582306717776&c_pl=d_uu07TFtSURWUvkPIyf9Mq2aydZwR_ypzH4aqGwj0UC33xRY4bgdPPxAQo5ExW9_-2cj0KGWzhG1eiYjK4jS-DuMkj25fflSKOpf74HpOQ3Tk_NUU4PIJSjfw9aw5oooRckk73tBh6r_LlypchkoZKUrupMdlEnagS9EiYSmK_MOaa9ckpnOUaY83i9PhcSDPTNrT3cGc0ry_Y05u_l3Z6x8lOv4xj14xRRIuJk2bMUC05vVKeiSjZMHyPDP8Pb8PpGHZUQGv86ziZ6eZjmmg&c_v=1899_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporat&xplt=false&spp=1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.193.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-193-116.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 17:38:37 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 1527 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668031
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1527 159 B
863 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

2dffc1a06e3d8170bacc6f1202b5c2ec267f02883ade7681bbbc6f8350db949b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:39 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.182:80
AN-X-Request-Uuid: 5166d83b-13e9-44c0-a854-2a2aff1d1b35
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 1527 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 1d1af35f53a65f46bf475b1619fd8e7179bc8f23df4ed1ebe80c64d0d2e58fd4

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:37 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 1527 44 B
606 B 39ms
39ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22df601c2b%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=df601c2b-06cd-4715-bf1a-dfd0619d9f1d&pv=df601c2b-06cd-4715-bf1a-dfd0619d9f1d&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

4312a1d379cc6de0edaad6168cea4cf2601375cafb2155139f25e7ac86360af2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:37 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1527 160 B
864 B 21ms
20ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4fb182978d7f0625d52381d3a9a430019414a136c1c026bbef0db4d43e21851a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:39 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.182:80
AN-X-Request-Uuid: c9e8ee79-ce77-4c80-bddb-b9f6481e05b1
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 1527 20 B
320 B 67ms
66ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=df601c2b-06cd-4715-bf1a-dfd0619d9f1d-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:37 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 1527 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=df601c2b&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:38 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 750b825e61ce62eb95eae9e71d3ef9607387ee6458d90445fa57467be914e3c2

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:38 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 898

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 78D5 421 KB
94 KB 41ms
40ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:38 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306718.dop010.wa1.t,1582306718.cds010.wa1.hc,1582306718.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974428
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 78D5 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668032
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 78D5 166 B
1 KB 35ms
35ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

37529cb0ee30c7b602d120abc0206b3a184572fb4b11e7fb3baa7fff01dd6ca0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:40 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.44:80
AN-X-Request-Uuid: d02ebe2f-aa0f-4595-a2f7-37e53f7db6d0
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 78D5 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: ea397d9a93576816b4d35bb274717929e435938c2a9472261a36562ded7fb77a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:38 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 78D5 44 B
606 B 34ms
33ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%2202fe3f25%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=02fe3f25-2f9b-40d4-8824-b48717502ee9&pv=02fe3f25-2f9b-40d4-8824-b48717502ee9&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

4c72f860d263a55dbdf2adc44bb2f29ba251b28b96a4fe5626f7ed6bef41cc21

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:38 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 78D5 166 B
1 KB 78ms
78ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

ea3ecc6138722bf0615ca2d0b1d4a139a603aad1d5c92c3ed5b79453bb382782

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:40 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.184:80
AN-X-Request-Uuid: 347ed3e6-c326-4ff3-a7b3-70111bf1d8ff
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 78D5 20 B
320 B 81ms
80ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=02fe3f25-2f9b-40d4-8824-b48717502ee9-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:38 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 78D5 0
217 B 38ms
38ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=02fe3f25&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:38 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
38ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 71b97599b6393cc1e12f3164c06352c055bd1c31f668899980248dd72ffad911

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:38 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 900

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 6082 421 KB
94 KB 42ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:38 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306718.dop010.wa1.t,1582306718.cds010.wa1.hc,1582306718.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974428
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 6082 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668032
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6082 160 B
1019 B 24ms
24ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

69e3b3bbd5e0bb4497074f74e007d93399a774ff3558bc213c63dfe3a9ac7dbf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:40 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.173:80
AN-X-Request-Uuid: 114406cc-7f8c-4c45-a532-66af66ac4f40
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 6082 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e085ef8768c0135045e1b782b542237797187b0bf79ad1276a6ecf7f9cbc2dd9

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:38 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 6082 44 B
606 B 63ms
62ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22cd29fcc9%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=cd29fcc9-fa28-4246-9c0a-edc5344e592d&pv=cd29fcc9-fa28-4246-9c0a-edc5344e592d&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

8d1d64b0c435402981521298a45c35847c7e524e1b84c5b9e1248aff748b9f2f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:38 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6082 166 B
1 KB 67ms
67ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

18a8b59282d0f9dc992826b121d1638f8ce13189178c0041693d8a72c109be62

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:40 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.212:80
AN-X-Request-Uuid: 3003da4a-1fd9-4e99-9436-ea57f4b86a65
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 6082 20 B
320 B 70ms
69ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=cd29fcc9-fa28-4246-9c0a-edc5344e592d-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:38 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 6082 0
217 B 39ms
38ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=cd29fcc9&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:38 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 40ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7bd927e1b42f04b8371fae70efdd01647cd97330cc9c58bb6e2138e10d0c2bd7

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:38 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 909

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 5E05 421 KB
94 KB 42ms
42ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:38 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306718.dop010.wa1.t,1582306718.cds010.wa1.hc,1582306718.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974428
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 5E05 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668032
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5E05 160 B
1019 B 80ms
79ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

d92223cd1f794bb20f95b01ad4366c5bc9461d07906e13cae2bb395133f9e2f8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:40 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.140:80
AN-X-Request-Uuid: 2ab6268e-ce02-4570-b916-68d98b375c77
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 5E05 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 96f2d12f315453f7aa9495aa5ca9e18ef0b55ff31e8127fe3205b4f6b1519934

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:38 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 5E05 44 B
606 B 34ms
33ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22856dae70%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=856dae70-2aaa-4c4b-b2aa-0ae2a18d8d47&pv=856dae70-2aaa-4c4b-b2aa-0ae2a18d8d47&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

27f79a70fb7878fe2135b5c1dab5cedcc923850a21d4dc0dbfcd11443ef9d46a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:38 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5E05 166 B
1 KB 80ms
80ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

9e790d3e4815926db509c0af62ff2f8663db4b54d6fb9c9a54a5988dd7782f1b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:40 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.240:80
AN-X-Request-Uuid: 47355d65-9928-41bc-84c1-c2d2d386759f
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 5E05 20 B
320 B 68ms
68ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=856dae70-2aaa-4c4b-b2aa-0ae2a18d8d47-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:38 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 5E05 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=856dae70&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:38 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK c Show response
c.pub.network/ 0
267 B 116ms
115ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:39 GMT
Access-Control-Allow-Credentials: true
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
38ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ec1919c7b1af822d69e238322830fa7fee61e127ddace3e8169bf1c4bcd9640

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:39 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 918

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 7CB7 421 KB
94 KB 41ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:39 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306719.dop010.wa1.t,1582306719.cds010.wa1.hc,1582306719.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974427
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 7CB7 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668033
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7CB7 160 B
1019 B 20ms
20ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

9f85a0f311f0cb2d5cfc9fae8dfefd52b7228c78cfcf3e220a8b152ab165cd05

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:41 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.171:80
AN-X-Request-Uuid: 4fa5eb8b-95ca-497f-ace7-b326e036dbba
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 7CB7 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 3898907ac255d53bf1bc0e6c7e7ae6a131e818970ba5bcd027abaa3badf989c6

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:39 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 7CB7 44 B
606 B 39ms
38ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%221a763ee9%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=1a763ee9-d583-413e-8bc0-9dcff18843fd&pv=1a763ee9-d583-413e-8bc0-9dcff18843fd&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f3abeeeb12cb01345e2495f0a41f28628cfed89f21b54fe39305be94149e9c0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:39 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7CB7 166 B
1 KB 104ms
103ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e342f17423c55554014e7cf44715340677b5979a014690b90e717204197f68d7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:41 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.140:80
AN-X-Request-Uuid: 40c18fdc-92ba-4cb1-afec-faadde9c553a
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 7CB7 20 B
320 B 106ms
106ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=1a763ee9-d583-413e-8bc0-9dcff18843fd-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:39 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 7CB7 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=1a763ee9&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 68ms
67ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3e0825e4064a326414596828f14b67862b0d9b2a8d9e12417c92e79f56560826

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:39 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 908

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame D45B 421 KB
94 KB 41ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:39 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306719.dop010.wa1.t,1582306719.cds010.wa1.hc,1582306719.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974427
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame D45B 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668033
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame D45B 159 B
1018 B 21ms
20ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

180f64a6a9f628161c88b6970715d79ee3523a2d7840e6291f449c766f71253d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:41 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.118:80
AN-X-Request-Uuid: e2a7a23a-2a74-42bf-bcee-6373edc4ab31
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame D45B 150 B
340 B 14ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 34db6c3bdf77583a25ab7f07c755b83d0086878be9d75899dc192cf0fc222912

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:39 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame D45B 160 B
1019 B 19ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

19c2bbb5653335bbde74f7c12d54b0edc86db58e95cd52bd79a1f072c0cd5f6c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:41 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.103:80
AN-X-Request-Uuid: ea184145-7ff3-4295-a9b8-3b28cf3aad99
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame D45B 44 B
606 B 35ms
34ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%2255553399%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=55553399-4571-4194-8776-99c266ea8df7&pv=55553399-4571-4194-8776-99c266ea8df7&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

c79571197fd32a0c1ff35c064f2e8775896453b091b0ff87ec0457a204219790

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:39 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame D45B 20 B
320 B 69ms
69ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=55553399-4571-4194-8776-99c266ea8df7-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:39 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame D45B 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=55553399&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e0972e6dcebb6cf863dc47442bd5397ce4fe6582171ead0a041c3399b7385fdf

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:39 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 912

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 3532 421 KB
94 KB 47ms
46ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:39 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306719.dop010.wa1.t,1582306719.cds010.wa1.hc,1582306719.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974427
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 3532 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668033
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3532 160 B
1018 B 19ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

993e0ec9ae859616c7d0dbc8b57cd64567f104c6bc4fe9f63da9b03459d14b0a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:41 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.51:80
AN-X-Request-Uuid: ad982fcf-bb0a-4230-b9ef-b1de3a263073
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 3532 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 7e77d6bfbf4f62f165907af074429b77e94c0bc0fe2f2e8478e56c6811c07330

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:39 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 3532 44 B
606 B 35ms
34ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%221bfc08f0%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=1bfc08f0-76fb-413e-a602-4cd4b9d03f44&pv=1bfc08f0-76fb-413e-a602-4cd4b9d03f44&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

2913cda183b0068884ddb1a4eb27014340302ab2ecb1fb3f568af698ce9e3abb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:39 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3532 160 B
1019 B 19ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

2609fd87e8cb3aa43d76477b84ec93f920c50ad2cf58a5b232cba90051bada05

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:41 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.106:80
AN-X-Request-Uuid: cc659a58-1bbb-4063-ae8d-0f165e392c07
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 3532 20 B
320 B 70ms
69ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=1bfc08f0-76fb-413e-a602-4cd4b9d03f44-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:39 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 3532 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=1bfc08f0&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 43ms
43ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3d9081ae00b571abbc43eca840edce641f1db0ac4bf863421d9c5958099e05be

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:40 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 897

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 5446 421 KB
94 KB 52ms
51ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:40 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306720.dop010.wa1.t,1582306720.cds010.wa1.hc,1582306720.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974426
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 5446 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668034
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5446 160 B
1018 B 20ms
20ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

75944df61aae8b0d6f1baffe27bd455ce9e888492b2fbc3063e94e9f377fe820

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:42 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.47:80
AN-X-Request-Uuid: 7ef4066e-511f-42cc-a5cd-c551e483d2f8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 5446 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 129e141956f5618959987a187765b6b86a18636fbd7513c7e0d10ff075812f52

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:40 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 5446 44 B
606 B 35ms
34ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%227479d473%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=7479d473-ab8a-419f-81f1-418d9604d243&pv=7479d473-ab8a-419f-81f1-418d9604d243&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

e99fc494f2c90bb4fa47f003d020de7540a6b6edd065aa1d0e35a668079c6e0b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:40 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5446 160 B
1019 B 19ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

90355ec8b214e00127bdbbc907dd4918b35e503b9ccd23e79fe053be14c9d055

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:42 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.173:80
AN-X-Request-Uuid: 8994b240-1d89-4fd7-8d17-6a3a4f29fb04
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 5446 20 B
320 B 73ms
73ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=7479d473-ab8a-419f-81f1-418d9604d243-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:40 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 5446 0
217 B 41ms
40ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=7479d473&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:40 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6fdaabf04c137f15f7c938131c1bbe46efccf8ad1ac2e81929829ae857f8ebb6

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:40 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 912

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 11F5 421 KB
94 KB 56ms
56ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:40 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306720.dop010.wa1.t,1582306720.cds010.wa1.hc,1582306720.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974426
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 11F5 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668034
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 11F5 160 B
1019 B 23ms
23ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

3e272f6a65a34b8ebef941488cf1001d6e1623141415a0f5ec4aca65a3594a70

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:42 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.174:80
AN-X-Request-Uuid: 06547c4c-2ded-4f1e-8344-198d42aa1f61
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 11F5 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 410cae8789f60d8f933e08a281f060e843bcf82afe38f819e4c01d1762b3bfe8

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:40 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 11F5 44 B
606 B 39ms
38ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22e95f41bf%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=e95f41bf-0c79-484d-b916-cda4315971c1&pv=e95f41bf-0c79-484d-b916-cda4315971c1&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

867066f9103321a1e0ea6be5839f027653a74893522a92bc274fac8c7f6681cf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:40 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 11F5 160 B
1017 B 19ms
19ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

f6dac89092397e9cc867b833d2d3da307888d0c8781e2353d378c8c69c37af6d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:42 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.8:80
AN-X-Request-Uuid: ba202998-0f88-40dd-9eb2-1063f8f98750
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 11F5 20 B
320 B 68ms
67ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=e95f41bf-0c79-484d-b916-cda4315971c1-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:40 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 11F5 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=e95f41bf&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:40 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dea9630f3bf9f303f85a059980c051da520328a5acc9efc2cae453fce9db6af7

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:40 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 901

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame D7AC 421 KB
94 KB 42ms
42ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:40 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306720.dop010.wa1.t,1582306720.cds010.wa1.hc,1582306720.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974426
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame D7AC 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668034
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame D7AC 160 B
1018 B 89ms
88ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

38770ce27de5a228da0f95fc27b81925457524f8f0b102d0e2137175f02f0ec2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:42 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.40:80
AN-X-Request-Uuid: 448495ba-ab25-4db7-9725-e346f35dc6a5
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame D7AC 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 62e3f604fa5bc27b8dd167b7ac44cfe196d5b436282574d1a5f4ecd232f9cc37

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:40 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame D7AC 44 B
606 B 33ms
33ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22307e86d6%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=307e86d6-6b1c-4223-bcdc-908a33404c9c&pv=307e86d6-6b1c-4223-bcdc-908a33404c9c&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

531e56ff32e01924c598562ea2927321feff7e93cd94eb06da8c94255d1a880b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:40 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame D7AC 160 B
1018 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

154cf86aa3e567aab9a575ee89c1f2fe2f8ab6709e2b01b212359b246ccb9025

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:42 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.37:80
AN-X-Request-Uuid: b270bde7-6177-4c76-a7e3-c4899a1e77b5
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 2BB6 0
162 B 109ms
108ms Image
text/plain 52.21.193.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:235,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:238,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:225,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:219,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:334,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=53f631f1afb5e0a6570f1582306720778&c_pl=d_uu07TFtSURWUvkPIyf9Mq2aydZwR_ypzH4aqGwj0UC33xRY4bgdPPxAQo5ExW9_-2cj0KGWzhG1eiYjK4jS-DuMkj25fflSKOpf74HpOQ3Tk_NUU4PIJSjfw9aw5oooRckk73tBh6r_LlypchkoZKUrupMdlEnagS9EiYSmK_MOaa9ckpnOUaY83i9PhcSDPTNrT3cGc0ry_Y05u_l3Z6x8lOv4xj14xRRIuJk2bMUC05vVKeiSjZMHyPDP8Pb8PpGHZUQGv86ziZ6eZjmmg&c_v=1899_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporat&xplt=false&spp=1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.193.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-193-116.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 17:38:40 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 2BB6 0
162 B 106ms
105ms Image
text/plain 52.21.193.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:270,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:255,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:273,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:262,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=cd98917232cb1bfbc72a1582306720778&c_pl=d_uu07TFtSURWUvkPIyf9Mq2aydZwR_ypzH4aqGwj0UC33xRY4bgdPPxAQo5ExW9_-2cj0KGWzhG1eiYjK4jS-DuMkj25fflSKOpf74HpOQ3Tk_NUU4PIJSjfw9aw5oooRckk73tBh6r_LlypchkoZKUrupMdlEnagS9EiYSmK_MOaa9ckpnOUaY83i9PhcSDPTNrT3cGc0ry_Y05u_l3Z6x8lOv4xj14xRRIuJk2bMUC05vVKeiSjZMHyPDP8Pb8PpGHZUQGv86ziZ6eZjmmg&c_v=1899_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporat&xplt=false&spp=1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.193.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-193-116.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 17:38:40 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame D7AC 20 B
320 B 77ms
77ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=307e86d6-6b1c-4223-bcdc-908a33404c9c-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:40 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame D7AC 0
217 B 40ms
40ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=307e86d6&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:40 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
38ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bc780eea2ad4cb837f8d4843dabe81132ff2c0529832d4f424c51c91d25be6db

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:40 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 908

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 42F8 421 KB
94 KB 44ms
44ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:40 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306720.dop010.wa1.t,1582306720.cds010.wa1.hc,1582306720.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974426
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 42F8 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668035
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 42F8 160 B
1019 B 19ms
19ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

9b56f99985c4a748447fc9c685d6bcffa243dbe9f42b45f1e7b3ac2704fb284a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:43 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.230:80
AN-X-Request-Uuid: 84c2627b-1696-4d43-8640-f17f5e23ccb8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 42F8 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 4cf0d88c2433234149425764eb6f5a3451485e4e0c07277d92cc5056d4d20fcb

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:41 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 42F8 44 B
671 B 35ms
35ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%2286206676%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=86206676-6eea-4dc2-b765-eca68908a7bd&pv=86206676-6eea-4dc2-b765-eca68908a7bd&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

46f8d89228d0bb2799a189aa3a5b5e0a88d46e5328e566a34af564f3aeb3e9f6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:41 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 42F8 166 B
1 KB 62ms
62ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

bb33bc2a303b4ca0e473cc89af1b1919d6a1b52f751950fe02bcf97159db6719

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:43 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.19:80
AN-X-Request-Uuid: 0d6a099e-0e9a-4011-8773-912f51649568
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 42F8 20 B
320 B 72ms
72ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=86206676-6eea-4dc2-b765-eca68908a7bd-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:41 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 42F8 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=86206676&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:41 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
2 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 91648f1382bd4cdec2938dc47e28d9cef63283333fa2ed92dd565078847e842b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:41 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 903

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame F311 421 KB
94 KB 42ms
42ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:41 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306721.dop010.wa1.t,1582306721.cds010.wa1.hc,1582306721.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974425
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame F311 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668035
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F311 158 B
861 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

554a09c6d88f9ef3bed220d1bf23c6880f4a914c713598d11d05ed20fa2bf971

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:43 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.44:80
AN-X-Request-Uuid: 5df294ad-7bcb-4a8b-b835-63e77b91e80d
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 158
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame F311 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 63a20bf5c2c28fb5b3eee817a7c09f5706d7714ab606ab70a2897f5473e57d8b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:41 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame F311 44 B
671 B 34ms
34ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%227b02aba4%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=7b02aba4-d889-46cb-a124-6d2d1a3339f7&pv=7b02aba4-d889-46cb-a124-6d2d1a3339f7&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

7476feefdf307428d15d427763974a24fa0c6d3495293189f15022138237429a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:41 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F311 160 B
863 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

3280244d8f6d0bb8493b793fc6985e261b79adfa3548caaaac6faa096ecf8277

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:43 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.48:80
AN-X-Request-Uuid: 5f7b04f1-37a1-4bee-9855-fdbc5b347946
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame F311 20 B
320 B 70ms
70ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=7b02aba4-d889-46cb-a124-6d2d1a3339f7-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:41 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame F311 0
217 B 40ms
40ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=7b02aba4&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:41 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 40ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bd3fea3096ec7ee2ec481daace7e110dfd75188807e97133e7f98f53586e67e1

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:41 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 921

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 1D74 421 KB
94 KB 43ms
42ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:41 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306721.dop010.wa1.t,1582306721.cds010.wa1.hc,1582306721.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974425
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 1D74 29 KB
8 KB 17ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668035
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1D74 166 B
1 KB 26ms
25ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

3f2e7b64013a235c6341a135f4c725c7623ee8e145658a9b8a29cccb694465a0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:43 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.141:80
AN-X-Request-Uuid: e2350515-3ef5-4d4e-9614-8676e622a06f
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 1D74 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: b230ac87604bc11c5fc3cdfe049c9094724b894bbbfe6ff32c97310e52c4e118

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:41 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 1D74 44 B
606 B 62ms
61ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22128ca359%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=128ca359-b9f9-4fa0-97de-b8e469be755d&pv=128ca359-b9f9-4fa0-97de-b8e469be755d&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

216b102f3e196a7b7ad74763bcd5ab7e72c66e157d4bf3b492f0651cc3e551f1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:41 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1D74 160 B
863 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b7b5545d71f021e10006652f3a93de9f5ef13f3090fe5a8ca3557c7ed13562fb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:43 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.77:80
AN-X-Request-Uuid: 10dc464c-1b11-4746-b0ef-c82bcf934497
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 1D74 20 B
320 B 67ms
67ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=128ca359-b9f9-4fa0-97de-b8e469be755d-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:41 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 1D74 0
217 B 40ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=128ca359&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:41 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK g Show response
rtb.connatix.com/ 81 B
288 B 104ms
103ms Script
text/plain 52.54.227.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.connatix.com/g?c_pw=834&c_ph=470&c_tk=C018218D-4AD0-4E01-8158-045425E65946&c_bu=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&c_ivt=0&connatix_sess=hPNiO8CAQZ9cSAUJUVVtK8a7f4N0OBJwz2-JvhgYkD2hL-LQe91mQSZ4h03FOUvus5x7L9FntdbMKep4LbFo95l6K3Syea909c_kEe8S6_gWCyRUXmO86UN5LQW-eXTU3FFmpzhqJB-Mpq-uSzJau2Q66VRxpXF-rbIK4sZv7w01JwtdNPpRKOQ227RM9jbO&notServed=false&xplr=true&c_s=false&c_pl=d_uu07TFtSURWUvkPIyf9Mq2aydZwR_ypzH4aqGwj0UC33xRY4bgdPPxAQo5ExW9_-2cj0KGWzhG1eiYjK4jS-DuMkj25fflSKOpf74HpOQ3Tk_NUU4PIJSjfw9aw5oooRckk73tBh6r_LlypchkoZKUrupMdlEnagS9EiYSmK_MOaa9ckpnOUaY83i9PhcSDPTNrT3cGc0ry_Y05u_l3Z6x8lOv4xj14xRRIuJk2bMUC05vVKeiSjZMHyPDP8Pb8PpGHZUQGv86ziZ6eZjmmg&gdpr=1&is_ccpa_b=false&med_id=639404&req_no=3&v=1&c_pt=1&c_f=[{id:14547,r:7,i:0,f:2.08}]&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporat&c_v=1899_1_0_0_0&spp=1&callback=cnxJSONP_61463ceeefefd6850b3f1582306721822
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.227.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-227-62.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: 5a21a4cb857df7159174067df1f947f8b706dc1451c24889a82de8646c8475e5

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 17:38:41 GMT
Content-Encoding: gzip
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 100

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8a7eb53c5c2b87629a119f70176d03e6938ddc1be887aa22cff8390fa20be353

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:41 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 919

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 8782 421 KB
94 KB 42ms
42ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:41 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306721.dop010.wa1.t,1582306721.cds010.wa1.hc,1582306721.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974425
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 8782 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668035
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8782 166 B
1 KB 25ms
25ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

deb52badad3213b8f33b3afe59edcaa014ebda6aea4d2e219c8a22ba69dbd2a5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:44 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.168:80
AN-X-Request-Uuid: 81037caf-76cc-4a46-b059-a9168fc103ff
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 8782 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: a0742a1a0f0b3edf4cb5767b30c1728fd01b6e52fd726f5482c1de2377eddd0e

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:42 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 8782 44 B
606 B 61ms
61ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%221caeedc8%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=1caeedc8-6f05-464c-adde-5cba5c958768&pv=1caeedc8-6f05-464c-adde-5cba5c958768&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

d0d2a3bcb34584d100d81ba261567987955473bb45efa15c35f7fe3788a48ef5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:42 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8782 160 B
1018 B 19ms
19ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

f2c8dfd930528a1991f678b8e5359dae6c814e41f1251532dc822a53c315e757

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:44 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.18:80
AN-X-Request-Uuid: e528f455-a72b-491c-a507-3c5d387115e4
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 8782 20 B
320 B 108ms
107ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=1caeedc8-6f05-464c-adde-5cba5c958768-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:42 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 8782 0
217 B 39ms
38ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=1caeedc8&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:42 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5a499bd13a76008d0d7c08f416db4203dbf2f762fbe73bb2ab01f03a079bdc60

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:42 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 905

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame BA7A 421 KB
94 KB 42ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:42 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306722.dop010.wa1.t,1582306722.cds010.wa1.hc,1582306722.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974424
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame BA7A 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668036
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BA7A 160 B
1018 B 20ms
20ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

254d59bb57cbf052eb7ec9df366a56483ce9e2887151f455053ad29e0958ab50

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:44 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.55:80
AN-X-Request-Uuid: 5d7d5868-9dc1-443e-8995-442087e7a5ef
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame BA7A 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e2e10699dade2381312c430f8117b9e38690a3c7bb85305a9184ad853b20b4ee

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:42 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame BA7A 44 B
606 B 39ms
38ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22077192ae%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=077192ae-67f7-4905-8085-9e7c21c4799f&pv=077192ae-67f7-4905-8085-9e7c21c4799f&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

12abf9f73572db68f5587e44ef2bd3b2ab90db7b05338f8b34ecbcbbef18e300

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:42 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BA7A 160 B
1019 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

9796d8b9e828e947aad237707b967b6479144a05bdc608bec393ff64d22764e9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:44 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.187:80
AN-X-Request-Uuid: b304ae3e-6f73-41c6-a1fe-d2b433b5fa05
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame BA7A 20 B
320 B 73ms
73ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=077192ae-67f7-4905-8085-9e7c21c4799f-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:42 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame BA7A 0
217 B 38ms
38ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=077192ae&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:42 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7b3a85efbd8f61e48cde39d3cdd282dbba59e7853194ee75a94fab0a4a0ba044

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:42 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 905

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame D7AB 421 KB
94 KB 41ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:42 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306722.dop010.wa1.t,1582306722.cds010.wa1.hc,1582306722.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974424
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame D7AB 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668036
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame D7AB 160 B
1019 B 19ms
19ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

8e6a9c2c1ce7d812f40339bb26499a7d0bcfe60cb70cc524f6d4a4219a4fd475

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:44 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.167:80
AN-X-Request-Uuid: 687a76b2-5b8e-47bc-9a62-69b40aa2d367
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame D7AB 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 9ed8d679e30cfc39aa2a66b7ca90eaa5f92b9e6f70c8732c839253ac829a1dea

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:42 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame D7AB 44 B
606 B 56ms
56ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%2274ebfc46%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=74ebfc46-ae81-4c6f-8403-a3f2756abd09&pv=74ebfc46-ae81-4c6f-8403-a3f2756abd09&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

a3d845ad7f2b56b21a83bf7610aaa58b5dba40087bd18ef014fcbf21f923cc99

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:42 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame D7AB 160 B
1019 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b3d2671c1c93a41b5a6d25c59e18ad883f82ce9bea5c2a536533b8758d057327

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:44 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.199:80
AN-X-Request-Uuid: eae9d1a2-ef6f-4087-abe4-4d2cdcd2e642
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame D7AB 20 B
320 B 70ms
69ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=74ebfc46-ae81-4c6f-8403-a3f2756abd09-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:42 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame D7AB 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=74ebfc46&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:42 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 40ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 14e7249f7e402bdbdfe0cfeb6ccbd3b4354f30ec6ff3f135c1144b847e7932d0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:42 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 907

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 67FB 421 KB
94 KB 42ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:42 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306722.dop010.wa1.t,1582306722.cds010.wa1.hc,1582306722.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974424
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 67FB 29 KB
8 KB 17ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668036
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 67FB 166 B
1 KB 34ms
34ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

9069b44e203948ca1e581ed344f8836ef2cbf60c85cb89df5fedc34631509e66

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:44 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.249:80
AN-X-Request-Uuid: 183e615f-6fe1-4c2a-80a4-940a31fb3c50
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 67FB 150 B
340 B 14ms
12ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 9f50f1a76c4977e8e954cbfa115f31777f88c8b02145bd1f8cbb185c16651860

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:42 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 67FB 44 B
606 B 35ms
33ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22c34dc8ce%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=c34dc8ce-c36f-4a04-89cc-c51db67fa5cd&pv=c34dc8ce-c36f-4a04-89cc-c51db67fa5cd&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

4c32c02b5f33d186deb806a2aeff21b68a43f32db81f8c7bee8b6a78a220074b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:42 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 67FB 166 B
1 KB 65ms
64ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e4c843b92e8071882b602ac1bf97ee3021de42c6ea3c495bbb4ec58f205e8516

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:45 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.45:80
AN-X-Request-Uuid: b20f13da-5e4b-4ec8-babe-af85ac11a43c
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 67FB 20 B
320 B 80ms
80ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=c34dc8ce-c36f-4a04-89cc-c51db67fa5cd-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:43 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 67FB 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=c34dc8ce&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:43 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 074a75ee11f34d36ebe08193a9680acf82c29fd24a86c434f42c861d66e24579

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:43 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 920

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 6CE2 421 KB
94 KB 42ms
42ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:43 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306723.dop010.wa1.t,1582306723.cds010.wa1.hc,1582306723.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974423
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 6CE2 29 KB
8 KB 17ms
17ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668037
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6CE2 160 B
1018 B 19ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

3831f574d7d611ecdd8dd6276a04fd04ecce4cd82fb2c10bdce29a46cd65a1b9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:45 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.84:80
AN-X-Request-Uuid: ee9db32e-ae3a-438d-a140-8aaeb673c3fb
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 6CE2 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: f5209b2ea6c74054b0eedeb2032c5cb739838b4913c414849be2616c6da0df6d

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:43 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 6CE2 44 B
606 B 35ms
34ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%2259008a10%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=59008a10-65e5-458d-9a94-cee0517e345d&pv=59008a10-65e5-458d-9a94-cee0517e345d&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

c96d6a23e2f1d83adf628cd7154da6382821eaa8920b60880d2327e375cf802b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:43 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6CE2 160 B
1018 B 19ms
19ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

16fe297416200c6f32381f40b3ae4d5513f2de451d37f2495c1347d0d068d88e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:45 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.50:80
AN-X-Request-Uuid: c85c7820-7d52-4915-8c52-b923146d29a1
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 6CE2 20 B
320 B 113ms
112ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=59008a10-65e5-458d-9a94-cee0517e345d-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:43 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 6CE2 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=59008a10&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:43 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 41ms
40ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a9ca10b7171f569d2d7f9cc5fc1cd2da480e9ddc18774d2ccae403b923aeaf81

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:43 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 903

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 666E 421 KB
94 KB 42ms
42ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:43 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306723.dop010.wa1.t,1582306723.cds010.wa1.hc,1582306723.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974423
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 666E 29 KB
8 KB 17ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668037
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 666E 159 B
1017 B 19ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

7b2edd7d34f6aa89f50594de48358985abefd6d7b5f4e190b3958373c79151c8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:45 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.77:80
AN-X-Request-Uuid: 231aba7d-8563-474d-bd62-300f3bbfb1bb
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 666E 150 B
340 B 14ms
12ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 8234ab78b3d46dcd75441081ebe8d4d0f9f06245fe77306f86a570416c587611

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:43 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 666E 160 B
1019 B 19ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

6ca0f0823cceeab7ef2ddb9e32d83d5a412b7705edd2dd07c815c3a3cae2d153

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:45 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.133:80
AN-X-Request-Uuid: 7f46de08-9f5d-4ee6-ae38-ee5434fa7fcb
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 666E 44 B
606 B 34ms
34ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22bb2d83c4%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=bb2d83c4-e911-421f-9816-1ccae2d7a98c&pv=bb2d83c4-e911-421f-9816-1ccae2d7a98c&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

af8f7cc208c911bca284f63b0eebb3c0de927b7744ed7fca6fcdf1f4a8150d2b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:43 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 666E 20 B
320 B 73ms
73ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=bb2d83c4-e911-421f-9816-1ccae2d7a98c-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:43 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 666E 0
217 B 39ms
38ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=bb2d83c4&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:43 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 2BB6 0
162 B 109ms
109ms Image
text/plain 52.21.193.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:286,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:279,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:241,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:228,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:309,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=85e467d6653bd4371f5a1582306723778&c_pl=d_uu07TFtSURWUvkPIyf9Mq2aydZwR_ypzH4aqGwj0UC33xRY4bgdPPxAQo5ExW9_-2cj0KGWzhG1eiYjK4jS-DuMkj25fflSKOpf74HpOQ3Tk_NUU4PIJSjfw9aw5oooRckk73tBh6r_LlypchkoZKUrupMdlEnagS9EiYSmK_MOaa9ckpnOUaY83i9PhcSDPTNrT3cGc0ry_Y05u_l3Z6x8lOv4xj14xRRIuJk2bMUC05vVKeiSjZMHyPDP8Pb8PpGHZUQGv86ziZ6eZjmmg&c_v=1899_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporat&xplt=false&spp=1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.193.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-193-116.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 17:38:43 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 2BB6 0
162 B 106ms
106ms Image
text/plain 52.21.193.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:304,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:222,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:249,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:286,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=76818ecef7fddec163961582306723778&c_pl=d_uu07TFtSURWUvkPIyf9Mq2aydZwR_ypzH4aqGwj0UC33xRY4bgdPPxAQo5ExW9_-2cj0KGWzhG1eiYjK4jS-DuMkj25fflSKOpf74HpOQ3Tk_NUU4PIJSjfw9aw5oooRckk73tBh6r_LlypchkoZKUrupMdlEnagS9EiYSmK_MOaa9ckpnOUaY83i9PhcSDPTNrT3cGc0ry_Y05u_l3Z6x8lOv4xj14xRRIuJk2bMUC05vVKeiSjZMHyPDP8Pb8PpGHZUQGv86ziZ6eZjmmg&c_v=1899_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporat&xplt=false&spp=1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.193.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-193-116.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 17:38:43 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
38ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: abbce63548e7eb5b2a5a57572a815d5d55c53b167d12ff016b58604c680627c5

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:43 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 895

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 219B 421 KB
94 KB 42ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:43 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306723.dop010.wa1.t,1582306723.cds010.wa1.hc,1582306723.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974423
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 219B 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668037
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 219B 160 B
1019 B 19ms
19ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

8b08951e92307bd3985dc49e742027a86dc5bd9296ffe17e76361ef4f59d1807

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:45 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.186:80
AN-X-Request-Uuid: a81c1466-f603-4de9-bf62-0e31aaff6c74
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 219B 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 3560a1051dee35102ae1abcd81a2fd8ce2f7874f5bee222870287f8c252ce769

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:43 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 219B 44 B
606 B 61ms
61ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22574a4bab%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=574a4bab-79ff-4fc9-b62b-d635bfcbe503&pv=574a4bab-79ff-4fc9-b62b-d635bfcbe503&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

c86d86aed9ebfe4025bff598b90760bb4e16c7a926138da87ee5abd9aabd9b16

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:43 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 219B 160 B
1018 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

819847075c1fc1aad9d30c6b5d379b66d7a881c8655a2789c34ecd42d8095786

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:45 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.78:80
AN-X-Request-Uuid: 40b47309-b502-4fd1-90f7-d378b65a56f3
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 219B 20 B
320 B 68ms
67ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=574a4bab-79ff-4fc9-b62b-d635bfcbe503-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:44 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 219B 0
217 B 40ms
40ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=574a4bab&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
38ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 21adcdf66801ec7b37be713a0e4623c84f76ead59950e91e3e40bcae65e6c477

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:44 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 915

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 4B32 421 KB
94 KB 43ms
43ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:44 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306724.dop010.wa1.t,1582306724.cds010.wa1.hc,1582306724.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974422
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 4B32 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668038
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4B32 160 B
1018 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

853c7fc9b27a0bc5bb71c9468927ceb7887b49cdc521337cc86defdde32f7882

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:46 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.47:80
AN-X-Request-Uuid: 9c781230-aebb-416e-8a8a-be245275321a
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 4B32 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: be0a5532cd37a7e946ce66da6ea1d4ebaae41719fe54ca2360b5e9d24fd4d8d4

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:44 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4B32 166 B
1 KB 99ms
99ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

f779bc164971ff7ddda210106390fbdfb48dc2fc9f1964308b8b5bc533d0bef1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:46 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.74:80
AN-X-Request-Uuid: 18c56ca4-4426-4aa7-ba60-16da6a8bb5a5
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 4B32 44 B
606 B 39ms
39ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22275539c7%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=275539c7-b046-4ed5-8baa-c1af27d0e67c&pv=275539c7-b046-4ed5-8baa-c1af27d0e67c&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

19abcf5365dd86718f7e0e3cc12d2fb375dedff4f06b04ba6646f9e1209c9115

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:44 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 4B32 20 B
320 B 70ms
70ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=275539c7-b046-4ed5-8baa-c1af27d0e67c-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:44 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 4B32 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=275539c7&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
2 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 02213d56f66067deb0ce5ef504a86e53654d9165da057f5870639d1d668518ee

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:44 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 891

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 9981 421 KB
94 KB 43ms
43ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:44 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306724.dop010.wa1.t,1582306724.cds010.wa1.hc,1582306724.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974422
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

POST
H/1.1 200
OK c Show response
c.pub.network/ 0
267 B 118ms
118ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:44 GMT
Access-Control-Allow-Credentials: true
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 9981 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668038
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9981 160 B
863 B 22ms
21ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

8d1f64670bb95ed56b35256942d45f9b628726363323f78630c74c123f691288

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:46 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.40:80
AN-X-Request-Uuid: 06a03ec7-2973-44d4-a837-ec8b159bc309
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 9981 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: f1d53f96a2a7b97b081f445dd4dd755798a7a2ab3f29c58b8be7d0623cb0d6ca

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:44 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 9981 44 B
671 B 34ms
34ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22e22cab0f%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=e22cab0f-da73-477d-ad02-c1b288ad71b3&pv=e22cab0f-da73-477d-ad02-c1b288ad71b3&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

9e32c8e2670082837f98c388ba82e843f00c6143bed7fb99b23e5a9c8a87e5e4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:44 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-132
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9981 160 B
864 B 19ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

c6c2e4026be414263f1e3cbe822cf6d92569e0df3624f1fd437a65f4c909d67d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:46 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.211:80
AN-X-Request-Uuid: c7bbe1eb-4e23-44b4-a672-4bfc499539e5
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 9981 20 B
320 B 73ms
69ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=e22cab0f-da73-477d-ad02-c1b288ad71b3-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:44 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 9981 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=e22cab0f&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 42ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 22eb50ec6b6b8f8b0bae663299ab9a2a1c9c95ba2e560f9c957accff43c85a5b

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:44 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 906

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame DD78 421 KB
94 KB 42ms
42ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:44 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306724.dop010.wa1.t,1582306724.cds010.wa1.hc,1582306724.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974422
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame DD78 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668038
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame DD78 160 B
863 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a3f1d76e4b08434c61bddf05ce07fe61db8e587000b96ed90032e18295971769

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:46 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.45:80
AN-X-Request-Uuid: 5324d389-d25b-4f2f-8aef-4bd4e8033c54
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame DD78 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 7de63aa56c8d98c9bebf978e03da1c0991f4c003494ac202667144f24f48aba9

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:44 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame DD78 44 B
606 B 52ms
51ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%226cda22c9%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=6cda22c9-4ba6-4c47-a454-fc6c1d656d4a&pv=6cda22c9-4ba6-4c47-a454-fc6c1d656d4a&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

348eb43a7595852f6122128ab36a0f31f4a148069bc5abdacc7e907b8578b2c2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:44 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-132
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame DD78 166 B
1 KB 68ms
68ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

05686e530fd14055f30c4337654427a0639fe5254890d09f2f340c5fc12c644a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:46 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.45:80
AN-X-Request-Uuid: 8e4a774b-ab97-4280-be5e-a8ba68202c9a
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame DD78 20 B
320 B 70ms
70ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=6cda22c9-4ba6-4c47-a454-fc6c1d656d4a-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:44 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame DD78 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=6cda22c9&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9244986e43b9e3ee59d2d60dec0b8cb754b4d169183c6b20e3bdcb26e027384d

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:45 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 900

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 77CC 421 KB
94 KB 43ms
42ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:45 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306725.dop010.wa1.t,1582306725.cds010.wa1.hc,1582306725.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974421
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 77CC 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668039
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 77CC 160 B
1019 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e4a5de8f7313dd55d7c1eb6348c9ac9807407323ace49bebf6777fcaa71d5be3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:47 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.185:80
AN-X-Request-Uuid: 4236c440-cf50-4c21-943d-c7d5c1f649e1
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 77CC 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 3ffdcd37e3a13d68dbd95764b7ffaa9c1825635f25dbdb48dea7ac7a2d1011cb

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:45 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 77CC 160 B
1019 B 22ms
22ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

7425f37d9cd401454e6aad93cda44659932f1fc2c142f6522e2deb83d64718f9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:47 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.153:80
AN-X-Request-Uuid: 4409a96c-c10d-4eac-a3c3-ccb26f2b1d7b
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 77CC 44 B
671 B 127ms
127ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22450e9e85%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=450e9e85-6fa2-45ff-b857-7fc712f9fa37&pv=450e9e85-6fa2-45ff-b857-7fc712f9fa37&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

ceaf798e270ef1af13a9f132a81e9f1a0a894f3d88bf90e6f371df5d95430bcf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:45 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-132
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 77CC 20 B
320 B 68ms
66ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=450e9e85-6fa2-45ff-b857-7fc712f9fa37-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:45 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 77CC 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=450e9e85&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a0ce4becfca8c2c223d2645dbbb0f5ccff7c3b20ff7b160cdcaf1fd267ab8003

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:45 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 899

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 0054 421 KB
94 KB 42ms
42ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:45 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306725.dop010.wa1.t,1582306725.cds010.wa1.hc,1582306725.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974421
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 0054 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668039
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0054 160 B
1018 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

fe31f4fdc3088026e18db0a51cc62ad793d03dcb051ddaf6f95247f833a9524f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:47 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.71:80
AN-X-Request-Uuid: 63ad308c-e21c-490c-90fc-d5f9d6f2efd6
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 0054 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: c68c0b1f20d7511930511fbb081df3f8bc0f61b084996fc11e93a341eba98c8d

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:45 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 0054 44 B
606 B 34ms
34ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22e0e8f981%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=e0e8f981-cc36-4271-8e06-c19dbc3ca5b3&pv=e0e8f981-cc36-4271-8e06-c19dbc3ca5b3&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

95f994a2b7d662016d077d99aa0bdcc77c063447289c563e9604b7935101eedd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:45 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-132
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0054 160 B
1018 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

9f91235c74ca0adebc1c3e00e3961b2137808930f2461b891a42a12d536d9c9d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:47 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.71:80
AN-X-Request-Uuid: f1af858a-d515-4802-a43a-e84f2e1ab4e2
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 0054 20 B
320 B 69ms
69ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=e0e8f981-cc36-4271-8e06-c19dbc3ca5b3-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:45 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 0054 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=e0e8f981&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0f7e96346cb89b583444898163aa64100d3783ae13bc957b21539d2b8f6a1223

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:45 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 916

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 5F9D 421 KB
94 KB 42ms
42ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:45 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306725.dop010.wa1.t,1582306725.cds010.wa1.hc,1582306725.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974421
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 5F9D 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668039
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5F9D 160 B
1018 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e1e199604af16af5d9960218a5e1b0f4ac4f0329c6a0c55f2a322dc6da23c3a5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:47 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.84:80
AN-X-Request-Uuid: 850ae231-9d7f-4c8a-917f-3947bd700cd6
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 5F9D 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: d832f4bd61b18fd9da9a6e66519ad10869aea5e92cc88c57f201a5a0d387524c

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:45 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 5F9D 44 B
606 B 59ms
58ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%2214687db0%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=14687db0-b000-4d8e-85a8-e0bce4105534&pv=14687db0-b000-4d8e-85a8-e0bce4105534&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

c8a7ffadc434c622b893175b14aa082246bd8b0cdfecab63df8c8373e4a5836c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:45 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-132
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5F9D 160 B
1019 B 20ms
20ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

8b7bb5ad094e0b9dd4ae0be7ed11b14984bbb839488bb1d172d486950bc0e032

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:47 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.143:80
AN-X-Request-Uuid: 8a04ad0f-62af-4b68-8ebb-6709c6c275b3
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 5F9D 20 B
320 B 69ms
69ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=14687db0-b000-4d8e-85a8-e0bce4105534-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:45 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 5F9D 0
217 B 40ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=14687db0&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:46 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
38ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ff58858b54d917d023f578975b08ce471886fb56669f49ff9b59c4e822a23585

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:46 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 923

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame BF1E 421 KB
94 KB 41ms
40ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:46 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306726.dop010.wa1.t,1582306726.cds010.wa1.hc,1582306726.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974420
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame BF1E 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668040
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BF1E 160 B
1019 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

147ec00c2fde33f5c6a9ef8be425ad8ff36ea96b9f3cca328f3ac950a31c0ccc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:48 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.207:80
AN-X-Request-Uuid: 853d585b-e875-413a-a9a1-128406a81c72
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame BF1E 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 13cd08056298807682bbc5b52f9ab713697ef8ccd00ddcf06203d615266aadfe

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:46 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame BF1E 44 B
606 B 61ms
60ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22ba9324a0%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=ba9324a0-ac34-4878-81a4-93c090600cf6&pv=ba9324a0-ac34-4878-81a4-93c090600cf6&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

1a251fdb4256568593a617088280e12561e55b1af1e16335563df1aa7f022a01

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:46 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-132
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BF1E 160 B
1018 B 19ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

c78a7747634b9ba2280a8157b641b0507c9f2f66559299bbfbccd6833b03b5ac

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:48 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.74:80
AN-X-Request-Uuid: ce021de3-b9a4-4ff4-868c-ef331518d338
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame BF1E 20 B
320 B 67ms
66ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=ba9324a0-ac34-4878-81a4-93c090600cf6-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:46 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame BF1E 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=ba9324a0&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:46 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
38ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 16fc1b88f3aaecd8398d10a69b9c27dc03cb935ba994646d6cabedc1f1941599

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:46 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 910

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame A745 421 KB
94 KB 43ms
42ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:46 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306726.dop010.wa1.t,1582306726.cds010.wa1.hc,1582306726.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974420
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame A745 29 KB
8 KB 17ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668040
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A745 159 B
1017 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e626329faeb06f1fb16d3d63dcb998279712e1ee97e6ef0408267d0f3972fa73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:48 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.86:80
AN-X-Request-Uuid: 67b6f286-37df-4c73-aba1-c6e4b43c1093
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame A745 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 1a08bc074d5ed5073ec616bc5142f8b8086f44d4dfbc9b55a9f78e2776833186

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:46 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame A745 44 B
606 B 75ms
75ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%22350b33d5%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=350b33d5-b8df-4d47-859a-ca67541d1853&pv=350b33d5-b8df-4d47-859a-ca67541d1853&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

82a1e42ff42a6596e6c17c93ac823cdc63204d346a756a6437b7fb13047715f6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:46 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-132
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A745 159 B
1017 B 30ms
30ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

5997cdd379e0b8ceaec10ce73b3338145782f11bf2ac641bb963704924e98af2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:48 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.87:80
AN-X-Request-Uuid: ba2a10e4-250d-45c1-abf3-03bf41185537
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK c Show response
c.pub.network/ 0
267 B 117ms
116ms XHR
text/plain 35.226.36.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/c
Requested by: Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.226.36.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.36.226.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:46 GMT
Access-Control-Allow-Credentials: true
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame A745 20 B
320 B 68ms
68ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=350b33d5-b8df-4d47-859a-ca67541d1853-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:46 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame A745 0
217 B 41ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=350b33d5&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:46 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
2 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b49563195c16375aae5588a6ba268954e5caaa51cda10ca7b457a26a2fea3858

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:46 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 899

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 4F62 421 KB
94 KB 42ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:46 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306726.dop010.wa1.t,1582306726.cds010.wa1.hc,1582306726.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974420
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 2BB6 0
162 B 120ms
113ms Image
text/plain 52.21.193.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:288,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:240,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:245,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:224,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:368,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=c01f1d57fd243d3536c11582306726779&c_pl=d_uu07TFtSURWUvkPIyf9Mq2aydZwR_ypzH4aqGwj0UC33xRY4bgdPPxAQo5ExW9_-2cj0KGWzhG1eiYjK4jS-DuMkj25fflSKOpf74HpOQ3Tk_NUU4PIJSjfw9aw5oooRckk73tBh6r_LlypchkoZKUrupMdlEnagS9EiYSmK_MOaa9ckpnOUaY83i9PhcSDPTNrT3cGc0ry_Y05u_l3Z6x8lOv4xj14xRRIuJk2bMUC05vVKeiSjZMHyPDP8Pb8PpGHZUQGv86ziZ6eZjmmg&c_v=1899_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporat&xplt=false&spp=1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.193.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-193-116.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 17:38:46 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK tracking.png
trk.connatix.com/ Frame 2BB6 0
162 B 121ms
111ms Image
text/plain 52.21.193.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.connatix.com/tracking.png?c_rpobidMeta=[{id:15447,c_wt:264,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:233,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:284,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:243,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22},{id:15447,c_wt:254,c_mt:%22application%2Fjavascript%22,c_rs:%222_%2522NO_FILL%2522_undefined%22}]&cb=73a4194f371eea6aa4e31582306726779&c_pl=d_uu07TFtSURWUvkPIyf9Mq2aydZwR_ypzH4aqGwj0UC33xRY4bgdPPxAQo5ExW9_-2cj0KGWzhG1eiYjK4jS-DuMkj25fflSKOpf74HpOQ3Tk_NUU4PIJSjfw9aw5oooRckk73tBh6r_LlypchkoZKUrupMdlEnagS9EiYSmK_MOaa9ckpnOUaY83i9PhcSDPTNrT3cGc0ry_Y05u_l3Z6x8lOv4xj14xRRIuJk2bMUC05vVKeiSjZMHyPDP8Pb8PpGHZUQGv86ziZ6eZjmmg&c_v=1899_1_0_0_0&p=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporat&xplt=false&spp=1
Requested by: Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.193.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-193-116.compute-1.amazonaws.com
Software: nginx/1.15.9 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 17:38:46 GMT
Server: nginx/1.15.9 (Ubuntu)
Connection: keep-alive
Content-Length: 0

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 4F62 29 KB
8 KB 20ms
19ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668040
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4F62 160 B
863 B 19ms
19ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4d01e2075d872ef068e080e074cbc2e5ed636ceeb3602740ec6accb53f087b0f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:48 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.14:80
AN-X-Request-Uuid: 6bdcd556-9341-4cd3-9c54-85cb3a61b4d6
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 4F62 150 B
340 B 14ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: bd85d75dff70a5b5125fb42888d9eaa958153e37aec4c6316886e55b2c8d0b52

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:46 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4F62 160 B
863 B 20ms
19ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

3183e652d3e856b01d3f82623d37c12f5d1c2f688b5f5de2b0af41d7eb8a1490

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:48 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.85:80
AN-X-Request-Uuid: b1da094f-9cf1-44dd-92ba-e141a8111d55
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 4F62 44 B
671 B 39ms
38ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%229195adf3%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=9195adf3-9b3c-4053-95fa-a3d91d9addc3&pv=9195adf3-9b3c-4053-95fa-a3d91d9addc3&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

c5a96c3b9b50f9cac99bce337309bc55f1d6b2dd94f6ed31f8c1fab9e60d4595

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:46 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bc2 Show response
bc-rtb-dub.springserve.com/ Frame 4F62 20 B
320 B 68ms
68ms XHR
application/json 52.18.86.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-rtb-dub.springserve.com/bc2?r=9195adf3-9b3c-4053-95fa-a3d91d9addc3-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.86.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-86-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 21 Feb 2020 17:38:47 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET bid
c.amazon-adsystem.com/e/dtb/ 0
0

POST auction
prebid.pub.network/openrtb2/ 0
0

POST v1
dmx.districtm.io/b/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=190c506993e37e69;misc=1582306727067;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185819/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=191f59fa4106c95d;misc=1582306727067;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185817/0/0/ 0
0

GET ADTECH;v=2;cmd=bid;cors=yes;alias=192f9f8ff92c3b59;misc=1582306727067;
adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185818/0/0/ 0
0

GET
H2 200 arj Show response
freestar-d.openx.net/w/1.0/ 174 B
436 B 133ms
132ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=6558003c-7ad1-4724-97db-b65aee53590b&nocache=1582306727068&pubcid=42bba9aa-e381-4c7b-853b-9afd254f89f9&schain=1.0%2C1!freestar.io%2C535%2C1%2C%2C%2C&aus=728x90%2C970x90%2C970x250&divIds=bleepingcomputer_728x90_970x90_970x250_320x50_ATF&auid=540959250&
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.6.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash: f94d8241e9abcfed0afe73b99bf888490cac4d9914122633e0099f76ade5a962

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:47 GMT
content-encoding: gzip
server: OXGW/16.176.1
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 166
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 37ms
37ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.6.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

119e43d6dfdeddd49cbea14901eb62a9f33b38113d65675303cc99613f10f177

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:49 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.154:80
AN-X-Request-Uuid: 7dc946df-6f3a-46e1-a617-d86dcd878067
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST translator
hbopenbid.pubmatic.com/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 45ms
44ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.6.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

53a2d2a2ac27c1920d2116fe1366984dee12f370fdab643af3f54dee1fb206a5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:49 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.117:80
AN-X-Request-Uuid: 84930bcc-4e23-4262-a031-914601a60c49
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET v1
btlr.sharethrough.com/WYu2BXv1/ 0
0

POST auction
tlx.3lift.com/header/ 0
0

GET cygnus
as-sec.casalemedia.com/ 0
0

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 194 B
384 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-3.6.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 35bd24ee964082c95ac10f00edef3a9700b778858d8c057f4dd00e48dad9cc41

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:47 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 194
expires: 0

GET bid
c.amazon-adsystem.com/e/dtb/ 0
0

POST
H/1.1 200
OK i Show response
vid-io.springserve.com/vd/ Frame 4F62 0
217 B 39ms
39ms XHR
text/plain 54.171.158.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io.springserve.com/vd/i?suuid=9195adf3&ps_id=514171&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.158.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-158-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Date: Fri, 21 Feb 2020 17:38:47 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 514171 Show response
vid.springserve.com/vast/ Frame 2BB6 2 KB
1 KB 39ms
39ms XHR
application/xml 52.49.142.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/514171?w=640&h=480&cb=&url=bleepingcomputer.com/&schain=
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.142.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-142-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7a6db3d077f3849dbfb6b422d3ddb61c52a577bcc9bfe10e542c9805f3d4ab22

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 17:38:47 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 899

GET
H2 200 vpaid_2d0ef349.js Show response
vpaid.springserve.com/production/ Frame 52A6 421 KB
94 KB 41ms
41ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Requested by: Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: AmazonS3 /
Resource Hash: 9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 17:38:47 GMT
content-encoding: gzip
last-modified: Tue, 14 Jan 2020 17:06:38 GMT
server: AmazonS3
x-amz-request-id: 49FAD6158A43D26F
etag: "53a89f9184b1b0306557f2639fb3f7b7"
x-hw: 1582306727.dop010.wa1.t,1582306727.cds010.wa1.hc,1582306727.cds010.wa1.c
content-type: application/javascript
status: 200
cache-control: max-age=1974419
accept-ranges: bytes
access-control-allow-origin: *
content-length: 96293
x-amz-id-2: KLPzn3SPLJZsvYl5uDM1/UxWNGvOPegQehmBS1kebC4QSWn2YK3EfjoFHwzM2bU8ksI03ZkK+F0=

GET
H2 200 oath-viewability-sdk.js Show response
cdn-ssl.vidible.tv/prod/client-utils/js/ Frame 52A6 29 KB
8 KB 16ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/client-utils/js/oath-viewability-sdk.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 00:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 668041
status: 200
strict-transport-security: max-age=15552000
content-length: 7868
x-amz-id-2: qrPn74Z1OL4UoMTUOq+KCNtboYyntSMyRiMOjH1WpW9HCDKzfeeIxnjg0kZv6DqxEE9lKrrBy/Q=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 Jan 2018 04:39:44 GMT
server: ATS
etag: "f89c71522a28b573b7e8c681892779ce-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6B6D5D9166C2DCED
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: MuMCHfak_fz.RiQjb8ttinJCtw0a9HGU
accept-ranges: bytes
content-type: application/javascript

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 52A6 166 B
1 KB 40ms
40ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

1279dd83fcc9ac2d99120a1a0c9d4d5676afa792ac3e3c0f5aaf0f188438f8fb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:49 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.71:80
AN-X-Request-Uuid: 16ebe263-35cd-46c4-887a-0ba900761e1d
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 52A6 150 B
340 B 13ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: 5fe66a580d484d885130b284009194be966ccfdce050250dd07670b4f4015b09

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 17:38:47 GMT
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: https://www.bleepingcomputer.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 150
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 52A6 44 B
606 B 59ms
59ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker={%226ee989b7%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=6ee989b7-6823-4dfb-aede-571df68e4877&pv=6ee989b7-6823-4dfb-aede-571df68e4877&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

1681e036da133b36a2975b2c3f12efea2e61e70e4af3cc92841518839b07b9dd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:47 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 72
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 52A6 159 B
1017 B 18ms
18ms XHR
application/json 185.33.223.83
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2d0ef349.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

685bfe00b6cd6cc54ff2fc346dda7839638cf6cf8b79153223d6ec42937ea996

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.bleepingcomputer.com/news/security/targeted-phishing-attack-aims-for-well-known-corporate-brands/
Origin: https://www.bleepingcomputer.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 17:38:49 GMT
X-Proxy-Origin: 194.187.251.62; 194.187.251.62; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.74:80
AN-X-Request-Uuid: ab51e4eb-2489-4fb8-b572-b5f37d622983
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.bleepingcomputer.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 159
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET bc2
bc-rtb-dub.springserve.com/ Frame 52A6 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prebid.pub.network
URL: https://prebid.pub.network/cookie_sync

Domain: prebid.pub.network
URL: https://prebid.pub.network/openrtb2/auction

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=WLM6GiL3zdSZQxjuNieepuQJ&bidId=17caae7274f4b92&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.6.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=bDraMWgeoLM4KHJBzFQ8heMv&bidId=18481708e9ad49a&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.6.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=WLM6GiL3zdSZQxjuNieepuQJ&bidId=19bf61d67bb1db5&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.6.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=bDraMWgeoLM4KHJBzFQ8heMv&bidId=207c7a971618642&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.6.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=uo4nuhxJikFrr3o47oeeZPL5&bidId=21f57a926cc3652&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.6.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=6f2XVeWT9HhHNo9TDFzKK7JK&bidId=22f90322e006c64&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.6.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=uo4nuhxJikFrr3o47oeeZPL5&bidId=2374b0a0f1922cf&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.6.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=6f2XVeWT9HhHNo9TDFzKK7JK&bidId=24ef6550c5ad282&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.6.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=WLM6GiL3zdSZQxjuNieepuQJ&bidId=25f59aacdc9e227&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.6.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=uo4nuhxJikFrr3o47oeeZPL5&bidId=269be9b7022c8cb&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.6.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=6f2XVeWT9HhHNo9TDFzKK7JK&bidId=27f5797d3614a3e&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.6.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&

Domain: freestar-d.openx.net
URL: https://freestar-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=1db49d2c-a801-4555-8cc6-85a1bf148495%2C4721e6e7-b7e1-492f-b38e-9f822c164518%2Cf9726bd3-0e46-4144-9dc2-4a1e562e45cd%2Cbdc30d72-438d-4300-b88d-9f550bf8cc1a%2Ce13d627e-8d41-4064-939c-3df7864b1874%2Cb66f4494-2086-4529-a170-e781a38d0423&nocache=1582306696801&pubcid=0640060c-2714-4fd6-a453-7957c9c95efa&schain=1.0%2C1!freestar.io%2C535%2C1%2C%2C%2C&aus=728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250%7C300x250%2C300x600%7C300x250%2C300x600%7C728x90%7C300x250%2C300x600&divIds=bleepingcomputer_728x90_970x90_970x250_320x50_ATF%2Cbleepingcomputer_728x90_970x90_970x250_320x50_BTF%2Cbleepingcomputer_300x250_300x600_160x600_Right_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_2%2Cbleepingcomputer_728x90_320x50_InContent_1%2Cbleepingcomputer_300x250_300x600_160x600_Right_3&auid=540959250%2C540959250%2C540959250%2C540959250%2C540959250%2C540959250&

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&tk_flint=pbjs_lite_v3.6.0&x_source.tid=1db49d2c-a801-4555-8cc6-85a1bf148495&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.999674015524578

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&tk_flint=pbjs_lite_v3.6.0&x_source.tid=4721e6e7-b7e1-492f-b38e-9f822c164518&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.005450131421006921

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&tk_flint=pbjs_lite_v3.6.0&x_source.tid=f9726bd3-0e46-4144-9dc2-4a1e562e45cd&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.03741442743204182

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&tk_flint=pbjs_lite_v3.6.0&x_source.tid=bdc30d72-438d-4300-b88d-9f550bf8cc1a&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6549629789614126

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&tk_flint=pbjs_lite_v3.6.0&x_source.tid=e13d627e-8d41-4064-939c-3df7864b1874&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9575180239770247

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=15&alt_size_ids=10&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&tk_flint=pbjs_lite_v3.6.0&x_source.tid=b66f4494-2086-4529-a170-e781a38d0423&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.46703602617302487

Domain: as-sec.casalemedia.com
URL: https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%2277937fefea5781b%22%2C%22imp%22%3A%5B%7B%22id%22%3A%227871569b3d30e7c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2279d58d926f492f6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2280788d0fb8aca96%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22814746fbd48c613%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2282598c76cc8f3aa%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2283c76efbb348f3b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%228493b4f61aac684%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%228538eb4cd862d67%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%228639f74125515c8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2287bbe4ff75f1e41%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22881d2da13e7cbc9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%228909abdf5ec5a4e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2290d30ecb8f117f5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&

Domain: tlx.3lift.com
URL: https://tlx.3lift.com/header/auction?lib=prebid&v=3.6.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&tmax=1200

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185819/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=134527c7ba1d8e01;misc=1582306696810;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185817/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=135a0227f0ba3741;misc=1582306696810;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185818/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1367f42931a39dd6;misc=1582306696810;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185819/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=137adbe6ae5bdd2b;misc=1582306696810;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185817/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1388befb0b226403;misc=1582306696810;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185818/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13992b22169c7d06;misc=1582306696810;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185823/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1408115453091b0c;misc=1582306696810;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185820/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=141ebe89ff09fe4b;misc=1582306696810;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185823/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=142ca17f741d4318;misc=1582306696810;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185820/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=143aa6f33172096d;misc=1582306696810;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185818/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=144a4eb918926cb9;misc=1582306696810;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185823/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1451059043dbb439;misc=1582306696810;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185820/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1463eeb9114b2bdf;misc=1582306696810;

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: apex.go.sonobi.com
URL: https://apex.go.sonobi.com/trinity.json?key_maker={%22ec8ede0b%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=ec8ede0b-16b0-4353-af57-fc86a3efef28&pv=ec8ede0b-16b0-4353-af57-fc86a3efef28&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Domain: apex.go.sonobi.com
URL: https://apex.go.sonobi.com/trinity.json?key_maker={%2273681b75%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=73681b75-6da3-4daf-ad30-117c15f1abc4&pv=73681b75-6da3-4daf-ad30-117c15f1abc4&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Domain: apex.go.sonobi.com
URL: https://apex.go.sonobi.com/trinity.json?key_maker={%221614095e%22:%225923ef4d1eab65890133|640x480|f=4%22}&ref=https%3A%2F%2Fbleepingcomputer.com%2F&s=1614095e-4016-4f78-ae9b-8a936fc73379&pv=1614095e-4016-4f78-ae9b-8a936fc73379&vp=tablet&lib_name=prebid&lib_v=pbjs_lite_v1.25.0&us=0

Domain: vid-io.springserve.com
URL: https://vid-io.springserve.com/vd/i?suuid=90410378&ps_id=514171&batch=1

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&pid=ivmCzkKO8aI4D&cb=1&ws=1600x1200&v=7.47.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_728x90_970x90_970x250_320x50_ATF%22%7D%5D&cfgv=0&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22cmp-error%22%7D

Domain: prebid.pub.network
URL: https://prebid.pub.network/openrtb2/auction

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185819/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=190c506993e37e69;misc=1582306727067;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185817/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=191f59fa4106c95d;misc=1582306727067;

Domain: adserver-us.adtech.advertising.com
URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11751.1/5185818/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=192f9f8ff92c3b59;misc=1582306727067;

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=WLM6GiL3zdSZQxjuNieepuQJ&bidId=175de12c5f112a4b&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.6.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=bDraMWgeoLM4KHJBzFQ8heMv&bidId=176c88f697fb0e0e&consent_required=false&instant_play_capable=true&hbSource=prebid&hbVersion=3.6.0&strVersion=3.2.0&secure=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D&

Domain: tlx.3lift.com
URL: https://tlx.3lift.com/header/auction?lib=prebid&v=3.6.0&referrer=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&tmax=1200

Domain: as-sec.casalemedia.com
URL: https://as-sec.casalemedia.com/cygnus?s=393562&v=7.2&r=%7B%22id%22%3A%2218284e78803b868c%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22183c8a574c2ec9dd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221846ef53a456fc12%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221856224b988e9487%22%2C%22ext%22%3A%7B%22siteID%22%3A%22393562%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.io%22%2C%22sid%22%3A%22535%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=1006006&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!freestar.io,535,1,,,&rf=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&tk_flint=pbjs_lite_v3.6.0&x_source.tid=6558003c-7ad1-4724-97db-b65aee53590b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8077155065860497

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargeted-phishing-attack-aims-for-well-known-corporate-brands%2F&pid=4sxGtXukEbINC&cb=2&ws=1600x1200&v=7.47.00&t=1000&slots=%5B%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F15184186%2Fbleepingcomputer_300x250_300x600_160x600_Right_1%22%7D%5D&cfgv=0&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22cmp-error%22%7D

Domain: bc-rtb-dub.springserve.com
URL: https://bc-rtb-dub.springserve.com/bc2?r=6ee989b7-6823-4dfb-aede-571df68e4877-s.514171-d.528021-dc.73340&aid=962&det_d=www.bleepingcomputer.com&det_w=834

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

62 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://quantcast.mgr.consensu.org/cmp.js(Line 1) Message: Dependency check failed for Publisher Purpose Legitimate Interest IDs: Publisher Purpose Legitimate Interest IDs must be an array containing only purpose IDs contained in the Publisher Purpose IDs array, the following purpose IDs will be ignored: 1, 4, 5
console-api	warning	URL: https://static.quantcast.mgr.consensu.org/v29/cmpui-popup.js(Line 1) Message: Unable to get NonIab Vendor list.
console-api	log	URL: https://freestar-io.videoplayerhub.com/gallery.js(Line 1) Message: Video gallery initializing
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020021802.js(Line 6) Message: Exception in queued GPT command TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped
console-api	warning	URL: https://cdns.connatix.com/p/1899/min/connatix.renderer.infeed.min_dc.js(Line 2) Message: AdStopped

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
apex.go.sonobi.com
api.quantcast.mgr.consensu.org
as-sec.casalemedia.com
audit.quantcast.mgr.consensu.org
bc-rtb-dub.springserve.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.pub.network
cdn-ssl.vidible.tv
cdn.connatix.com
cdn.districtm.io
cdns.connatix.com
ck.connatix.com
cluster-na.cdnjquery.com
confiant-integrations.global.ssl.fastly.net
core.connatix.com
cse.google.com
d.pub.network
dmx.districtm.io
eb2.3lift.com
ecdn.analysis.fi
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
googleads.g.doubleclick.net
graph.facebook.com
hbopenbid.pubmatic.com
i.connatix.com
ib.adnxs.com
pagead2.googlesyndication.com
prebid.pub.network
quantcast.mgr.consensu.org
rtb.connatix.com
s7.addthis.com
s9.addthis.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
slckg-phfiv.ads.tremorhub.com
static.quantcast.mgr.consensu.org
tlx.3lift.com
tpc.googlesyndication.com
trk.connatix.com
u.openx.net
us7.mailchimp.com
v1.addthisedge.com
vendorlist.consensu.org
vid-io.springserve.com
vid.springserve.com
vpaid.springserve.com
web.hb.ad.cpe.dotomi.com
www.bleepingcomputer.com
www.bleepstatic.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.reddit.com
z.moatads.com
adserver-us.adtech.advertising.com
apex.go.sonobi.com
as-sec.casalemedia.com
bc-rtb-dub.springserve.com
btlr.sharethrough.com
c.amazon-adsystem.com
dmx.districtm.io
fastlane.rubiconproject.com
freestar-d.openx.net
hbopenbid.pubmatic.com
prebid.pub.network
tlx.3lift.com
vid-io.springserve.com
104.124.133.20
104.16.190.66
104.20.59.209
104.26.12.6
13.35.253.24
13.35.253.87
143.204.202.117
143.204.202.95
151.101.113.194
151.101.114.217
151.101.13.140
172.217.18.102
178.162.133.150
178.79.175.86
185.33.223.83
185.64.189.112
216.58.207.66
23.210.248.44
23.210.249.83
23.210.249.92
23.210.250.213
23.37.55.184
23.67.139.111
2600:1f18:612b:4264:cb60:d229:2b7e:6919
2600:9000:2057:b800:9:46dc:4700:93a1
2600:9000:2057:d800:9:46dc:4700:93a1
2600:9000:2057:f400:1:af78:4c0:93a1
2606:4700:20::681a:18b
2a00:1288:f03d:1fa::4000
2a00:1450:4001:806::2002
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:815::2002
2a00:1450:4001:81a::2001
2a00:1450:4001:81e::2003
2a00:1450:4001:824::200e
2a00:1450:4001:825::2008
2a00:1450:4001:825::200a
2a02:fa8:8806:16::1460
2a03:2880:f01c:800e:face:b00c:0:2
34.225.196.22
34.95.120.147
35.188.71.214
35.226.36.58
50.16.134.22
52.18.86.70
52.21.193.116
52.49.142.168
52.54.227.62
52.57.79.171
54.171.158.217
69.16.175.10
99.86.0.120
00036659b9582555aa0a8cf2358984030c682b5045bcd4d2d74fe765b29e5758
01ed5024d3b2067a5f268cd76d0d521f482879188c26cc6d809ec8cb2f069c8c
02213d56f66067deb0ce5ef504a86e53654d9165da057f5870639d1d668518ee
044dc7fd6e3480e12db420544f9f9baff80b6d8121fe611824f72e33a63f60df
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05686e530fd14055f30c4337654427a0639fe5254890d09f2f340c5fc12c644a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06c08e3ba81a0a899a551a554791954c7b40ff431de2c6a206e166617578903d
070a8f5e032b2ed02998921e9ff7786e3789ad80c5b47fb221771e886a2b4e8c
074a75ee11f34d36ebe08193a9680acf82c29fd24a86c434f42c861d66e24579
0a450a92da271041893a519c9b9e1050b2229f74eb83ca5346e76203456d3691
0b7f95ea376c84f25dd1359009f53c0a00a2999c897fde63e84d8384c019f614
0be02e60ffdb355e4a3a58d4081fe6fe1c2e89acdc070ac00d4eafc3a6a7d112
0c43dea597eda2cfe1b97b35cae36726fe35e744a79084ad9520b342e0e0f85b
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e8d963a284a3d3f5e6dd70bf380a55243eadb68c2639374de3b4b8a6c30e39b
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
0f7e96346cb89b583444898163aa64100d3783ae13bc957b21539d2b8f6a1223
0fe892cf75dbf4cd9f18730300e35c044a77cb671582ba1304b20e3a3cd5d859
119e43d6dfdeddd49cbea14901eb62a9f33b38113d65675303cc99613f10f177
12476ad8b15c7da2da293fd0f3e983f633c45e7e6396f4af0a548f52c1c9c5f1
1279dd83fcc9ac2d99120a1a0c9d4d5676afa792ac3e3c0f5aaf0f188438f8fb
129e141956f5618959987a187765b6b86a18636fbd7513c7e0d10ff075812f52
12abf9f73572db68f5587e44ef2bd3b2ab90db7b05338f8b34ecbcbbef18e300
12db7168d9ebde8d6bbb26655815ccaf6b01c76b553fcd00b4fb7642004c69f3
13cd08056298807682bbc5b52f9ab713697ef8ccd00ddcf06203d615266aadfe
147ec00c2fde33f5c6a9ef8be425ad8ff36ea96b9f3cca328f3ac950a31c0ccc
1491f9d163d870233275833fa3e50f003405161f121a165707b907c289fe1a23
14e7249f7e402bdbdfe0cfeb6ccbd3b4354f30ec6ff3f135c1144b847e7932d0
15028330643c3606f2b33954b4253e96ac62c388f5a09001120198f3834a1109
154cf86aa3e567aab9a575ee89c1f2fe2f8ab6709e2b01b212359b246ccb9025
155d6f1320008aad28ca1659e9c082e07889a5eb8e5e634598f91897c1f7b019
1681e036da133b36a2975b2c3f12efea2e61e70e4af3cc92841518839b07b9dd
16fc1b88f3aaecd8398d10a69b9c27dc03cb935ba994646d6cabedc1f1941599
16fe297416200c6f32381f40b3ae4d5513f2de451d37f2495c1347d0d068d88e
1712e0c26e80483039d612778473f17a79d5a226fafc09d3d8bb129af4faee02
1778ae1753db90778dd6d87fe1261babcdf932cc66759482f28a5b7a6b01b17c
180f64a6a9f628161c88b6970715d79ee3523a2d7840e6291f449c766f71253d
18a8b59282d0f9dc992826b121d1638f8ce13189178c0041693d8a72c109be62
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19abcf5365dd86718f7e0e3cc12d2fb375dedff4f06b04ba6646f9e1209c9115
19c2bbb5653335bbde74f7c12d54b0edc86db58e95cd52bd79a1f072c0cd5f6c
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
19e1dbba639ba68ceb71cdada9621e11d0aec6edba410971f1937d6cc4935b32
1a08bc074d5ed5073ec616bc5142f8b8086f44d4dfbc9b55a9f78e2776833186
1a251fdb4256568593a617088280e12561e55b1af1e16335563df1aa7f022a01
1a36f0a6f239c7826ac18991fae20560138d016bbd336c5e5156b9ef15ebf523
1a601d2d87e0c3c022b3a867b41316b808ec518621b21a2a72b26a1560db275e
1a910d1809939ab14b9d05a15c1bc8736f2997bc39b37d576264dfa3b70c9b45
1ac342de9769ddc6dca847f0c6293af8724cf9fbef1cadcbf23ce449fc71d56b
1afb078b0ae5d01405463d22c55e32d1469cec5eaf2ffc52ec8fe527b4906a95
1d1af35f53a65f46bf475b1619fd8e7179bc8f23df4ed1ebe80c64d0d2e58fd4
1ec1919c7b1af822d69e238322830fa7fee61e127ddace3e8169bf1c4bcd9640
216b102f3e196a7b7ad74763bcd5ab7e72c66e157d4bf3b492f0651cc3e551f1
21adcdf66801ec7b37be713a0e4623c84f76ead59950e91e3e40bcae65e6c477
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b
22eb50ec6b6b8f8b0bae663299ab9a2a1c9c95ba2e560f9c957accff43c85a5b
2327594c7cd9cbd477d337ecd8c78972957d0c9cee949507278155f03ee95a87
23458ab4400bdb14bf1c1ed42695f018b0f8a537be736937a477e624fdf5256f
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
254d59bb57cbf052eb7ec9df366a56483ce9e2887151f455053ad29e0958ab50
2609fd87e8cb3aa43d76477b84ec93f920c50ad2cf58a5b232cba90051bada05
27f79a70fb7878fe2135b5c1dab5cedcc923850a21d4dc0dbfcd11443ef9d46a
2913cda183b0068884ddb1a4eb27014340302ab2ecb1fb3f568af698ce9e3abb
2c61208c6f77d46fe33b1b37f8b089cc62d640f373339bc1bf9519c9b9e62fc3
2c7e0765e094f8dbcf2030303678562dfe59ab5bb282269e0469e11f77762c8e
2ce557bfe9ae0ab6039d8475521b6cd49826181ec380e981ed46acab499111e1
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2dbcbccb6ed1d5e6001aa7ca3f20e9cbb480adfac58da2499c29afb3ac5353bc
2dda7ea92135dcf21660d4d79391d303fc38f6a6524ae74bbe2986f1d2e990d5
2dffc1a06e3d8170bacc6f1202b5c2ec267f02883ade7681bbbc6f8350db949b
2ec79ed74f55a1a8e3864ced3215c75822cc03a1c3599ef61694f38f8842c8ae
3183e652d3e856b01d3f82623d37c12f5d1c2f688b5f5de2b0af41d7eb8a1490
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
3280244d8f6d0bb8493b793fc6985e261b79adfa3548caaaac6faa096ecf8277
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9
331aa207311226338e49a889436e6030d37944d54d0cdaaaabb5a24b995aa3a0
33de09907a0ace6ea19ac47cc786149ed723bd025b32632b989712c2b614ac20
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590
3442e41bed4bbedbc95bbd645ea454a0282407e4b361c38592d0f4e2ee97a4b7
348eb43a7595852f6122128ab36a0f31f4a148069bc5abdacc7e907b8578b2c2
34db6c3bdf77583a25ab7f07c755b83d0086878be9d75899dc192cf0fc222912
3560a1051dee35102ae1abcd81a2fd8ce2f7874f5bee222870287f8c252ce769
35bd24ee964082c95ac10f00edef3a9700b778858d8c057f4dd00e48dad9cc41
3656dd4a2eb1e936fa216ffc8c7966068c3cde3495305b979608ef4845a7b1ff
37156fd1c9940a524470a004c74bd8b813bac5fbf039f0f3459cb3be9ab7a32e
37529cb0ee30c7b602d120abc0206b3a184572fb4b11e7fb3baa7fff01dd6ca0
3831f574d7d611ecdd8dd6276a04fd04ecce4cd82fb2c10bdce29a46cd65a1b9
38770ce27de5a228da0f95fc27b81925457524f8f0b102d0e2137175f02f0ec2
3898907ac255d53bf1bc0e6c7e7ae6a131e818970ba5bcd027abaa3badf989c6
398723607f83d608f2ab999cba4a9a9375f508550be79433126f18325d0c505d
3a4921ea23b5e74ba836617ba25cd780f7b5ed3d765f3df9f44e4bc9254ce1b6
3b343a94a1668adc6d85e7693b9fc9bc1ea01dc5d5345fa3218b07d7a5210391
3b6a84a416edfb98ed7608dad8cd26ffd7123e54bce2bb13a4a3394e0b948382
3bfe05e54a95fffc77cbd75a8011da5f16a3c63f8e83113d5d369c57d76b137f
3c5aaaff66d8ee21438e49c9529b1032dd2028a700dfea1df4b643356a00268a
3cb7e8e5922f618b55af6f0aaff98a3ea1b1a0fd2bcd109d5b3bd15e2ab92545
3d9081ae00b571abbc43eca840edce641f1db0ac4bf863421d9c5958099e05be
3e0825e4064a326414596828f14b67862b0d9b2a8d9e12417c92e79f56560826
3e272f6a65a34b8ebef941488cf1001d6e1623141415a0f5ec4aca65a3594a70
3ed31a44acc3f6a72ab3fe1d0beef994ed2632c59e78f19f8d7523bc21559fcb
3f2e7b64013a235c6341a135f4c725c7623ee8e145658a9b8a29cccb694465a0
3f4f894858b12ccef194aa94c8f592a8cca008185ac7612fd3a4c78d18656af1
3ffdcd37e3a13d68dbd95764b7ffaa9c1825635f25dbdb48dea7ac7a2d1011cb
400e7d426d20339562987c6094c26b9e925f928439d6ec13b9d9a6a7c0965860
410cae8789f60d8f933e08a281f060e843bcf82afe38f819e4c01d1762b3bfe8
4118cccc3da0e570e04c5ef085395ed6e78bca5cf628a191bcb2c5aeef459ba9
42576fc1e668b7f8c844787f417bb5551293e8770e88b580e6ec2b3c47f4d9e9
4281986b6a197a976186b989271d56c212506e18f5a480055c599a107eda570c
430245404c03b816d4fd706d8903abffde2173cf34e6336a84592e52d8f84683
4312a1d379cc6de0edaad6168cea4cf2601375cafb2155139f25e7ac86360af2
447fd265cd4912b6286b11b2d6adf4732f27dd2447914416fc23ea725a721a20
447feed7ecdb9ff0a9d1989b533a8be53b4cad398d6e428dc271de64956e0c95
45f8091b16924167e343838c7fe5c372889e789a64b1b2e24d6b6b6809fe338a
46f8d89228d0bb2799a189aa3a5b5e0a88d46e5328e566a34af564f3aeb3e9f6
46fbdf9f32c575ac886278d2103276c55e3e2e0ca13ae03fb152ed6e63683b15
4719d610d09328651636e3798841131926090fb0250fe1537aa9b12be332a42b
4752c7c08ff8dc4f8189305362acfb7c67fa71d9cd5895910cde310632c250d4
47e41d9b79c62b5cab368d5618593369e99a6002e979afe784398e4fa411229d
4c32c02b5f33d186deb806a2aeff21b68a43f32db81f8c7bee8b6a78a220074b
4c72f860d263a55dbdf2adc44bb2f29ba251b28b96a4fe5626f7ed6bef41cc21
4cb55e164641c6b0d742a68730fe4ec46a3d0fad2d4d3d789ada7ad77052ee83
4cf0d88c2433234149425764eb6f5a3451485e4e0c07277d92cc5056d4d20fcb
4cfe73f71fb3a556751fd69fcc74f1a11a21e9e35ab58378ae13245246ac7fc7
4d01e2075d872ef068e080e074cbc2e5ed636ceeb3602740ec6accb53f087b0f
4eb3a58aec789d8c0f7fa649698925e05b4d96b07ff494a63de4c0b0c0f01f93
4eeb4df3522892ea2ec61de6a58e870e8262019f8e3c759c099450cefb589313
4fb182978d7f0625d52381d3a9a430019414a136c1c026bbef0db4d43e21851a
50ab92203105007c64c9c1ebc9899032554d40455aa978fb97ed0bf82489329b
5117f17be4723f54eb3a94cb07730816cccc79624a2a08f11a9968b43b7f749e
5129647826b3f8e2d5c14c20ffc5a9b2b44440125806bf872a919ee00bf42088
52bb68b88422ee62092238d2d4b4b7e17bd14c728f6fcf17ded8422a66f95e45
531e56ff32e01924c598562ea2927321feff7e93cd94eb06da8c94255d1a880b
53a2d2a2ac27c1920d2116fe1366984dee12f370fdab643af3f54dee1fb206a5
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
541588a3b6acb1f7c637ee958762788106f7fc4cec988bc3ec348602d0d79c83
5416f2cee07a77980f33d1020a54d7cc30010d7f6ce1a1e26b1546c41b328ccd
54a5f6b6e229bcae1a84f6c08614287d0770c96b7d2cfeffe9da6c6c90df2364
554a09c6d88f9ef3bed220d1bf23c6880f4a914c713598d11d05ed20fa2bf971
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0
56d59cd0070b1dabed2459a365733c8bc82f7c6e8162cc528bffdf1fbd75da1e
5891c3b694a4c9e28378ec46c107eb41f6b60c94b2609d153a2d2731b08138a6
59114ae819f73a763f282533482de704e6035f9eb42d6622006f7979917ad280
598fced2dc64cc12870e25256c5070347002bc5e189ebaae12a13146483a68c4
5997cdd379e0b8ceaec10ce73b3338145782f11bf2ac641bb963704924e98af2
59bae69eba5261f1ce89af49ae31335b17964e93a939c03830d7b7b53d8ca288
5a21a4cb857df7159174067df1f947f8b706dc1451c24889a82de8646c8475e5
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6
5a499bd13a76008d0d7c08f416db4203dbf2f762fbe73bb2ab01f03a079bdc60
5b74d266e8e826958a5e59a4ec4f051334d9ec73d323c3bc28988067030a72b2
5bab2b9a43fed222342ce29326628df0a4df777b847e50d09563dc416faccce5
5bb492068895c1c36d0e0611ba52313206be55df41da4827b5f033774587ddbc
5c1520b103ac61b4d6d7e0d59156d2c0e743bb237d0264a6891099c5ba38f41c
5cc925a803eea0cf13c9dbc56a885d897a93429a7982412fd0bac3653e36936d
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d208c168dad30251e30d5d3da0745a33ecce9ade3248320aa0c0d84dedefd0a
5fc86c00269641db9472985e5b72106879354e11d0639cddd733b0798255ddc0
5fe66a580d484d885130b284009194be966ccfdce050250dd07670b4f4015b09
610785c771b1f0bf52920fef087c1d0e64c0c2140114f13bd6da2542581d5b48
61958bb842839bd577f7e68d33088778fd44db4ccedd0031554cb7f61aff8f7d
62921fb36246461fdb81c30e18ad7dba53d74451cdca5684d546deb3df0cfb9e
62e3f604fa5bc27b8dd167b7ac44cfe196d5b436282574d1a5f4ecd232f9cc37
6358c6ea8da1fcf2fc88c991a803c1a5f63b13247d7c546f1e3365ce17ec484d
63a20bf5c2c28fb5b3eee817a7c09f5706d7714ab606ab70a2897f5473e57d8b
63d7628647230d09593dacb9624a635883a5377df73997d8304eee9dfd1ab41d
6584e16ab12779a6481e19db1213b994bf1a55076508217348aeafb0d81b1115
658d82670f53e6e8103d8afd121a7ffd8e31a690449082fb7243687b5d4f2f2b
660ca7b7fdf098a1576cca912c9944766fcaf470838870c9cf19e9ec3b1f26b9
665a84bc1a63086901838ee25646a332bdc323f54617f233d334538671e356e8
66aff1522e84087d9e91ec11610257a785bf9cc413dcaee2a2048bfcc2f27732
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
685bfe00b6cd6cc54ff2fc346dda7839638cf6cf8b79153223d6ec42937ea996
69467d3f6c049914d898ff644873a6292edd5b8d5643a3595e723370f0f92d1d
6978bf2b663a5809f8dd22e6c4c72f1e597831a1a793187106a8c38919eb1eb8
69e3b3bbd5e0bb4497074f74e007d93399a774ff3558bc213c63dfe3a9ac7dbf
6b1e5d87d088e7f39d375ee2390ab2081d40c43fca404b7859326a52122f1865
6bd9996bbb85892eeb2699fb476067382aee1649f3f49f5d8f612432535e662f
6ca0f0823cceeab7ef2ddb9e32d83d5a412b7705edd2dd07c815c3a3cae2d153
6cb16bfae53244a060693698a4884cd6734cebb7f44d9efbd9670701c5fc7ed0
6d23d10111755a12c87198df1c71cce449de31eca9643030c6327a2157f9bd86
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
6fdaabf04c137f15f7c938131c1bbe46efccf8ad1ac2e81929829ae857f8ebb6
70a64b4d78fc0547158da6cb98e000f8eee53effa2a8260cd556899fdc5a38ae
71b97599b6393cc1e12f3164c06352c055bd1c31f668899980248dd72ffad911
73883b3f159ef3a32c46f47fa960a8abc3712640168d77f19d6d32365c5a486d
7425f37d9cd401454e6aad93cda44659932f1fc2c142f6522e2deb83d64718f9
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7476feefdf307428d15d427763974a24fa0c6d3495293189f15022138237429a
750b825e61ce62eb95eae9e71d3ef9607387ee6458d90445fa57467be914e3c2
753def12fae8722bef366a340b5ab7c34a15c8cd8432cdddb30d8f91ab987b96
75944df61aae8b0d6f1baffe27bd455ce9e888492b2fbc3063e94e9f377fe820
760ac76cd0c102d08787e7fd55c0332fa7e2655c9b0a97a2860de8d57bd9a641
7688a9786ea4c66bb1f656e1684fd6c9fcac248bc5b0cf969ad82cf058418e96
7706de76b9b44c34413fe506fcdcd8750ecc68e1c9784ab169b73661fe8d2d90
78353077f95d1e7cd7218b5cff3b3836c27daf02c4c93e15c424b718a14af70d
7880306a50ea0ee4bacd648619702956c1d887ecc3aa7c1cf3cdcb49ac4fa7d2
78a26a4797791ebc3e3a4b52915cdc12e601e577cae47290f26d9781f96f46c7
7983d7b8c3b39f23dffbab7cb5c4b8f66a5afd0d60d5b23088496ad4e574ad59
79ff6a26f7cfe8f359618e554eb624503ddd9f82cef777b7f28a77859ec0c2fc
7a6c104cbe6596403d3970005f12113b10dd150be77bc9b5fd52791ae09af304
7a6db3d077f3849dbfb6b422d3ddb61c52a577bcc9bfe10e542c9805f3d4ab22
7ae3275f8bfdb6b2a4300b5b59f26cf3b15acefb57ca60690f5d235c384638b1
7b2edd7d34f6aa89f50594de48358985abefd6d7b5f4e190b3958373c79151c8
7b3a85efbd8f61e48cde39d3cdd282dbba59e7853194ee75a94fab0a4a0ba044
7bd927e1b42f04b8371fae70efdd01647cd97330cc9c58bb6e2138e10d0c2bd7
7c42933014424dabb2256a0732a9f792559d26ba09a84308c278f52834522f9a
7d4f1867c091c297e6de34e8b3ea56de6de6903fe9be8b082398b6f021d63c27
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39
7de63aa56c8d98c9bebf978e03da1c0991f4c003494ac202667144f24f48aba9
7e277e6b5dfa033f783e999b9b3a67fda4e863bb0315345d74d6ff60eba84d7c
7e77d6bfbf4f62f165907af074429b77e94c0bc0fe2f2e8478e56c6811c07330
7e7c74d95df84ef3a6be5c4fcde54fae313a04a9bd611059e6a97a23ff09f26f
7e94fbebf526effec4239c82e5435a412d81ffc4bc9bddf13f9aa1170f6d803e
7eeb34eca88eb81908f756c6257073b59ed6813074062c16333ff75db837b95f
7f1f5ebf9669d1793569f0747cc8f1f26d67836fb081668479e5021e768b9ae3
819847075c1fc1aad9d30c6b5d379b66d7a881c8655a2789c34ecd42d8095786
8234ab78b3d46dcd75441081ebe8d4d0f9f06245fe77306f86a570416c587611
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991
82a1e42ff42a6596e6c17c93ac823cdc63204d346a756a6437b7fb13047715f6
82c7fdbc4d001907e1e5d56cd335af3f0d48e0ffa7f0ad2aa3486ebb1123cb21
82c9003f38df5df49beef5694fece360557bb37b1a36b58e0ec9777dd1ce63e2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853c7fc9b27a0bc5bb71c9468927ceb7887b49cdc521337cc86defdde32f7882
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b
864a4d18bff5dda81380ec1c76178a00767cb5843d8f25c9c61a82fcd15b0150
867066f9103321a1e0ea6be5839f027653a74893522a92bc274fac8c7f6681cf
8691570f53cd198041c31c21695b7b5122f1d0b8b3bf2edff7d1253a25ee1486
8733e2183f16906b2fa2e58fdab82cf336f249ab71ac1b184470da2dd3c6e29f
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e
89d44c7901590acb1c025613d863b54a6b10a58f05ad086c5b569df8f1310eef
8a56e644a617b2d1e4e7d808dfc334a7ea8622979f22999dc9eccd21c61958b3
8a7eb53c5c2b87629a119f70176d03e6938ddc1be887aa22cff8390fa20be353
8b07014144b47fe3041d1900c1660e25c83c485a586206d4a7aabfc7ac0d8782
8b08951e92307bd3985dc49e742027a86dc5bd9296ffe17e76361ef4f59d1807
8b7bb5ad094e0b9dd4ae0be7ed11b14984bbb839488bb1d172d486950bc0e032
8c10d02509bbbec44953f78619569b38b04f3c9e9702c60cf4b357b5c6591705
8ca5d034a0cf40c4565595d2c71ce9b9cdc897c69d72572537bedfbaa8a44823
8d1d64b0c435402981521298a45c35847c7e524e1b84c5b9e1248aff748b9f2f
8d1f64670bb95ed56b35256942d45f9b628726363323f78630c74c123f691288
8d6d7d3c56565498244aeee3d4c6baf4a1ff81c67bf4d8c25f816fde581f94b4
8e6a9c2c1ce7d812f40339bb26499a7d0bcfe60cb70cc524f6d4a4219a4fd475
8f3abeeeb12cb01345e2495f0a41f28628cfed89f21b54fe39305be94149e9c0
8f7be384b0b2f860067e816b30acb596f981c47327787ab9aee287a92e6d80d4
90355ec8b214e00127bdbbc907dd4918b35e503b9ccd23e79fe053be14c9d055
9069b44e203948ca1e581ed344f8836ef2cbf60c85cb89df5fedc34631509e66
914fdeb029f7933054cadd424dd8761c9dbc6d1f17053a7366e2cfaf62df9f63
91648f1382bd4cdec2938dc47e28d9cef63283333fa2ed92dd565078847e842b
91eccc494b2eb83e324d7634cc872e3eec562ada2720998eea09dba0292a7b93
91f56da98ee9959497a4aeecdd0b16a2d12ec8a44ad535133e426028000d2a86
92428941ebe99723a5511e43d09eee74cd0ff63d68a82d2910d14610603f81e4
9244986e43b9e3ee59d2d60dec0b8cb754b4d169183c6b20e3bdcb26e027384d
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339
945fc7ff0dafc2c5cfe5c8b253fefae6a3f4265e3a37eab7c7a05497a540420c
95f994a2b7d662016d077d99aa0bdcc77c063447289c563e9604b7935101eedd
9613d99baf8cd5c0aa3cd1a824331c2f159050337c57b4b354d2d3418d32fb71
9630d960006b25383f3830b895fa04ffbf170f1f6a8caee1f9665a311ecea5ed
96f2d12f315453f7aa9495aa5ca9e18ef0b55ff31e8127fe3205b4f6b1519934
970b5054c1c59c7055a55aaa6748abfeedfb44923e596ba048d01feb3698a5d6
9796d8b9e828e947aad237707b967b6479144a05bdc608bec393ff64d22764e9
993e0ec9ae859616c7d0dbc8b57cd64567f104c6bc4fe9f63da9b03459d14b0a
9b163e49368f6f883829a3ee1670036950d461a709bd07dd5b2fba2f9c522a38
9b18c2c7604a4b0cb73d1b40e9d39f3a2aaa6d9ec047c479878635cd2f0340f3
9b22f21be9fa4851af90ab644548a2ce77bad23a28d626d2083db4ccb30715a5
9b56f99985c4a748447fc9c685d6bcffa243dbe9f42b45f1e7b3ac2704fb284a
9b60d22a30633e0fb6f4dab8000ad2c2439927868a37cc648be89b6da92d1b06
9b668fd63cc9b73ab4e0efa6cfd227c62c244a95f54a6a98125ab2f869a87f1a
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401
9e32c8e2670082837f98c388ba82e843f00c6143bed7fb99b23e5a9c8a87e5e4
9e790d3e4815926db509c0af62ff2f8663db4b54d6fb9c9a54a5988dd7782f1b
9ed8d679e30cfc39aa2a66b7ca90eaa5f92b9e6f70c8732c839253ac829a1dea
9f34320deda66de131958a8423e9fa53e09abf4d0521f4c0cb67b11b6f037b44
9f50f1a76c4977e8e954cbfa115f31777f88c8b02145bd1f8cbb185c16651860
9f85a0f311f0cb2d5cfc9fae8dfefd52b7228c78cfcf3e220a8b152ab165cd05
9f91235c74ca0adebc1c3e00e3961b2137808930f2461b891a42a12d536d9c9d
a0742a1a0f0b3edf4cb5767b30c1728fd01b6e52fd726f5482c1de2377eddd0e
a0ce4becfca8c2c223d2645dbbb0f5ccff7c3b20ff7b160cdcaf1fd267ab8003
a3d845ad7f2b56b21a83bf7610aaa58b5dba40087bd18ef014fcbf21f923cc99
a3f1d76e4b08434c61bddf05ce07fe61db8e587000b96ed90032e18295971769
a4370188e3b8f3641ad43ef72bfa9e8bc5e519da306984c328fc1885d621c470
a48318a5693f53e553b5cf31728f63b87894dee6eb24e296e074a79101989362
a4f14dd3f87737dd610c9e6f356b3524c972c245c2c211821ca27dd7fcdfc1cd
a59183305b5edc165b30e0a9dd7d12e23c07aa0706c8a6e0bea700b772921067
a5fb13ead681567ade849bb165a8caf29dce571f7c7e657abb132b76d86d0709
a6149a13a6d3cddd1c2822f777c5790605e63fd6c9cf8a91a8cb0cab0805dae6
a7e2f99a492d279564603e01c9f7a16727074c48bc717f9ec42336b40c0e94da
a85550f23eef6fceec698f0ffc36ecc907b9d2596ae408449644071ff98f45ad
a8c5be46c8a4a075dbb81757ada7779edca96a639f375a06f09719155324836d
a9ca10b7171f569d2d7f9cc5fc1cd2da480e9ddc18774d2ccae403b923aeaf81
aa1c32964a1315d6f61dbcc34210b0b5e8c96479daac6af29cfb2a6a5dd05e3a
ab12f5be0ef87ea47f0ee5b1d6a34ab46ffb01aca6f9ef4cc397afa5419d9908
ab37c65a71def4d216373b2bdcd51efb1a9d7519a744900f4101f8528c9afe13
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460
ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7
abbce63548e7eb5b2a5a57572a815d5d55c53b167d12ff016b58604c680627c5
ac2a58f9d55c4642121cfb6f7e213cbc882bbdd75ef171ca8a07ed982ef693ce
aec78106427133d45e31eac825c2517af770d3ec5530ebdad9940e8e88b8480b
af8ed8265d2e6f4b504779e6bb2de959eda8ccde7d70ca3f9c2b9a1596c2735d
af8f7cc208c911bca284f63b0eebb3c0de927b7744ed7fca6fcdf1f4a8150d2b
affd87461f2babd57a2f7aec75e9193e8e71a377e8249a02c95a5f43326e289e
b055d1edd7b183745c2466c7b75b85bbeddc9083d291c3c14f1fd31124937e1f
b230ac87604bc11c5fc3cdfe049c9094724b894bbbfe6ff32c97310e52c4e118
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1
b3498f138f5418bd58413e79e4c0969e618d6f2fee2d9d98c0f4e70a6cbd04ad
b34a48d259e5765f85ba696caab5bbbbd6d6d3004f3edf8431d8ac3bb530088c
b3d2671c1c93a41b5a6d25c59e18ad883f82ce9bea5c2a536533b8758d057327
b49563195c16375aae5588a6ba268954e5caaa51cda10ca7b457a26a2fea3858
b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad
b7b5545d71f021e10006652f3a93de9f5ef13f3090fe5a8ca3557c7ed13562fb
b98f6a5ce66e34aa8219d1208b3534ccb4850e5b530390c7e757ecd62a8e733b
ba465c06c5d97a14eb025f350f3e13a660571debe2831841097479465dc3a3e8
bab886eea220ca75835c0fd196f4ab6ec6d43cb3933eb278b9d0f7bab80cafe9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb33bc2a303b4ca0e473cc89af1b1919d6a1b52f751950fe02bcf97159db6719
bc5cd671d67f8c0dd098bc1ed69087bc08b7c3ce67644a3088c2d0f210514b37
bc780eea2ad4cb837f8d4843dabe81132ff2c0529832d4f424c51c91d25be6db
bd3fea3096ec7ee2ec481daace7e110dfd75188807e97133e7f98f53586e67e1
bd85d75dff70a5b5125fb42888d9eaa958153e37aec4c6316886e55b2c8d0b52
be0a5532cd37a7e946ce66da6ea1d4ebaae41719fe54ca2360b5e9d24fd4d8d4
bf3539aa255ea8538105016528351c891ef554dabf512df8c5965435159a417c
bf967132b3fa51348203d93b4a33b3d9ab76ab896cd8622afeb1cd433cfb3f20
bfc8e65089dc5421d56ecc71a0328eafd4feb2a602503ae5c15bfa3189c02f7e
c04e801c7134d872e0d41c00348c6ee4806f4a86027ec10e6787e502bfba0063
c051c24eb2950d58f2878487153695bc7c04957221482e3ea885cca0babc3590
c3034d0370c5faa09e7a8d7b0c48925afa0371cf17e4827dde23059f56019dae
c3a914afbdddb803f626269f05bf1b3d026e7c8234d935b3e175994dec7e52dd
c47ab623b7ce80082e44fe69c7472846dc99ae4e4e874f0937ea04b4a4f77380
c48202f6f4b2b0ccaa71f714c68ba0541d126b09795bf9acef3b87b9babd9390
c5a5aad4b20b0a3e151b279aafbdfde18f808202b6aecb81828300e9a241070a
c5a96c3b9b50f9cac99bce337309bc55f1d6b2dd94f6ed31f8c1fab9e60d4595
c68c0b1f20d7511930511fbb081df3f8bc0f61b084996fc11e93a341eba98c8d
c6c2e4026be414263f1e3cbe822cf6d92569e0df3624f1fd437a65f4c909d67d
c7190e9fa97993379ac13912fe6659cf0f54184e85c9e2e9e806ed70915ac9a8
c78a7747634b9ba2280a8157b641b0507c9f2f66559299bbfbccd6833b03b5ac
c79571197fd32a0c1ff35c064f2e8775896453b091b0ff87ec0457a204219790
c86d86aed9ebfe4025bff598b90760bb4e16c7a926138da87ee5abd9aabd9b16
c8a7ffadc434c622b893175b14aa082246bd8b0cdfecab63df8c8373e4a5836c
c96d6a23e2f1d83adf628cd7154da6382821eaa8920b60880d2327e375cf802b
c9e727b37a735a7983ea8bdad06a38b246261c239bb80b86cc0ff3663c910adb
cb00af18f8521135295cd4cf8aeda8886dfd351858ca52bbeaacd1f11cfa9cd6
cb1f20f1d663d16beca71a2f9b981c8e8212db3de9a8497a81c73b87de09b285
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
ceaf798e270ef1af13a9f132a81e9f1a0a894f3d88bf90e6f371df5d95430bcf
ceafd5ec42d22f6d58ce6f3fcb9a9414b753c5eaf940631f1d6e8e8fe5c5b220
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d020fa6036628dd1d6dbf760edc742273359e93119832249bdce332d05d6db4d
d072b333e6271bd46a5c85b2aa8b1b163ae25a717ffc399f2c5b48916bc904e5
d0d2a3bcb34584d100d81ba261567987955473bb45efa15c35f7fe3788a48ef5
d0f32a2aaf3f20f6b2c8227a6211bb3186cc29d6f2afeb18707d5ec999c371c5
d25d8e5290c8cd52e7bd033f3062ed25d89aec6d5f494da7d581c6144a313463
d3754af01f753467f9e757b771901b55301bdf53e3a5489ba9a8a3e7f1782c73
d44b93a0af159f0d547d7ec89e9227a5667ce1171bc630e6fbf79dae0e596e2d
d6726d91652b924807414195306930adeeccbafe41b4fc4e11511a0045072e86
d6aadd6b412d2183cc35497075550f4e16c51fbf798e16812f622fe2bde27eae
d6fa9bf6487fd619d0f2cdddbd707b911f84f013a0d0b52bf2919d207316f5fd
d6fd2d25aaaa144bd88f20e2256ba096884611812e21cf320bb4f28d6f423aba
d73a7a8a375f2e2e865474b719368a2712ded97d564acb3e7e78f08e7196af4e
d832f4bd61b18fd9da9a6e66519ad10869aea5e92cc88c57f201a5a0d387524c
d92223cd1f794bb20f95b01ad4366c5bc9461d07906e13cae2bb395133f9e2f8
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da9897288af905e1697a4d141bcc99c65268214b1097925e08b0c5215ab89f55
db3cd5e69df8b1e12d18ff611f60204b16be2e6e11888497005da136e55e4944
de807e9f5de9efdfcb8596c0807ecd9034413a144c263030d66d11090567868a
dea9630f3bf9f303f85a059980c051da520328a5acc9efc2cae453fce9db6af7
deb52badad3213b8f33b3afe59edcaa014ebda6aea4d2e219c8a22ba69dbd2a5
dedd701c278018b9a6ca9524dca3d0d96c9e9f808e8b53d7a8dfdec091842d6e
e04b963298e3b45923f866928531076a6f44e5348c72da33667f35a33add1885
e085ef8768c0135045e1b782b542237797187b0bf79ad1276a6ecf7f9cbc2dd9
e0972e6dcebb6cf863dc47442bd5397ce4fe6582171ead0a041c3399b7385fdf
e1e199604af16af5d9960218a5e1b0f4ac4f0329c6a0c55f2a322dc6da23c3a5
e2ddb430852cd73fc452805803e561c9fa986e5afd5cd6bfd7b3de2a0fc30ab6
e2e10699dade2381312c430f8117b9e38690a3c7bb85305a9184ad853b20b4ee
e342f17423c55554014e7cf44715340677b5979a014690b90e717204197f68d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e447fdd02c699d7b974d193a8c4676532923dede7a7dceb7b0dff5dbddcdb895
e4a5de8f7313dd55d7c1eb6348c9ac9807407323ace49bebf6777fcaa71d5be3
e4a77b13401e36cfd8f7c3f7fab76606e7ba74330a02e0f1f275ee3fa0de6554
e4c843b92e8071882b602ac1bf97ee3021de42c6ea3c495bbb4ec58f205e8516
e5e0f326458e8b8ed839d42a0cf6892df80bf26d7dc7e4f8276a65c41582ab85
e626329faeb06f1fb16d3d63dcb998279712e1ee97e6ef0408267d0f3972fa73
e99fc494f2c90bb4fa47f003d020de7540a6b6edd065aa1d0e35a668079c6e0b
ea397d9a93576816b4d35bb274717929e435938c2a9472261a36562ded7fb77a
ea3ecc6138722bf0615ca2d0b1d4a139a603aad1d5c92c3ed5b79453bb382782
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ecbef308fdb35a153dcff1b6bfdfcbdfb8ba333a597000c5e2b7e4662e45a7fb
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
ee927c0f8febd54d8dc95a7f74b6aafc749477b15872f5b303162dc477269e34
eee186181877559e303cac7a2b6fd048b24df69ab68278ec1dddf13c3e6e12f3
f1d53f96a2a7b97b081f445dd4dd755798a7a2ab3f29c58b8be7d0623cb0d6ca
f2c8dfd930528a1991f678b8e5359dae6c814e41f1251532dc822a53c315e757
f5209b2ea6c74054b0eedeb2032c5cb739838b4913c414849be2616c6da0df6d
f56c07bd75b0bec96555e655043342a2862c79961358533a3c7b59bd23288b49
f658e58f607d9d747253921ccd88b301bdd12085e11720fd99a1aafa3bd0771a
f6dac89092397e9cc867b833d2d3da307888d0c8781e2353d378c8c69c37af6d
f779bc164971ff7ddda210106390fbdfb48dc2fc9f1964308b8b5bc533d0bef1
f833b4ea1969c7e3ad63c919894c6f0a4ceedaa4cdb6a8616d2f906831d7f75a
f8a52990bbe6892abb730d241570fbfbd2ff2fc707fdd3004c7dba6e843bbae3
f8be1c771ef58a9275da7f0564e035199980ec29df8af2b52206e4db29007122
f94d8241e9abcfed0afe73b99bf888490cac4d9914122633e0099f76ade5a962
f9f70b25f19c23fc490db0116d3b59f8ee97c276c435c4f2dc502fcd46c11949
fb624eb182dd1aace32416024e0abb3f0ed91df37857e7f5dab317640e6fb783
fcb056591fcd425e291aae17220d3ef296699cbe6bb69f417f2345f454b6dbce
fe31f4fdc3088026e18db0a51cc62ad793d03dcb051ddaf6f95247f833a9524f
ff58858b54d917d023f578975b08ce471886fb56669f49ff9b59c4e822a23585

www.bleepingcomputer.com Open in urlscan Pro 104.20.59.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

731 Requests

92 %HTTPS

33 %IPv6

41 Domains

69 Subdomains

53 IPs

6 Countries

8353 kBTransfer

32031 kBSize

0 Cookies

18 Outgoing links

Page URL History

Redirected requests

731 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bleepingcomputer.com Open in urlscan Pro
104.20.59.209 Public Scan

Screenshot
Live screenshot

Full Image

731
Requests

92 %
HTTPS

33 %
IPv6

41
Domains

69
Subdomains

53
IPs

6
Countries

8353 kB
Transfer

32031 kB
Size

0
Cookies

731 HTTP transactions
5 data transactions