www.windowscentral.com Open in urlscan Pro
2606:4700::6812:bc37 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/EVtrMRvMwU
Effective URL:
https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Submission: On April 18 via api (April 18th 2022, 4:02:12 pm UTC) from US — Scanned from DE

Summary HTTP 161 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 56 IPs in 5 countries across 49 domains to perform 161 HTTP transactions. The main IP is 2606:4700::6812:bc37, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.windowscentral.com. The Cisco Umbrella rank of the primary domain is 59551.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 5th 2021. Valid for: a year.

This is the only time www.windowscentral.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
26	2606:4700::68... 2606:4700::6812:bc37	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e031	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:551	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.248.33 18.66.248.33	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:20:... 2606:4700:20::ac43:4acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4686	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
28	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
5	2600:9000:231... 2600:9000:2315:8a00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.49.221.204 52.49.221.204	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	143.204.101.224 143.204.101.224	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
3	151.101.66.114 151.101.66.114	54113 (FASTLY) (FASTLY)
1	34.111.234.236 34.111.234.236	15169 (GOOGLE) (GOOGLE)
1	18.66.248.32 18.66.248.32	16509 (AMAZON-02) (AMAZON-02)
2	143.204.98.40 143.204.98.40	16509 (AMAZON-02) (AMAZON-02)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	52.50.139.7 52.50.139.7	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:215... 2600:9000:2156:5000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.61.60 65.9.61.60	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:224... 2600:9000:224a:4200:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.215.230.177 52.215.230.177	16509 (AMAZON-02) (AMAZON-02)
1	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
1	52.205.167.202 52.205.167.202	14618 (AMAZON-AES) (AMAZON-AES)
2 6	13.32.99.105 13.32.99.105	16509 (AMAZON-02) (AMAZON-02)
5	52.16.75.86 52.16.75.86	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:6e00:d:5ce3:a4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.121.92.52 3.121.92.52	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	54.36.109.47 54.36.109.47	16276 (OVH) (OVH)
1 2	185.86.137.132 185.86.137.132	201081 (SMARTADSE...) (SMARTADSERVER)
3 5	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 2	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
3 4	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	104.36.113.107 104.36.113.107	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.211.144.1 35.211.144.1	19527 (GOOGLE-2) (GOOGLE-2)
1 2	3.248.131.63 3.248.131.63	16509 (AMAZON-02) (AMAZON-02)
1	18.198.69.109 18.198.69.109	() ()
6	141.226.228.48 141.226.228.48	() ()
2	151.101.193.44 151.101.193.44	() ()
12 18	104.79.89.79 104.79.89.79	() ()
1	2600:1f18:612... 2600:1f18:612b:4264:35be:ace0:b22e:18d9	() ()
2 2	185.94.180.125 185.94.180.125	() ()
1	141.226.224.32 141.226.224.32	() ()
4	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	() ()
1 1	18.134.84.22 18.134.84.22	() ()
2 2	52.210.200.111 52.210.200.111	() ()
1 1	2a05:d018:d29... 2a05:d018:d29:3605:9f4c:83a8:7085:a009	() ()
2 2	35.157.46.192 35.157.46.192	() ()
2	173.231.181.122 173.231.181.122	() ()
2	209.54.177.54 209.54.177.54	() ()
161	56

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700::6812:bc37 (United States)

ASN13335 (CLOUDFLARENET, US)

www.windowscentral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:f7::5c7b:e031 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:551 (United States)

ASN13335 (CLOUDFLARENET, US)

6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

freyr.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bordeaux.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.servebom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-33.dus51.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4acf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

futureplc-com.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2315:8a00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.221.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-221-204.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.224 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-224.fra50.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.66.114 (United States)

ASN54113 (FASTLY, US)

search-api.fie.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.234.236 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-32.dus51.r.cloudfront.net

js.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-40.fra50.r.cloudfront.net

uk-script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.139.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-139-7.eu-west-1.compute.amazonaws.com

sommelier.futurehybrid.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:5000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-60.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:4200:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.230.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-230-177.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.32.99.105 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.16.75.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-75-86.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:6e00:d:5ce3:a4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rm-script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.92.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-92-52.eu-central-1.compute.amazonaws.com

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.109.47 (France)

ASN16276 (OVH, FR)
PTR: p02.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.132 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.36 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.131.137 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.113.107 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.211.144.1 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 1.144.211.35.bc.googleusercontent.com

pool.grid-data.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.131.63 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-131-63.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (None, )

ASN- ()

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 141.226.228.48 (None, )

ASN- ()

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (None, )

ASN- ()

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.79.89.79 (None, ) 12 redirects

ASN- ()

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:35be:ace0:b22e:18d9 (None, )

ASN- ()

taboola-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (None, ) 2 redirects

ASN- ()

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (None, )

ASN- ()

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4de0:ac19::1:b:1a (None, )

ASN- ()

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.134.84.22 (None, ) 1 redirects

ASN- ()

1f2e7.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.200.111 (None, ) 2 redirects

ASN- ()

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:9f4c:83a8:7085:a009 (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.46.192 (None, ) 2 redirects

ASN- ()

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.231.181.122 (None, )

ASN- ()

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.177.54 (None, )

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1059 c2.taboola.com — Cisco Umbrella Rank: 7825 trc.taboola.com 15.taboola.com am-trc-events.taboola.com vidstat.taboola.com wf.taboola.com am-vid-events.taboola.com imprammp.taboola.com am-match.taboola.com sync-t1.taboola.com pips.taboola.com cds.taboola.com	557 KB
26	windowscentral.com www.windowscentral.com — Cisco Umbrella Rank: 59551	277 KB
22	stickyadstv.com 12 redirects ads.stickyadstv.com cdn.stickyadstv.com	293 KB
9	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	20 KB
7	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2167 test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 5832 audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 10095	179 KB
6	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 137	4 KB
6	cpx.to p.cpx.to — Cisco Umbrella Rank: 10837 s.cpx.to — Cisco Umbrella Rank: 2228	7 KB
5	futurecdn.net freyr.futurecdn.net — Cisco Umbrella Rank: 14122 bordeaux.futurecdn.net — Cisco Umbrella Rank: 15504 search-api.fie.futurecdn.net — Cisco Umbrella Rank: 14626	235 KB
4	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 355	2 KB
4	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 903	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	1 KB
3	dotmetrics.net uk-script.dotmetrics.net — Cisco Umbrella Rank: 5497 rm-script.dotmetrics.net — Cisco Umbrella Rank: 7753	5 KB
3	gumgum.com js.gumgum.com — Cisco Umbrella Rank: 4540 g2.gumgum.com — Cisco Umbrella Rank: 1506	39 KB
3	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1523 bcp.crwdcntrl.net — Cisco Umbrella Rank: 858	12 KB
3	typekit.net use.typekit.net — Cisco Umbrella Rank: 510	79 KB
2	amazon-adsystem.com s.amazon-adsystem.com	1 KB
2	adgrx.com cm.adgrx.com	816 B
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	bidr.io 2 redirects match.prod.bidr.io	1 KB
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	pubmatic.com 2 redirects image2.pubmatic.com — Cisco Umbrella Rank: 898	632 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 438	2 KB
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1463	1 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1307	1 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2749 p1.parsely.com — Cisco Umbrella Rank: 2214	18 KB
2	perfectmarket.com widget.perfectmarket.com — Cisco Umbrella Rank: 3657	33 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 975	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 138	85 KB
2	btloader.com btloader.com — Cisco Umbrella Rank: 1133 api.btloader.com — Cisco Umbrella Rank: 1274	7 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	398 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	1013 B
1	fwmrm.net 1 redirects 1f2e7.v.fwmrm.net	511 B
1	tremorhub.com taboola-supply-partners.tremorhub.com	183 B
1	exelator.com loadus.exelator.com	93 B
1	bidswitch.net pool.grid-data.bidswitch.net — Cisco Umbrella Rank: 10682	244 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 675	214 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 699	1009 B
1	google.com adservice.google.com — Cisco Umbrella Rank: 77	549 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 7579	792 B
1	futurehybrid.tech sommelier.futurehybrid.tech — Cisco Umbrella Rank: 16170	1 KB
1	servebom.com ads.servebom.com — Cisco Umbrella Rank: 12906	369 B
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 897	2 KB
1	ml314.com ml314.com — Cisco Umbrella Rank: 1582	32 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	33 KB
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	1 KB
1	videoplayerhub.com 1 redirects futureplc-com.videoplayerhub.com — Cisco Umbrella Rank: 18253	538 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1209	5 KB
1	permutive.app 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app — Cisco Umbrella Rank: 14444	241 KB
1	t.co t.co — Cisco Umbrella Rank: 476	547 B
161	49

	Domain	Requested by
26	www.windowscentral.com	t.co www.windowscentral.com
18	ads.stickyadstv.com	12 redirects vidstat.taboola.com cdn.stickyadstv.com
10	cdn.taboola.com	www.windowscentral.com cdn.taboola.com
7	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
7	trc.taboola.com	cdn.taboola.com
6	sb.scorecardresearch.com	2 redirects widget.perfectmarket.com www.windowscentral.com
5	cm.g.doubleclick.net	3 redirects
5	s.cpx.to	p.cpx.to www.windowscentral.com
5	quantcast.mgr.consensu.org	www.windowscentral.com quantcast.mgr.consensu.org
4	cdn.stickyadstv.com	vidstat.taboola.com cdn.stickyadstv.com
4	match.adsrvr.org	3 redirects am-match.taboola.com
4	rules.quantcount.com	secure.quantserve.com
3	am-vid-events.taboola.com	vidstat.taboola.com
3	www.google-analytics.com	www.windowscentral.com
3	search-api.fie.futurecdn.net	www.windowscentral.com search-api.fie.futurecdn.net
3	use.typekit.net	www.windowscentral.com
2	s.amazon-adsystem.com
2	cm.adgrx.com
2	pm.w55c.net	2 redirects
2	match.prod.bidr.io	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	wf.taboola.com	vidstat.taboola.com
2	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
2	image2.pubmatic.com	2 redirects
2	secure.adnxs.com	2 redirects
2	sync.smartadserver.com	1 redirects www.windowscentral.com
2	stats.g.doubleclick.net	www.windowscentral.com
2	g2.gumgum.com	js.gumgum.com
2	ad-delivery.net	www.windowscentral.com
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	uk-script.dotmetrics.net	www.windowscentral.com
2	secure.quantserve.com	www.windowscentral.com t.co
2	connect.facebook.net	www.windowscentral.com connect.facebook.net
2	securepubads.g.doubleclick.net	www.windowscentral.com securepubads.g.doubleclick.net
2	www.facebook.com	www.windowscentral.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	1f2e7.v.fwmrm.net	1 redirects
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	sync-t1.taboola.com	am-match.taboola.com
1	taboola-supply-partners.tremorhub.com	am-match.taboola.com
1	am-match.taboola.com	vidstat.taboola.com
1	imprammp.taboola.com
1	am-trc-events.taboola.com
1	loadus.exelator.com
1	15.taboola.com	cdn.taboola.com
1	pool.grid-data.bidswitch.net	www.windowscentral.com
1	token.rubiconproject.com	www.windowscentral.com
1	id5-sync.com	www.windowscentral.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	rm-script.dotmetrics.net	www.windowscentral.com
1	p1.parsely.com	www.windowscentral.com
1	api.btloader.com	futureplc-com.videoplayerhub.com
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	sommelier.futurehybrid.tech	bordeaux.futurecdn.net
1	ads.servebom.com	bordeaux.futurecdn.net
1	unpkg.com	t.co
1	js.gumgum.com	www.windowscentral.com
1	ml314.com	www.windowscentral.com
1	www.googletagmanager.com	www.windowscentral.com
1	d1z2jf7jlzjs58.cloudfront.net	www.windowscentral.com
1	p.cpx.to	www.windowscentral.com
1	c2.taboola.com	www.windowscentral.com
1	btloader.com	www.windowscentral.com
1	futureplc-com.videoplayerhub.com	1 redirects
1	tags.crwdcntrl.net	www.windowscentral.com
1	a.teads.tv	www.windowscentral.com
1	bordeaux.futurecdn.net	www.windowscentral.com
1	freyr.futurecdn.net	www.windowscentral.com
1	6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app	www.windowscentral.com
1	t.co
161	74

This site contains links to these domains. Also see Links.

Domain
forums.windowscentral.com
www.thrifter.com
www.androidcentral.com
www.cisa.gov
www.mobilenations.com
www.futureplc.com
admin.androidcentral.com
admin.imore.com
thrifter.com
www.technobuffalo.com
youtube.com
passport.mobilenations.com
www.twitter.com
www.facebook.com
www.youtube.com
instagram.com
yourfuturejob.futureplc.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
windowscentral.com Cloudflare Inc ECC CA-3	`2021-06-05` - `2022-06-04`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2022-03-17` - `2022-06-15`	3 months	crt.sh
freyr.futurecdn.net R3	`2022-04-10` - `2022-07-09`	3 months	crt.sh
bordeaux.futurecdn.net R3	`2022-03-11` - `2022-06-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-25` - `2022-04-25`	3 months	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2022-03-25` - `2023-04-23`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-13` - `2023-01-13`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
hawk.techradar.com R3	`2022-02-25` - `2022-05-26`	3 months	crt.sh
*.ml314.com GoGetSSL RSA DV CA	`2022-03-29` - `2023-03-29`	a year	crt.sh
*.gumgum.com Amazon	`2021-10-15` - `2022-11-12`	a year	crt.sh
*.dotmetrics.net Amazon	`2021-10-24` - `2022-11-21`	a year	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
ads.servebom.com R3	`2022-03-13` - `2022-06-11`	3 months	crt.sh
sommelier.futurehybrid.tech R3	`2022-04-08` - `2022-07-07`	3 months	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2022-02-23` - `2022-05-24`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-17` - `2023-01-17`	a year	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
pool.grid-data.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-02-25` - `2023-03-07`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-12` - `2023-02-12`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Frame ID: 0B1ECDD566C9873A5FE773417A9EF2EB
Requests: 143 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: 2BFBA54A883CD8B3EED6E4F3B9570B01
Requests: 2 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=12464/rand=642268536/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr
Frame ID: 40D482506DE35F7EF2430985F0E953A1
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7a2cCFgOYvfMMoGPFSASYvfMMoGPFSAUAAAAGBgQHG8aczGibEY21WS02w91stphMhsvhZDGZDGHDmJMZbTOisTarxWa4m60Wu8FgsdjMRqMpWDTTZFBQTk-P2WUQFV1vi93hNHvekIWm0-Fz3et1v99d97Sb_L7Px2U3XR5mu8bv9uuedpPf93nr_pav5_QwPf12z1t1N7ksb4Xp9PB43XKX7-x8i5yej9_2srxMbrXD7HtYXnYAAAAAeAAYs1qC-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMAjK1wCA4sCQv-nosltcl59BbzGIXJaD6OG6uCz_AAB4eAABABDAIAEY2G0pAXDBHT4BAAAAAAAAAGD5____jwHYYxuTGfBfb-gBePABeCAqIC1iBAAAAJBbvZl6NKkTKosqAACCdCuAKwCAAMAetPHQMAAAgAAxNc26mF93rcOxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJlTElZIWJEKxp_YLCACw9gsIAMCmbgAAbwJwIdeAptPhc93rRXeN3y86glYMBqszoOVmM9zNDgAAAODu____H09Nsy7m113rUA_kZovhymFZODaOmc1hWk48m5VnMtzMLMaVxzWYbC_IQ4qyqdzlsc-imSaDgnJ6eswug6joelvsDqfZc78JW4xWk8lmOZwtF5PBcDQcjfY3EIPBACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYWC5mRlXpuVaOdh41qLhyLRWOFyLtWy2W21GJpdv41i5Ra-P6bnaLQYzkxUP5mN4-GsXLgoGVO1FcJFO1H6L0-yyO0xPv93zWOuedpPf93HZTZeH2SKWaE4W6UR22fdmi-HKYVk4No6ZzWFaTjyblWcy3MwsxpXHNZjsC8vNzLgyLdfKwcazFg1HprXC4VqsZbPdajMyuXwbx8oten1Mz9VuMZiZ_I3ZajBZ7naT1b4xWw0my91ustp3eHxHa8kY8fiUD9-tOrE5DAqXweL9SUyLaXd28Px-R6dO_VIWdUbh5Xv0GhSeg8c0UabEOmtfJiwmrwrHwaCIJYLTRToRvYyni1gieVqkE5Vn5fGYJhPHcrnwGIaLjcu2stgsFptrOJisRruJWKI0XaQTve5pN_l9n7fub_l6Tg_T02_3vFV3k8vyVphOD4_XLXf5zs63yOn5-G0vy8vkVjvMvoflZVH_8SGGq7lksZkrVqu5YrZcJQAAAAAAAACAJcyZNwEAAAA4DWQ0Wk1WywWAMCbXBQYBAAAAAADYtcOCth_VhJ0_5mi_xWl22R2mp9_ueax1T7vJ7_u47KbLw2xlAAjjcObNnglirVbLGgAAQAAbAAAggFs3bwFhVhwAAEBgHAAAAIAc!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: B60656221CAD2CBF4EA8701D7EB27C20
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: D5DC02FE3821F90BC40394A3CB968F1C
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 787186A01779A817ECD4D093EB263F08
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Windows workstations under attack by newly discovered malware | Windows Central

Page URL History Show full URLs

https://t.co/EVtrMRvMwU Page URL
https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

161
Requests

87 %
HTTPS

35 %
IPv6

49
Domains

74
Subdomains

56
IPs

5
Countries

2188 kB
Transfer

8649 kB
Size

40
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://forums.windowscentral.com/?utm_source=wc&utm_medium=navbar&utm_campaign=navigation
Title: Forums

Search URL Search Domain Scan URL

URL: https://www.thrifter.com//?utm_source=wc&utm_medium=navbar&utm_campaign=navigation
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.androidcentral.com/best-vpn?utm_source=wp&utm_medium=topicblock&utm_campaign=navigation
Title: Best VPN

Search URL Search Domain Scan URL

URL: https://www.cisa.gov/uscert/ncas/alerts/aa22-103a
Title: joint cybersecurity advisory

Search URL Search Domain Scan URL

URL: https://forums.windowscentral.com/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Forums

Search URL Search Domain Scan URL

URL: https://www.mobilenations.com/licensing-reprints/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Licensing and Reprints

Search URL Search Domain Scan URL

URL: https://www.mobilenations.com/advertise?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/accessibility-statement/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Accessibility Statement

Search URL Search Domain Scan URL

URL: https://admin.androidcentral.com/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Android Central

Search URL Search Domain Scan URL

URL: https://admin.imore.com/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: iMore

Search URL Search Domain Scan URL

URL: https://thrifter.com/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Thrifter

Search URL Search Domain Scan URL

URL: https://www.technobuffalo.com/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: TechnoBuffalo

Search URL Search Domain Scan URL

URL: http://youtube.com/c/themrmobile?utm_source=wp&utm_medium=drawer&utm_campaign=navigation&sub_confirmation=1
Title: MrMobile

Search URL Search Domain Scan URL

URL: https://passport.mobilenations.com/?u=eNpVUMtuwyAQ_BfuxMY2tb05RuoHNL1bG9i2yBgsIKFV1X8vpLn0Nju789BcIozwHUF0wAJpE0il5RosO0aYZmAfKe0RmibnfMjGaZ-jXCKXAtqD8lvzoHj2YY0Jk_Eu8qvTFDimhGrljrL94tpE5W9UEviGNmOgGiCe_ocum5aV70sZhUpqKdXbPFxcZikE9t00UN8NchrbqVX1blwwFk26WxVF3isolqhqjzpIYNa_mzsWLbDT-eV5efUrFeYC7YOlz90E_NOYUkq2vZh7MZZ1-cBOoVQ2bq0Scfz5BVZKY24,
Title: Log in

Search URL Search Domain Scan URL

URL: https://passport.mobilenations.com/?utm_source=wp&utm_medium=signup&utm_campaign=passport&u=eNpVUM1OxCAQfpfe2UIptmWPm_hcMOq9mYVRSVtoYFY0xncX6l68Tb75_mZAD_o7adHpJqJ1EQ3Nt7g256THSTfvRHvSbZtzPmXnbcjJoKcI68mErb1DLIe4JAJywVwndvMWIwNcIjAL85jXL2ZdMuEDSwLbYM0QsQaIh_-h82ZVxWUpY8Aoq5R5nfrrpIRcMNmNPcquV-PAR24qr9dNcnRYFUXe61AswdQexwXV_80lwnjkcd1cXJ6fHueXsGAhXFw1v6P4ubsIfzJXeikuxSTFUNblCTvG0tr5pUrE-ecXoypkvQ%2C%2C
Title: Sign up

Search URL Search Domain Scan URL

URL: http://www.twitter.com/windowscentral?utm_source=wc&utm_medium=burger&utm_campaign=navigation
Title: t

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WindowsCentral?utm_source=wc&utm_medium=burger&utm_campaign=navigation
Title: f

Search URL Search Domain Scan URL

URL: https://www.youtube.com/wmexperts?utm_source=wc&utm_medium=burger&utm_campaign=navigation
Title: p

Search URL Search Domain Scan URL

URL: http://instagram.com/WindowsCentral?utm_source=wc&utm_medium=burger&utm_campaign=navigation
Title: i

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: © Future US, Inc.

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/terms-conditions/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/privacy-policy?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/cookies-policy?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: http://yourfuturejob.futureplc.com/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/services/endorsement-licensing/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Licensing

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/accessibility-statement?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Accessibility Statement

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/?utm_source=wp&utm_medium=footer&utm_campaign=navigation
Title: © Future US, Inc.

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/terms-conditions/?utm_source=wp&utm_medium=footer&utm_campaign=navigation
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/privacy-policy?utm_source=wp&utm_medium=footer&utm_campaign=navigation
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/cookies-policy?utm_source=wp&utm_medium=footer&utm_campaign=navigation
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: http://yourfuturejob.futureplc.com/?utm_source=wp&utm_medium=footer&utm_campaign=navigation
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/services/endorsement-licensing/?utm_source=wp&utm_medium=footer&utm_campaign=navigation
Title: Licensing

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/accessibility-statement?utm_source=wp&utm_medium=footer&utm_campaign=navigation
Title: Accessibility Statement

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/services/advertising/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/EVtrMRvMwU Page URL
https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://futureplc-com.videoplayerhub.com/galleryplayer.js HTTP 301
https://btloader.com/tag?h=futureplc-com&upapi=true

Request Chain 76

https://sb.scorecardresearch.com/p?c1=8&c2=15039634&c3=9&c4=n6aekmb1&c7=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&c8=Windows%20workstations%20under%20attack%20by%20newly%20discovered%20malware%20%7C%20Windows%20Central&c9=https%3A%2F%2Ft.co%2F&cv=2.0&cj=1&ns__t=1650297719022 HTTP 302
https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=9&c4=n6aekmb1&c7=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&c8=Windows%20workstations%20under%20attack%20by%20newly%20discovered%20malware%20%7C%20Windows%20Central&c9=https%3A%2F%2Ft.co%2F&cv=2.0&cj=1&ns__t=1650297719022

Request Chain 82

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Daee13e30-7ec3-4fb1-8a1d-3eef7689a982&gdpr=0 HTTP 302
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=aee13e30-7ec3-4fb1-8a1d-3eef7689a982&gdpr=0&cklb=1

Request Chain 83

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=aee13e30-7ec3-4fb1-8a1d-3eef7689a982 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=aee13e30-7ec3-4fb1-8a1d-3eef7689a982&google_tc= HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=aee13e30-7ec3-4fb1-8a1d-3eef7689a982&google_gid=CAESEMeFM8RWCdPmHLw6rPeESfs&google_cver=1

Request Chain 84

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12542%26ref%3Dhttps%253A%252F%252Ft.co%252F%26url%3Dhttps%253A%252F%252Fwww.windowscentral.com%252Fwindows-workstations-under-attack-newly-discovered-malware%26hn_ver%3D40%26fid%3Daee13e30-7ec3-4fb1-8a1d-3eef7689a982 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12542%2526ref%253Dhttps%25253A%25252F%25252Ft.co%25252F%2526url%253Dhttps%25253A%25252F%25252Fwww.windowscentral.com%25252Fwindows-workstations-under-attack-newly-discovered-malware%2526hn_ver%253D40%2526fid%253Daee13e30-7ec3-4fb1-8a1d-3eef7689a982 HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=2721421729896284876&pid=12542&ref=https%3A%2F%2Ft.co%2F&url=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&hn_ver=40&fid=aee13e30-7ec3-4fb1-8a1d-3eef7689a982

Request Chain 85

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
https://s.cpx.to/sync?dsp_uid=d5702c25-577c-4efd-963c-4bee40daafbe&dsp=TTD

Request Chain 86

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Daee13e30-7ec3-4fb1-8a1d-3eef7689a982 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Daee13e30-7ec3-4fb1-8a1d-3eef7689a982 HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=68BCEDBE-EFBD-48FF-8A6D-B2ECBEA23701&fid=aee13e30-7ec3-4fb1-8a1d-3eef7689a982

Request Chain 89

https://sb.scorecardresearch.com/cs/10055482/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 91

https://bcp.crwdcntrl.net/5/c=12464/rand=642268536/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=12464/rand=642268536/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr

Request Chain 131

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=e60f9716-bf30-11ec-a6fe-14e583300106 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e60f96b7-bf30-11ec-a6fe-14e583300106&orig=video&us_privacy=1---gdpr=1&

Request Chain 136

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent= HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=d14fe0c8eb42d26113dca4c4d013a7&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l289f_7087974774718203543 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZDE0ZmUwYzhlYjQyZDI2MTEzZGNhNGM0ZDAxM2E3&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFNiD15A5mmZvMKCfdkRORg&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=d5702c25-577c-4efd-963c-4bee40daafbe HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AADlJE7EuxcAAB-M1Q7G7w&gdpr=0 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/d14fe0c8eb42d26113dca4c4d013a7?gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-HpsZrlRE2oNQe9KIKQBRKT_ODShtKPRyb1kTIbWU~A HTTP 302
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=5aydHb4P1NGtPj5 HTTP 302
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE

Request Chain 140

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=1&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDE0ZmUwYzhlYjQyZDI2MTEzZGNhNGM0ZDAxM2E3&gdpr=1&gdpr_consent=

Request Chain 141

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=1&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=d14fe0c8eb42d26113dca4c4d013a7&ex=freewheel.tv&gdpr=1&gdpr_consent=

Request Chain 149

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent= HTTP 302
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=1&gdpr_consent=

Request Chain 154

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=1&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDE0ZmUwYzhlYjQyZDI2MTEzZGNhNGM0ZDAxM2E3&gdpr=1&gdpr_consent=

Request Chain 156

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=1&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=d14fe0c8eb42d26113dca4c4d013a7&ex=freewheel.tv&gdpr=1&gdpr_consent=

161 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 EVtrMRvMwU
t.co/ 422 B
547 B 149ms
134ms Document
text/html 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/EVtrMRvMwU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 216
content-type: text/html; charset=utf-8
date: Mon, 18 Apr 2022 16:01:56 GMT
expires: Mon, 18 Apr 2022 16:06:56 GMT
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: eed76e74dd8e50a970d47ed2c5f7a4f03bdeb2e57b3b9e437d8c86a2f016cc0e
x-response-time: 128
x-xss-protection: 0

GET
H2 200 Primary Request windows-workstations-under-attack-newly-discovered-malware Show response
www.windowscentral.com/ 140 KB
32 KB 960ms
930ms Document
text/html 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware

Requested by

Host: t.co
URL: https://t.co/EVtrMRvMwU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cfc36761b65ef043cd4a948c54438b64dcb3e058cc4886c46a4d6c17b94bddf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://t.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=300, s-maxage=21600
cf-cache-status: EXPIRED
cf-ray: 6fde9f3b8bfb9225-FRA
content-encoding: gzip
content-language: en
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Mon, 18 Apr 2022 16:01:57 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Mon, 18 Apr 2022 16:06:57 GMT
last-modified: Sun, 17 Apr 2022 21:39:20 GMT
link: <https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2021/05/hp-zbook-studio-g8-ports2.jpg>; rel="image_src",<https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware>; rel="canonical",<https://www.windowscentral.com/node/91665>; rel="shortlink"
mn-server-ip: 48
permissions-policy: interest-cohort=()
server: cloudflare
strict-transport-security: max-age=86400
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 hp-zbook-studio-g8-ports2.jpg
www.windowscentral.com/sites/wpcentral.com/files/styles/large_wm_brb/public/field/image/2021/05/ 35 KB
35 KB 29ms
28ms Image
image/webp 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/wpcentral.com/files/styles/large_wm_brb/public/field/image/2021/05/hp-zbook-studio-g8-ports2.jpg
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28183d032afee3e3f6cd4940b084a0f47e74288d5f60d91f11ab9885687b20c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
cf-cache-status: HIT
age: 66157
cf-polished: qual=85, origFmt=jpeg, origSize=66153
content-disposition: inline; filename="hp-zbook-studio-g8-ports2.webp"
content-length: 35684
last-modified: Tue, 11 May 2021 01:49:18 GMT
server: cloudflare
etag: "6099e29e-10269"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 18 May 2022 21:39:21 GMT
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6fde9f4399199225-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 l
use.typekit.net/af/6d4bb2/00000000000000003b9acafc/27/ 26 KB
26 KB 32ms
7ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6d4bb2/00000000000000003b9acafc/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: da03f140d305f2abdf496bdd3fad9cfed87a237cf09f6a2edcec58bc5a1f044d

Request headers

Referer: https://www.windowscentral.com/
Origin: https://www.windowscentral.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
server: nginx
etag: "7d4a321fb4284bed9856c33aee6c065aba0855a7"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26392

GET
H2 200 fa-solid-900.woff2
www.windowscentral.com/sites/all/fonts/fontawesome-min/ 8 KB
8 KB 27ms
27ms Font
application/octet-stream 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/all/fonts/fontawesome-min/fa-solid-900.woff2
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd23f77e0f2633a6eb7eab764d98ab21a0ae46fe92d169262b52ffefd1dcf16c

Request headers

Referer: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Origin: https://www.windowscentral.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 15:02:52 GMT
server: cloudflare
age: 1837116
etag: "62349f1c-1ff4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6fde9f43991c9225-FRA
content-length: 8180
expires: Thu, 28 Apr 2022 09:43:22 GMT

GET
H2 200 mona-icons.ttf
www.windowscentral.com/sites/all/fonts/ 2 KB
2 KB 34ms
34ms Font
application/octet-stream 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/all/fonts/mona-icons.ttf
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2f14c14f8b1cc9659e849b3db6b22410b5641152120e50e5a1292d78016016c

Request headers

Referer: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Origin: https://www.windowscentral.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 15:02:25 GMT
server: cloudflare
age: 1837116
etag: "62349f01-70c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6fde9f43991e9225-FRA
content-length: 1804
expires: Thu, 28 Apr 2022 09:43:22 GMT

GET
H2 200 6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js Show response
6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/ 867 KB
241 KB 104ms
50ms Script
application/javascript 2606:4700::6812:551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4d30c76f6c4f12662e2a140e5900c3f0a68776ed72f22d3fd626d6b9b7218d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 6093eccf-6734-4877-ac8b-83d6d0e27b46
age: 3299
x-guploader-uploadid: ADPycdstSFN02PQ2D29dc9qkqLyhkvcEFc9miYOW94Vt72psz49S4AjYfXk7C8FtVjHwELhQX53SYIJ0IZ-g0fdHvj_pRgueU1oT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Thu, 14 Apr 2022 17:04:53 GMT
server: cloudflare
etag: W/"1454d9e9f2733e146d781cb6fff2d502"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=H+2eRA==, md5=FFTZ6fJzPhRteBy2//LVAg==
x-goog-generation: 1649955893417392
cache-control: public, max-age=900
x-goog-stored-content-length: 252734
cf-ray: 6fde9f442b9f9a2f-FRA
expires: Mon, 18 Apr 2022 16:16:58 GMT

GET
H2 200 freyr.js Show response
freyr.futurecdn.net/ 69 KB
17 KB 67ms
17ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://freyr.futurecdn.net/freyr.js

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

b25590ed0eb80f9d4324448b2f2be99e6b7c73affaaed9625d1643826fe218c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 09:43:15 GMT
server: nginx/1.19.0
etag: W/"6242d4b3-11540"
strict-transport-security: max-age=15724800; includeSubDomains
freyr-version: 4.0.0
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1526
accept-ranges: bytes
content-length: 17557
x-hw: 1650297718.cds291.am5.hn,1650297718.cds290.am5.c

GET
H2 200 js__n7HQ4TG1EEZYz2tjiNVR6cVScwcUWaE3qTK3TEDs0X4__0q2wZs_Du6XgivdmkEtGm64iEdYt-B97Ol6Y6U5KYRA__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.js Show response
www.windowscentral.com/sites/wpcentral.com/files/advagg_js/ 194 KB
64 KB 29ms
28ms Script
application/x-javascript 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_js/js__n7HQ4TG1EEZYz2tjiNVR6cVScwcUWaE3qTK3TEDs0X4__0q2wZs_Du6XgivdmkEtGm64iEdYt-B97Ol6Y6U5KYRA__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47574b2437bb834db5f02f5c5e4952fe1a2b6313348dd6cfbcecfaa579f704d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Jan 2022 21:39:00 GMT
server: cloudflare
age: 1837116
etag: W/"61d76174-3aba1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 28 Apr 2022 09:43:22 GMT
cache-control: max-age=2678400
cf-polished: origSize=240545
cf-ray: 6fde9f43991f9225-FRA
cf-bgj: minify

GET
H2 200 js__c0wIEn2kbwfSABNH37FFHYYM7mCF9kYLDVp5KdHQI30__Pr-ynne3WA3SaozEBe8Rs0OElNLarFAb10Yxr7wDwvw__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.js Show response
www.windowscentral.com/sites/wpcentral.com/files/advagg_js/ 21 KB
6 KB 36ms
36ms Script
application/x-javascript 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_js/js__c0wIEn2kbwfSABNH37FFHYYM7mCF9kYLDVp5KdHQI30__Pr-ynne3WA3SaozEBe8Rs0OElNLarFAb10Yxr7wDwvw__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dedf0005af46ab90d7b42e76026288fc5a2ba67ce8ffae805f22e971f358c55b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 03 Feb 2021 22:05:42 GMT
server: cloudflare
age: 1837116
etag: W/"601b1e36-739a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 28 Apr 2022 09:43:22 GMT
cache-control: max-age=2678400
cf-polished: origSize=29594
cf-ray: 6fde9f4399209225-FRA
cf-bgj: minify

GET
H2 200 bordeaux.js Show response
bordeaux.futurecdn.net/ 293 KB
79 KB 86ms
26ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://bordeaux.futurecdn.net/bordeaux.js

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

26b19b50b1459f5c81dafdb46a5b5ec3930f77c1ce9f49df144351ced50f1256

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
content-encoding: gzip
last-modified: Thu, 07 Apr 2022 12:48:59 GMT
server: nginx/1.19.0
etag: W/"624eddbb-49310"
strict-transport-security: max-age=15724800; includeSubDomains
x-hw: 1650297718.cds086.am5.hn,1650297718.cds278.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
bordeaux-version: 4.20.1
content-length: 80387

GET
H2 200 tr
www.facebook.com/ 44 B
297 B 26ms
9ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1765793593738454&ev=PageView&noscript=1

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 18 Apr 2022 16:01:58 GMT

GET
H2 200 tr
www.facebook.com/ 44 B
101 B 26ms
9ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1765793593738454&ev=ViewContent&noscript=1

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 18 Apr 2022 16:01:58 GMT

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 18 KB
5 KB 75ms
16ms Script
text/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9379485b510d404dc953c886c69acc421789b085804b6148d2f30be9f8ff0880

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: .c4q720Weuo_WjGTYzrLUxh_yQPz7y2N
content-encoding: br
last-modified: Mon, 04 Apr 2022 09:26:10 GMT
x-amz-request-id: AX0P4XAY0V417QPJ
etag: "640674f5ff78aa716cb34f0cbeaf2d44"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
date: Mon, 18 Apr 2022 16:01:58 GMT
accept-ranges: bytes
content-length: 4724
x-amz-id-2: sFefan8OZYetCi5e7tz5wTj12FIsFYIBz4cctmqTtbsWMMIiZAdp/uKU276LiXy7ya5HwiFQWWg=

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/12464/ 38 KB
11 KB 41ms
10ms Script
application/json 18.66.248.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/12464/cc.js?ns=_cc12464
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-33.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94fe2acdde59c996a475902afadf127e555e25fb6aae6f8f93914b318de3e19d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 18 Apr 2022 08:45:09 GMT
content-encoding: gzip
last-modified: Wed, 11 Mar 2020 04:01:36 GMT
server: AmazonS3
age: 26210
etag: W/"60ae9e169e0216122e9d8bf94f8906db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 acf8dc23ea92f292049638fbd5d718e2.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: xpvTHz1QDQFB34rjsU-xQHkyCXDoQpTgFR12IMFrRDzofKPyOER3Uw==

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://futureplc-com.videoplayerhub.com/galleryplayer.js
https://btloader.com/tag?h=futureplc-com&upapi=true

16 KB
6 KB

71ms
24ms

Script
application/javascript

2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=futureplc-com&upapi=true
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Server: 2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 067edf7df83e78af3ad8bd0b56325be772f837a5f9cb1f3c2d8a0f3d29da7f11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

cf-ray: 6fde9f44bf7e9ba1-FRA
date: Mon, 18 Apr 2022 16:01:58 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 18 Apr 2022 15:35:16 GMT
server: cloudflare
age: 1494
etag: W/"2d7e1c91196267dbfe3b1e36e0f26e35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSYgEn%2FeOVQ2kJwIOsjvIwGyfFsRpQBj8nP8tcgk0FScilrdqKVKgYQNu33aeZgaeLiDcClLrJQ0Z0D8BfQFdOUYTJl0FGN6luKpN%2B8K1MTvBUvxpkZbg8y2QYHxiesF4twV96sDaQbPDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br

Redirect headers

date: Mon, 18 Apr 2022 16:01:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDX7PYCxPUQs60MLQ0Cg0qvy9Yk9NMTR%2ByUKDmBk5VznD78a7F76ukYYIkodjf%2BLRxoJn4PYqsiJ68cCygxrikBe817QmbOaYGB6uLIf6%2F%2F4d5swK3NAaLQtHBE0KijXaQxhT%2FfLi7hVpUP5w%2BQ3onmnAginwceQb5gdk5%2BP"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=futureplc-com&upapi=true
cache-control: max-age=3600
cf-ray: 6fde9f442ccf922f-FRA
expires: Mon, 18 Apr 2022 17:01:58 GMT

GET
H2 200 glade.js Show response
securepubads.g.doubleclick.net/static/ 53 KB
16 KB 131ms
40ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/glade.js

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

25db43cdbafdfcb1e932d48d691a87835d88e898ef6817da85dba40cd3f7b2dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16024
x-xss-protection: 0
server: sffe
etag: "1642106280940716"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=1800, stale-while-revalidate=3600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 18 Apr 2022 16:01:58 GMT

GET
H2 200 js__0TtPV7tYtOKF8q4xu8UDn_i8ZNmArXKAaAgO1n7Dv5g__TInbTdXTj3bp0-SfE_ABqL935JSTUvmeOxcMURwHmxw__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.js Show response
www.windowscentral.com/sites/wpcentral.com/files/advagg_js/ 46 KB
14 KB 23ms
22ms Script
application/x-javascript 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_js/js__0TtPV7tYtOKF8q4xu8UDn_i8ZNmArXKAaAgO1n7Dv5g__TInbTdXTj3bp0-SfE_ABqL935JSTUvmeOxcMURwHmxw__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cf5396993e4b7b8e74c4bd348756f51104cc01ce20b5f7a193a45ec47574c63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Sep 2021 14:10:28 GMT
server: cloudflare
age: 1837115
etag: W/"61532254-fc7e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Thu, 28 Apr 2022 09:43:23 GMT
cache-control: max-age=2678400
cf-polished: origSize=64638
cf-ray: 6fde9f43f9ae9225-FRA
cf-bgj: minify

GET
H2 200 css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
www.windowscentral.com/sites/wpcentral.com/files/advagg_css/ 297 KB
48 KB 37ms
36ms Stylesheet
text/css 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c84a5b9e09825082ba7b583fddf8abca5efbdd05eb7beb7d9e2abdfcebda332c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Aug 2021 16:03:53 GMT
server: cloudflare
age: 1837104
etag: W/"611a8c69-4a370"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Thu, 28 Apr 2022 09:43:34 GMT
cache-control: max-age=2678400
cf-polished: origSize=303984
cf-ray: 6fde9f43f9b29225-FRA
cf-bgj: minify

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/mobilenations1-network/ 465 KB
38 KB 33ms
16ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/mobilenations1-network/loader.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c8cdfd1d7371da310ae27deaa68c776b650c6ef9bd3c439951202047d7a76495

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: VQP7d3JevNKNP6SF2BZYHUKjliGg_h0g
content-encoding: gzip
age: 2000
via: 1.1 varnish
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 9
content-length: 38229
x-amz-id-2: GyEtETofBPHxIHzhyfno7DWCkuYniE97P042x2/aMR/BqoCRzGKC8ELSysIE6fYmOuotgXrj+90=
x-served-by: cache-hhn4072-HHN
last-modified: Mon, 18 Apr 2022 15:28:12 UTC
server: nginx
x-timer: S1650297718.413005,VS0,VE1
etag: "2ad4ef3b093c21fa51466aee7bcfa5f824fac507"
vary: Accept-Encoding, Accept-Encoding
x-amz-request-id: S9ETEGJ73ZX17EKX
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
date: Mon, 18 Apr 2022 16:01:58 GMT
abp: 4
x-cache-hits: 1

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/uer8ZPXHG8WDU/www.windowscentral.com/ 5 KB
2 KB 51ms
15ms Script
application/javascript 2600:9000:2315:8a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/uer8ZPXHG8WDU/www.windowscentral.com/choice.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:8a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0bd4246cc88ea9a0f90dc318e0ff3c42b4ab6da779c6557f00ca1d5d404408fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 18 Apr 2022 16:01:41 GMT
content-encoding: br
last-modified: Thu, 07 Apr 2022 11:02:22 GMT
server: AmazonS3
age: 17
etag: W/"87b4fb495aec618afd1d86b9dc9387f2"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: sgBJJ2c1sqGAXpdF9LN-jGH-xrIPeQZGuWNhcJfvttZsnhpws2N-KA==

GET
H2 200 analytics.js Show response
www.windowscentral.com/sites/wpcentral.com/files/googleanalytics/ 49 KB
20 KB 23ms
23ms Script
application/x-javascript 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/wpcentral.com/files/googleanalytics/analytics.js?raao42
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c21173e97cdde5579f5144813a24b7e406ad2a6a483da2cd18b864a8d2ecc40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 09 Nov 2021 18:56:28 GMT
server: cloudflare
age: 416985
etag: W/"618ac45c-c41d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Sat, 14 May 2022 20:12:13 GMT
cache-control: max-age=2678400
cf-polished: origSize=50205
cf-ray: 6fde9f43f9b09225-FRA
cf-bgj: minify

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/mobilenations1-windowcentral/ 62 KB
16 KB 28ms
9ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/mobilenations1-windowcentral/newsroom.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e4f5f3bc3d6c472382dc6ae414a1d2558fc9fd1fe4ec4c7ae7d3adc8957d438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "1dbadc531dcc54906bcc5f5e1fe01430"
age: 58
x-cache: HIT
content-length: 16437
x-amz-id-2: jJ5hwbDJEXTRTs/PmlQLv9v9nqchMUoso5ioULqNBU4eH4yiJhMLyXFG3sINrYVsSbAkjGcPZOk=
x-served-by: cache-hhn4072-HHN
last-modified: Fri, 04 Sep 2020 23:39:59 GMT
server: AmazonS3
x-timer: S1650297718.440938,VS0,VE1
date: Mon, 18 Apr 2022 16:01:58 GMT
vary: Accept-Encoding
x-amz-request-id: 4GNSPXDPMZQDP57Y
via: 1.1 varnish
cache-control: max-age=14400
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 wc-logo-color.svg
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 5 KB
2 KB 22ms
22ms Image
image/svg+xml 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577c6dfe3ebcb5435b28de78f9112774f8910e67e889aad87895daf6cd1a9f44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 15:02:30 GMT
server: cloudflare
age: 1837130
etag: W/"62349f06-121f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 6fde9f43f9b49225-FRA
expires: Thu, 28 Apr 2022 09:43:07 GMT

GET
H2 200 l
use.typekit.net/af/027dd4/00000000000000003b9acafa/27/ 26 KB
26 KB 8ms
7ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/027dd4/00000000000000003b9acafa/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 00f7d628d0c49b1b0d512c3c56d16cc8d0ac222e7437efea750b584083c053dd

Request headers

Referer: https://www.windowscentral.com/
Origin: https://www.windowscentral.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
server: nginx
etag: "37da2a6b18214f547dbbc4036f830d9caa1b9787"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26676

GET
H2 200 l
use.typekit.net/af/46da36/00000000000000003b9acaf6/27/ 26 KB
26 KB 8ms
8ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e031
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/46da36/00000000000000003b9acaf6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e031 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 464b561ee00c86db1cddb80f2c9d6febbc2c1aa95f422fa73a4fb8ef7d5d5028

Request headers

Referer: https://www.windowscentral.com/
Origin: https://www.windowscentral.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
server: nginx
etag: "de29fb2e3e401b15877c6b3a0953702fe7fa1105"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26812

GET
H2 200 1x1.png
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 38 B
266 B 21ms
20ms Image
image/webp 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/1x1.png
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f03b278147f8f0bbfd56ebe73d183470ec71d18512c2d24bea55212bbe724e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
cf-cache-status: HIT
age: 412574
cf-polished: origFmt=png, origSize=68
content-disposition: inline; filename="1x1.webp"
content-length: 38
last-modified: Fri, 18 Mar 2022 15:02:30 GMT
server: cloudflare
etag: "62349f06-44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 14 May 2022 21:25:44 GMT
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6fde9f444a4c9225-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12542/ 2 KB
2 KB 181ms
34ms Script
application/javascript 52.49.221.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12542/px.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.221.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-221-204.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f42e1cd6c29e600d1e67f3a4a315f29d13875e15ec3c6413eb9b4ec76929b528

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 16:01:58 GMT
Cache-Control: max-age=2419200, public
Connection: keep-alive
Content-Length: 1769
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 35ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3becb067173cdb743015978d2a1b3133b54a2f3add8250a2b84cb6781a9155bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xk6JgjU7+Z6Ubo0KWT2yxw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: rldIM/068BtPYcSZDlQjbDbEz4QsT6OHoeU7/lR3DzY1+I2bnf1Z/gBoFb1dMtzVocyLltgfQR04kZ7bDNMFsA==
x-fb-trip-id: 686109401
x-fb-content-md5: ad16eedd8099a692859613eac0e1b823
x-frame-options: DENY
date: Mon, 18 Apr 2022 16:01:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "8cbe6111e375525b1e8452d84a3fd9c9"
timing-allow-origin: *
expires: Mon, 18 Apr 2022 16:13:05 GMT

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 55ms
7ms Script
application/javascript 143.204.101.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-224.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 08:42:53 GMT
Via: 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
Age: 26345
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/javascript
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: F5zSq05fGZM5iYJL-KaHDOVtkSbRZd9eWHt5zbgm9snKGeYGbE5QGg==
Expires: Tue, 19 Apr 2022 08:42:53 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 50ms
9ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 25 Apr 2022 16:01:58 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 83 KB
33 KB 152ms
53ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N9VHS7

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d57ec2247f33f3c0fa3c1497ef6c8d08ef730c135b1ff4ffaeb2fb8ebb535a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33130
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Apr 2022 16:01:58 GMT

GET
H2 200 mona.js Show response
search-api.fie.futurecdn.net/js/w/es6/ 389 KB
126 KB 51ms
7ms Script
application/javascript 151.101.66.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://search-api.fie.futurecdn.net/js/w/es6/mona.js

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0f507045398a529b76fa0de28f329699590b881503633f2cea95a87013359da6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.windowscentral.com/
Origin: https://www.windowscentral.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
content-encoding: gzip
x-hawk-country
xkey: asset-type-fie-widgets
age: 87
x-ftr-backend-server: fievarnishprodwhite
x-hawk-area: DE
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
content-length: 128592
x-ftr-expires: Mon, 18 Apr 2022 16:00:28 GMT
x-ftr-balancer: hawk-proxy-185-113-25-36
x-cache: HIT, HIT
x-ftr-request-id: 00000000:AC18_00000000:01BB_625D8672_1321924:3C1D
last-modified: Wed, 13 Apr 2022 13:10:44 GMT
x-timer: S1650297719.523923,VS0,VE1
etag: "6256cbd4-6120d"
x-served-by: cache-lon4224-LON, cache-hhn4025-HHN
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges: bytes
access-control-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
32 KB 59ms
16ms Script
application/javascript 34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?1832022
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 75d893335a1d25db1bf02e25ab904d97a3af743128850d8566b93d197e56e9e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 15:32:24 GMT
age: 1774
x-guploader-uploadid: ADPycdt6cS0VI5qWkHezdCBkAsepEsApbvIAGg1nwumEI9FN-xAX7kaWnoleeAZmRkNGCd4ziJxHoCbNYPYt8X-gz5ZpwpYIzUT9
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 32025
last-modified: Mon, 04 Apr 2022 15:43:44 GMT
server: UploadServer
cache-control: public,max-age=3600
etag: "25b1f355dd487bdf5381a749056080c4"
x-goog-hash: crc32c=dPpbog==, md5=JbHzVd1Ie99TgadJBWCAxA==
x-goog-generation: 1649087024620619
cache-id: AMS-5232d789
x-cache-hit: hit
x-goog-stored-content-length: 32025
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 services.js Show response
js.gumgum.com/ 101 KB
38 KB 50ms
10ms Script
application/javascript 18.66.248.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.gumgum.com/services.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-32.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74d4fe26abff96aadb849dea507e94f1d944bfb805ef7e410b5024dea3f6ba44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: x2K86VUv8V2AugygglVmCLHCn.JPitub
content-encoding: gzip
etag: W/"1107b8738b70282a38d77bad4b1e2bfa"
age: 1215
x-cache: Hit from cloudfront
x-amz-meta-timing-allow-origin: *
x-amz-meta-access-control-allow-origin: *
last-modified: Thu, 07 Apr 2022 10:25:15 GMT
server: AmazonS3
date: Mon, 18 Apr 2022 15:41:44 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b85afd3a476827aadec8c79e8673c564.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: m1ybjsx05w2H7G56c6avjl8KauK-5StDV7okA5cn8fkohoOFw7px7Q==

GET
H2 200 door.js Show response
uk-script.dotmetrics.net/ 8 KB
3 KB 93ms
32ms Script
application/javascript 143.204.98.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uk-script.dotmetrics.net/door.js?id=5257
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-40.fra50.r.cloudfront.net
Software: Kestrel /
Resource Hash: 14ab8336bc0b7a6ad6146a4b555799a72f9fd0391a963c2efa39157af72ff2da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
content-encoding: br
server: Kestrel
x-amz-cf-pop: FRA50-C1
etag: "5257...199.2022041816"
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
cache-control: private
content-type: application/javascript
x-amz-cf-id: 2P3zML2OSupC_GiYGqFEWRTT52vQf9iA7NntGOwWS14KSnaTN9u8Vw==

GET
H2 200 load.js Show response
widget.perfectmarket.com/mobilenations1-network/ 3 KB
2 KB 206ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/mobilenations1-network/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mobilenations1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad1cd9c9fd8f0eb0c9e41a7683654a834d6da5e3ba132f70096b7929e79eb298

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: J4XuLknNLAuC7N4qV0D8ae6KQwP3.A6b
content-encoding: gzip
etag: "685ca634ee38daf89f4b9f310d082b34"
age: 100
x-cache: HIT, HIT
content-length: 1106
x-amz-id-2: +e4zLGwe7dK0NvxiMom2nmXgaPElORJEM2D90370e+pfPFEYL2biyWaXIQCYUbjNgVCKw0aXqfk=
x-served-by: cache-sna10739-LGB, cache-hhn4025-HHN
last-modified: Thu, 28 Feb 2019 04:56:18 GMT
server: AmazonS3
x-timer: S1650297719.721807,VS0,VE1
date: Mon, 18 Apr 2022 16:01:58 GMT
vary: Accept-Encoding,,
x-amz-request-id: D8PAZ862XWM8GTPN
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 impl.20220418-3-RELEASE.es5.js Show response
cdn.taboola.com/libtrc/ 701 KB
135 KB 8ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220418-3-RELEASE.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mobilenations1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 52ff2a623c77412b9c7f27ee7d24bd125b1e3dd37450c45fe373e0627824b9ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: a.XepnKhY2ILW._QJ7_BWyOl1ij9P8Wm
content-encoding: br
etag: "f7559ef9aedce359d2c5a06c1b33526e"
age: 26052
x-cache: HIT
content-length: 137923
x-amz-id-2: z1JQkwu7IlXqSBk33KR4qWXJCbiFXtcMesq49XTKHgXehUf6h6QBROAkJEuF+8mT5uJ9w7lm4UU=
x-served-by: cache-hhn4072-HHN
last-modified: Mon, 18 Apr 2022 08:46:57 GMT
server: AmazonS3-br
x-timer: S1650297718.499065,VS0,VE0
date: Mon, 18 Apr 2022 16:01:58 GMT
vary: Accept-Encoding
x-amz-request-id: YMADS9SG9VG0AB14
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 93
x-cache-hits: 25687

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
78 B 7ms
7ms Image
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=inc_video_ctrl
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1650297718.499152,VS0,VE0
x-served-by: cache-hhn4072-HHN
x-cache: HIT
content-type: text/html
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2 200 web-vitals.js Show response
unpkg.com/web-vitals@2.0.1/dist/ 5 KB
2 KB 63ms
43ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@2.0.1/dist/web-vitals.js?module

Requested by

Host: t.co
URL: https://t.co/EVtrMRvMwU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

45b6640b10629fe0dcec64d3031726d9841d5504280f8be01f2d5ca2f31f5cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.windowscentral.com/
Origin: https://www.windowscentral.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7193959
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
fly-request-id: 01FT89VAKMJCBVE4T0PCMQP6CK
server: cloudflare
etag: W/"13f0-FB5AIG1d3V3SKXQC+aDRC1j67uc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6fde9f44b9ea9208-FRA

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 246ms
38ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/googleanalytics/analytics.js?raao42

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 15:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3214
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 18 Apr 2022 16:08:24 GMT

GET
H2 200 hybrid_id Show response
ads.servebom.com/ 43 B
369 B 301ms
128ms Fetch
application/json 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servebom.com/hybrid_id
Requested by: Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: e546a562c0d5844ce9045309c1c8a902dcf2add1f1618904ce967e618024551e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: https://www.windowscentral.com
date: Mon, 18 Apr 2022 16:01:58 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 69
x-hw: 1650297718.cds220.am5.hn,1650297718.cds214.am5.sc,1650297718.cds214.am5.p
content-type: application/json

GET
H2 200 config Show response
sommelier.futurehybrid.tech/ 5 KB
1 KB 195ms
30ms Fetch
application/json 52.50.139.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sommelier.futurehybrid.tech/config?r=848&tpl=normal&l=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware

Requested by

Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.50.139.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-139-7.eu-west-1.compute.amazonaws.com

Software

nginx/1.19.0 /

Resource Hash

fab2e6b042ec3920ace988314188075cf130ec5c8f9892bc8cddf94ac4ed7294

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 18 Apr 2022 16:01:58 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: nginx/1.19.0
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/38/ 179 KB
47 KB 12ms
11ms Script
text/javascript 2600:9000:2315:8a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/38/cmp2.js?referer=www.windowscentral.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/uer8ZPXHG8WDU/www.windowscentral.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:8a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87a05e266719cffcabe1f5b046d7e6c0b095a2f35723e3d00b41d001b5b02ff0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:57 GMT
content-encoding: gzip
age: 20
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 06 Jan 2022 15:09:26 GMT
server: AmazonS3
etag: W/"c29546e2a6954891b2b97d808459afe6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-meta-qc-ineu: True
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: oT2SegIAU_p2aVXE98QQdGoULpt9dIR0QiOScoWYbmkR_CvPCnO_eg==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 288 KB
82 KB 18ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=c0161655544e3a7a39e4c155636c930d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8f1ba51d31b2427887cf5c21231af0b907410b0e125e96646f03d3cf17c7fd4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.windowscentral.com/
Origin: https://www.windowscentral.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: bPfJYsaYbF2JM8P0TdiwQw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84315
x-fb-rlafr: 0
x-fb-debug: PjN/X0wRG/6BNpyn/Yqdbm5gQgwDeVvhKVvGZAU0ajxrWXFnthGdPMLeIAs+sHB2489brqsf/mTsGssU3BtBJA==
x-fb-content-md5: 0bb19ab266a0d64759258763354bfecd
x-frame-options: DENY
date: Mon, 18 Apr 2022 16:01:58 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "17bb9ab1ee050ba7f68950a66733225c"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 18 Apr 2023 15:10:34 GMT

GET
H2 200 rules-p-ebutdjFEkjMk-.js Show response
rules.quantcount.com/ 3 B
427 B 114ms
8ms Script
application/javascript 2600:9000:2156:5000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-ebutdjFEkjMk-.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 05:36:18 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
age: 37541
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 21:03:35 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: Wfhpe0w9Qo_9eOApCc4UOGeCeWMzEDA9Ut2QpZ7Bthok342XbyCwOg==

GET
H2 200 rules-p-8bC03lZwjgqy2.js Show response
rules.quantcount.com/ 3 B
427 B 114ms
8ms Script
application/javascript 2600:9000:2156:5000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-8bC03lZwjgqy2.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 05:06:31 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
age: 39328
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:13:13 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: wNUlyrKktgVlpgDW9gi13s10qOJLduEo-u8TNhtg4E5D9wVDzpxh1Q==

GET
H2 200 rules-p-uer8ZPXHG8WDU.js Show response
rules.quantcount.com/ 1 KB
1 KB 112ms
7ms Script
application/javascript 2600:9000:2156:5000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-uer8ZPXHG8WDU.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd058e51526b3cec4f24d62da25e068dddd98f10809f5f46cde0013c006d8607

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 15:05:33 GMT
content-encoding: gzip
age: 3390
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Tue, 13 Jul 2021 15:45:03 GMT
server: AmazonS3
etag: W/"0c287fb1be55ca2e77fb3cd36cbe5ae8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: goK38Eplxgxm0I4mgvcelfpuruqCXfrbUMqJtIsksB22u850OsiCNA==

GET
H2 200 p.js Show response
cdn.parsely.com/keys/windowscentral.com/ 47 KB
18 KB 88ms
8ms Script
application/javascript 65.9.61.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/windowscentral.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-60.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 5193e47e28655d2fc5b3dfc953deb76a214496204d95866998ddcd24f1700544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: public
date: Mon, 18 Apr 2022 04:36:22 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 17:08:16 GMT
server: nginx
age: 41404
etag: W/"603d1f80-bd33"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: RJKyPhaVa-snugBiQ4qrXIWUnfkpmwYhlweNWxgXqX_bABjBD71AAA==
expires: Tue, 19 Apr 2022 04:31:54 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 136ms
48ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.windowscentral.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/static/glade.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Apr 2022 16:01:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 134ms
47ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.windowscentral.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/static/glade.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Apr 2022 16:01:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 px.gif
ad-delivery.net/ 43 B
938 B 86ms
20ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Mon, 18 Apr 2022 16:01:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 666705
x-guploader-uploadid: ADPycdvnLhVikQnr_dKg1Dral4cQHqs0HceHte6l1l2bQW9y8r8LGdsGP5QexpduAEkdf-H64XVot3zB-m72gT33tWQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2B6G%2FYpmCPklPYvZURgYY6nzLX92Gk3PHGwfmcrCNrQojd7hOEQWYyZUZRGgT5m8Sa2bJtux%2FCw%2BZFAF4M7MAaDgvy%2F4uXYNwcEFca0E1%2Bw47C4GZJgnDceOAKetslYssXPi3t%2Bx9hPVDnLCjw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 6fde9f461d2a925f-FRA
expires: Sun, 10 Apr 2022 23:26:04 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
343 B 85ms
22ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.4589224718265199
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Mon, 18 Apr 2022 16:01:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 666705
x-guploader-uploadid: ADPycdvnLhVikQnr_dKg1Dral4cQHqs0HceHte6l1l2bQW9y8r8LGdsGP5QexpduAEkdf-H64XVot3zB-m72gT33tWQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9DoIYubUXzCoFQDY4Nx5N7z6fnjGuqp74qOIOyVdHzSOokfBZ%2FYcf1WB%2Ff88wIfHc1ggHLHgZbMEoW7uGkVRvUdS%2BZfBiSnyAH1KriGrcPWP530%2FqfhZ6OQAuPJF%2B9nfji2DUwdJA5Bl00IQg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 6fde9f461d2b925f-FRA
expires: Sun, 10 Apr 2022 23:26:04 GMT

GET
H2 200 translations.php Show response
search-api.fie.futurecdn.net/ 32 KB
11 KB 8ms
8ms Fetch
application/json 151.101.66.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://search-api.fie.futurecdn.net/translations.php?language=en-US

Requested by

Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/mona.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6f27ead86675e282e4ab4bb981cede9beab7ab1d2e849e42643654cca896c1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
content-encoding: gzip
x-hawk-country
age: 1085
x-ftr-backend-server: fievarnishprodred
x-hawk-area: DE
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: fie-api
x-ftr-cache-status: HIT
content-length: 10731
x-ftr-expires: Mon, 18 Apr 2022 16:03:53 GMT
x-ftr-balancer: hawkproxyprodblue
x-cache: HIT, HIT
x-ftr-request-id: 00000000:9012_00000000:01BB_625D8739_A9F037:3941
x-timer: S1650297719.693058,VS0,VE1
x-served-by: cache-lon4221-LON, cache-hhn4025-HHN
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/json; charset=utf-8;
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
x-cache-hits: 1, 1

GET
H2 200 logo-future.png
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 938 B
1 KB 18ms
18ms Image
image/webp 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/logo-future.png
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b4c22fb31bd965bc428138e49e4771d006b018b88237f9900ab3d35b2b5ad6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
cf-cache-status: HIT
age: 412217
cf-polished: origFmt=png, origSize=2774
content-disposition: inline; filename="logo-future.webp"
content-length: 938
last-modified: Fri, 18 Mar 2022 15:02:30 GMT
server: cloudflare
etag: "62349f06-ad6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 14 May 2022 21:31:41 GMT
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6fde9f45ecdb9225-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 fa-brands-400.woff2
www.windowscentral.com/sites/all/fonts/fontawesome-min/ 3 KB
3 KB 21ms
20ms Font
application/octet-stream 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/all/fonts/fontawesome-min/fa-brands-400.woff2
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ee7c770102f566fd1b43746cb510d4beeac6838428d8e73c108ad34a942e62

Request headers

Referer: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
Origin: https://www.windowscentral.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 15:02:52 GMT
server: cloudflare
age: 1837115
etag: "62349f1c-aa4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6fde9f45ece09225-FRA
content-length: 2724
expires: Thu, 28 Apr 2022 09:43:23 GMT

GET
H2 200 fa-light-300.woff2
www.windowscentral.com/sites/all/fonts/fontawesome-min/ 10 KB
11 KB 20ms
19ms Font
application/octet-stream 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/all/fonts/fontawesome-min/fa-light-300.woff2
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00f51b719a573dfa2938413394e4b37664f52cb517a443b422d3bb2d4b2c7586

Request headers

Referer: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
Origin: https://www.windowscentral.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 15:02:52 GMT
server: cloudflare
age: 1837115
etag: "62349f1c-29b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6fde9f45ece59225-FRA
content-length: 10672
expires: Thu, 28 Apr 2022 09:43:23 GMT

GET
H2 200 fa-regular-400.woff2
www.windowscentral.com/sites/all/fonts/fontawesome-min/ 10 KB
10 KB 22ms
21ms Font
application/octet-stream 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/all/fonts/fontawesome-min/fa-regular-400.woff2
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1371d0f926a79debf9bb4be641ae6600ad41e6b27b6cc007f9ec30257160ed0

Request headers

Referer: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
Origin: https://www.windowscentral.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 15:02:52 GMT
server: cloudflare
age: 1837115
etag: "62349f1c-27e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6fde9f45ece69225-FRA
content-length: 10208
expires: Thu, 28 Apr 2022 09:43:23 GMT

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 9 KB
3 KB 147ms
9ms XHR
application/json 2600:9000:224a:4200:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/38/cmp2.js?referer=www.windowscentral.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:4200:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1c9d79d4c1f7434241f585d6cda795673e9a883999631e6889c46d6e01681b1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 03:00:36 GMT
content-encoding: br
age: 46883
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 19:52:29 GMT
server: AmazonS3
etag: W/"40af78ddd5428a8827297a3108ff0f96"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: ErQ4DdluPZ.uqNFyIPqTjQ9DZM7Y2Y6Q
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: DUS51-P1
content-type: application/json
x-amz-cf-id: 0ZNlTG6C4seGtIjgeTAuZu1kWZR5cZ5lnYugX0NcSetNGqB5B7FsoA==

GET
H2 200 services Show response
g2.gumgum.com/zones/n6aekmb1/ 422 B
901 B 173ms
38ms XHR
application/json 52.215.230.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/zones/n6aekmb1/services?dp=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&pu=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&ogu=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&rf=https%3A%2F%2Ft.co%2F&r=3.87.12&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.87.12%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10240&bf=fd6626bab39ab23d2a3370e8d8131bb318cf204d&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1650297718787&to=0&vpii=false&vph=1200&vpw=1600&gdprApplies=0
Requested by: Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.230.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ec8bb84944a8a74ec3871ec6b07796680c6e78ddf663467fca8a56a7cafc4bb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
content-encoding: gzip
server: nginx
etag: W/"06fd781d25e8161eaab2588270cafb1a5"
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.windowscentral.com
access-control-allow-credentials: true
timing-allow-origin: *

GET
BLOB 200
OK fa585f9c-c8c9-4019-a413-b27f7ce436c7
https://www.windowscentral.com/ 590 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.windowscentral.com/fa585f9c-c8c9-4019-a413-b27f7ce436c7
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e233fa437ca8020631b91098a50cf0752b2c21e79bcaf08f088150f5a10ca0ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 603951

GET
H3 200 extra_38.js Show response
securepubads.g.doubleclick.net/static/glade/ 6 KB
2 KB 70ms
31ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/glade/extra_38.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/static/glade.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

aed98a9e46eb03e8f84c07f12241c32a436c87ebf56fc65d7d5ec14ae4f98bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 07:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289930
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2404
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 20:36:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 15 Apr 2023 07:29:48 GMT

GET
H2 204 pv Show response
api.btloader.com/ 0
96 B 223ms
144ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=MzuP4lVq&w=6519085645955072&o=5682682429177856&cv=2.9.157-1-g9c0fea6&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&upapi=true
Requested by: Host: futureplc-com.videoplayerhub.com
URL: https://futureplc-com.videoplayerhub.com/galleryplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 18 Apr 2022 16:01:59 GMT
cache-control: no-cache, no-store, must-revalidate
vary: Origin
alt-svc: clear
via: 1.1 google

GET
H2 200 pmk-201901001.3.js Show response
widget.perfectmarket.com/mobilenations1-network/ 117 KB
32 KB 7ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/mobilenations1-network/pmk-201901001.3.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/mobilenations1-network/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b6fd7add250b3e434d5a9c18270214db91b8c87ad8550eb77aff2780fdd5ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: bfUibajn8Hr9uOSWwagmUKVBmPbHEKOs
content-encoding: gzip
etag: "42798c9bd56143345cd9e74dcc5ac1b9"
age: 1144839
x-cache: HIT, HIT
content-length: 32077
x-amz-id-2: n1PDsenK+g6RX5ufYaL9W+/tQ79nFXRP9rL/Ku0FKEGz0JtmZIT+UYrfPCPXf3C7Am+K5dSWq1c=
x-served-by: cache-lax10622-LGB, cache-hhn4025-HHN
last-modified: Thu, 28 Feb 2019 04:56:18 GMT
server: AmazonS3
x-timer: S1650297719.872902,VS0,VE0
date: Mon, 18 Apr 2022 16:01:58 GMT
vary: Accept-Encoding,,
x-amz-request-id: D586JZ9CYFNEBBW6
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 60, 3

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 94ms
47ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1845397641&t=pageview&_s=1&dl=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Windows%20workstations%20under%20attack%20by%20newly%20discovered%20malware%20%7C%20Windows%20Central&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAAIhAAAAAC~&jid=1919281292&gjid=1805958993&cid=549746150.1650297719&tid=UA-1058506-1&_gid=135335262.1650297719&_r=1&_slc=1&cd1=full&cd2=default&cd3=true&cd4=C%3Aarticle%2CS%3Astandard%2CB%3Aaside%2CB%3Aw300&cd12=news%2Cwindows&cd13=security&cd14=91665&z=463021794

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/googleanalytics/analytics.js?raao42

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 16:01:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.windowscentral.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 89ms
46ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1845397641&t=pageview&_s=1&dl=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Windows%20workstations%20under%20attack%20by%20newly%20discovered%20malware%20%7C%20Windows%20Central&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACAIhBAAAAC~&jid=1852412956&gjid=583550793&cid=549746150.1650297719&tid=UA-4245582-4&_gid=135335262.1650297719&_r=1&_slc=1&cd1=full&cd2=News&cd3=true&cd4=C%3Aarticle%2CS%3Astandard%2CB%3Aaside%2CB%3Aw300&cd6=news%2Cwindows&cd7=security&cd8=0&cd9=91665&cd10=242&z=1252593016

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/googleanalytics/analytics.js?raao42

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 16:01:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.windowscentral.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 393ms
97ms Image
image/gif 52.205.167.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1650297718906&plid=22306962&idsite=windowscentral.com&url=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&urlref=https%3A%2F%2Ft.co%2F&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&sref=https%3A%2F%2Ft.co%2F&sts=1650297718903&slts=0&title=Windows+workstations+under+attack+by+newly+discovered+malware+%7C+Windows+Central&date=Mon+Apr+18+2022+16%3A01%3A58+GMT%2B0000+(GMT)&action=pageview&pvid=57694111&u=pid%3Db1b8097cabe90a214b00a5d563049c32
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-167-202.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 16:01:59 GMT
Cache-Control: no-cache
Last-Modified: Monday, 18-Apr-2022 16:01:59 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 wp.min.css
search-api.fie.futurecdn.net/css/browser/ 5 KB
2 KB 21ms
6ms Stylesheet
text/css 151.101.66.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://search-api.fie.futurecdn.net/css/browser/wp.min.css

Requested by

Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/mona.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9dc039d6499f245fa5df5ef87eec8135ef1afddd555566042560c89dc61b1d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
content-encoding: gzip
x-hawk-country
xkey: asset-type-fie-widgets
age: 439
x-ftr-backend-server: fievarnishprodwhite
x-hawk-area: DE
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
content-length: 1669
x-ftr-expires: Mon, 18 Apr 2022 14:13:23 GMT
x-ftr-balancer: hawk-proxy-185-113-25-36
x-cache: HIT, HIT
x-ftr-request-id: 00000000:E32A_00000000:01BB_625D6D58_ABCEAF:3C1C
last-modified: Wed, 13 Apr 2022 13:10:44 GMT
x-timer: S1650297719.926666,VS0,VE0
etag: "6256cbd4-1310"
x-served-by: cache-lon4244-LON, cache-hhn4081-HHN
strict-transport-security: max-age=31557600
content-type: text/css
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges: bytes
access-control-allow-origin: *
x-cache-hits: 1, 3

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 30ms
8ms Script
application/javascript 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/mobilenations1-network/pmk-201901001.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 05:00:03 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 42918
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f06c87fa57d0c9fd7439d7fdbd148c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 1ZWL8dpR3uXQJdxZddbawWnm2Mn8Fv-ghR3BzlMbrVtnGJrDwr8mWg==

GET
H2 200 cmp2ui-en.js Show response
quantcast.mgr.consensu.org/tcfv2/38/ 226 KB
55 KB 10ms
10ms Script
text/javascript 2600:9000:2315:8a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/38/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/38/cmp2.js?referer=www.windowscentral.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:8a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7fd77c2a1954dc2b757a6b8245a264a0422a70161f9566d997bac242f47d5bbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 15:48:27 GMT
content-encoding: br
age: 812
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Thu, 06 Jan 2022 15:09:37 GMT
server: AmazonS3
etag: W/"d2e44b7f9549a166eb2f13551350fe5e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: GHKSEvu6Td0gWDOf2cYak6Bm7iLv5J0VEQC-wA6jV5uyTsywSje0Ow==

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 1 KB
2 KB 172ms
35ms Script
application/javascript 52.16.75.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12542&ref=https%3A%2F%2Ft.co%2F&url=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&hn_ver=40&fid=aee13e30-7ec3-4fb1-8a1d-3eef7689a982

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12542/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.75.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-75-86.eu-west-1.compute.amazonaws.com

Software

Resource Hash

26f577b08a6540a61c159561d36385de56aad1cb843da9986c726a1e0160ffbd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 18 Apr 2022 16:01:59 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 1100
Expires: Mon, 21 Mar 2022 12:56:56 UTC

GET
H2 200 vendor-list-trimmed-v1.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 288 KB
34 KB 29ms
10ms XHR
application/json 2600:9000:2315:8a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/38/cmp2.js?referer=www.windowscentral.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:8a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c19896ac0a9f3d1f75b8dea30ed6dee1114b31efa7b0045a30b043152be802bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 03:00:36 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 46883
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 18 Apr 2022 03:00:32 GMT
server: AmazonS3
etag: W/"fedb004d7e74ce252287c73bf6c53cda"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: u-NrfXqO1PjwJ6Yi88DW2cXmajXpRMbveRXNClU4aHAAWYiQX7q80Q==

GET
H2 200 hit.gif
uk-script.dotmetrics.net/ 43 B
1 KB 34ms
33ms Image
image/gif 143.204.98.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uk-script.dotmetrics.net/hit.gif?id=5257&url=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&dom=www.windowscentral.com&r=1650297718945&pvs=1&pvid=eca23a61-5025-4394-813a-0860efe1b08c&c=false
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-40.fra50.r.cloudfront.net
Software: Kestrel /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:58 GMT
dotmetrics-hit-status: 01 OK
server: Kestrel
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
cache-control: no-cache
content-type: image/gif
x-amz-cf-id: hmxs7C7SC2pqbOTzsXpf4fe5Wj5zYb5yRF4Jjb8OM93lmYDKV54p0g==

GET
H2 200 hit.gif
rm-script.dotmetrics.net/ 807 B
1 KB 45ms
7ms Image
image/gif 2600:9000:2057:6e00:d:5ce3:a4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rm-script.dotmetrics.net/hit.gif?id=5257&url=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&dom=www.windowscentral.com&r=1650297718945&pvs=1&pvid=eca23a61-5025-4394-813a-0860efe1b08c&c=false
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6e00:d:5ce3:a4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 17:10:33 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
last-modified: Mon, 04 Apr 2022 10:59:12 GMT
server: AmazonS3
age: 82286
etag: "e4f758e6322c8f8abfa1f6eba71ee873"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 807
x-amz-cf-id: 8qVYtAbgPT_EI48akR0MTc3IYYoNThwwAXFBNpJvXv8lAmLDHIAr4A==

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 153 KB
37 KB 37ms
18ms XHR
application/json 2600:9000:2315:8a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/38/cmp2.js?referer=www.windowscentral.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:8a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f200bcf9261646775132617515f713dadddbc35b310b94026892463adda7dd1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 03:00:29 GMT
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 46890
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 18 Apr 2022 03:00:26 GMT
server: AmazonS3
etag: W/"22688d3780b37d282d121e93bd589f30"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: nrUdvqSp8VyCHz1LcSzaBjnvhZRq5dwRxKoucG5sXEkosw_l26phgw==

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 2 B
101 B 31ms
7ms XHR
text/plain 3.121.92.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22uer8ZPXHG8WDU%22%2C%22domain%22%3A%22www.windowscentral.com%22%2C%22publisher%22%3A%22WindowsCentral%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.38%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22Ek5FunZkhCBk40VZyjTGxA%22%2C%22clientTimestamp%22%3A1650297718979%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-o1614zzmi21ddqujajwd%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/38/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.92.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-92-52.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 18 Apr 2022 16:01:59 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 new Show response
g2.gumgum.com/assets/ 140 B
455 B 44ms
44ms XHR
application/json 52.215.230.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/assets/new?assets=%7B%22v%22%3A%221.1%22%2C%22pv%22%3A%221ca66869-77e5-4e3d-a494-70084e2095cb%22%2C%22r%22%3A%223.87.12%22%2C%22t%22%3A%22n6aekmb1%22%2C%22rf%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22fs%22%3Afalse%2C%22ce%22%3Atrue%2C%22p%22%3A%22https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware%22%2C%22a%22%3A%5B%7B%22i%22%3A1%2C%22u%22%3A%22https%3A%2F%2Fwww.windowscentral.com%2Fsites%2Fwpcentral.com%2Ffiles%2Fstyles%2Flarge_wm_brb%2Fpublic%2Ffield%2Fimage%2F2021%2F05%2Fhp-zbook-studio-g8-ports2.jpg%22%2C%22w%22%3A750%2C%22h%22%3A562%2C%22x%22%3A260%2C%22y%22%3A787%2C%22lt%22%3A%22none%22%2C%22af%22%3Afalse%2C%22prefetch%22%3Afalse%2C%22ia%22%3A%22Hp%20Zbook%20Studio%20G8%20Ports%22%7D%5D%2C%22ac%22%3A%7B%7D%2C%22vp%22%3A%7B%22ii%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A1200%7D%2C%22sc%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22d%22%3A1%7D%2C%22tr%22%3A0.4%2C%22ogu%22%3A%22https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware%22%7D&bf=fd6626bab39ab23d2a3370e8d8131bb318cf204d&lt=1650297719025&to=0&gdprApplies=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.87.12%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10240
Requested by: Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.230.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-230-177.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1483ce188cdfc8c000e5e1072a4761acbb2bef65704c9828c6fddc6af5e0a3b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:59 GMT
content-encoding: gzip
server: nginx
etag: W/"04f479780f762a521e189109809ef0098"
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.windowscentral.com
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=8&c2=15039634&c3=9&c4=n6aekmb1&c7=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&c8=Windows%20workstations%2...
https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=9&c4=n6aekmb1&c7=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&c8=Windows%20workstations%...

43 B
263 B

10ms
9ms

Image
image/gif

13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=9&c4=n6aekmb1&c7=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&c8=Windows%20workstations%20under%20attack%20by%20newly%20discovered%20malware%20%7C%20Windows%20Central&c9=https%3A%2F%2Ft.co%2F&cv=2.0&cj=1&ns__t=1650297719022
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:59 GMT
via: 1.1 f06c87fa57d0c9fd7439d7fdbd148c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
content-length: 43
x-amz-cf-id: XpMFCaR0G3WMcVdtIPQ5CmTNGwVhIUlFd4cpsnHmxCKisaUONsts2A==
x-cache: Miss from cloudfront
content-type: image/gif

Redirect headers

location: /p2?c1=8&c2=15039634&c3=9&c4=n6aekmb1&c7=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&c8=Windows%20workstations%20under%20attack%20by%20newly%20discovered%20malware%20%7C%20Windows%20Central&c9=https%3A%2F%2Ft.co%2F&cv=2.0&cj=1&ns__t=1650297719022
date: Mon, 18 Apr 2022 16:01:59 GMT
via: 1.1 f06c87fa57d0c9fd7439d7fdbd148c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
content-length: 0
x-amz-cf-id: tRd51zgHuFVITshMTh5u8SSoUSQwzQqTed17G0IyQtcsDXuzCCPHTg==
x-cache: Miss from cloudfront

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-4245582-4&cid=549746150.1650297719&jid=1852412956&gjid=583550793&_gid=135335262.1650297719&_u=aGDACAIhBAAAAC~&z=705210829

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/googleanalytics/analytics.js?raao42

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 18 Apr 2022 16:01:59 GMT
content-type: text/plain
access-control-allow-origin: https://www.windowscentral.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
444 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1058506-1&cid=549746150.1650297719&jid=1919281292&gjid=1805958993&_gid=135335262.1650297719&_u=aGBAAAIgAAAAAC~&z=135357220

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/googleanalytics/analytics.js?raao42

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 18 Apr 2022 16:01:59 GMT
content-type: text/plain
access-control-allow-origin: https://www.windowscentral.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 2BFB 24 KB
10 KB 8ms
8ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: t.co
URL: https://t.co/EVtrMRvMwU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:01:59 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 25 Apr 2022 16:01:59 GMT

GET
H2 200 rules-p-00TsOkvHvnsZU.js Show response
rules.quantcount.com/ Frame 2BFB 3 B
429 B 7ms
7ms Script
application/javascript 2600:9000:2156:5000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-00TsOkvHvnsZU.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 06:20:26 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
age: 34894
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:30:30 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: nD1LAgSEUPzIIwB0mqdKHmYAfJET6GiGXiGVytjXsh6RC4b1WDQjBA==

GET
H/1.1 200 9.gif
id5-sync.com/s/441/ 43 B
1009 B 62ms
29ms Image
image/gif 54.36.109.47
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/441/9.gif?puid=e_cf31c735-4d12-4765-8e78-7a7c17270beb&gdpr=1&gdpr_consent=

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.47 , France, ASN16276 (OVH, FR),

Reverse DNS

p02.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 16:01:58 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Daee13e30-7ec3-4fb1-8a1d-3eef7689a982&gdpr=0
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=aee13e30-7ec3-4fb1-8a1d-3eef7689a982&gdpr=0&cklb=1

0
316 B

16ms
16ms

Image
text/plain

185.86.137.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=aee13e30-7ec3-4fb1-8a1d-3eef7689a982&gdpr=0&cklb=1
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: HTTP/1.1
Server: 185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 16:01:58 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=aee13e30-7ec3-4fb1-8a1d-3eef7689a982&gdpr=0&cklb=1
pragma: no-cache
date: Mon, 18 Apr 2022 16:01:58 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=aee13e30-7ec3-4fb1-8a1d-3eef7689a982
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=aee13e30-7ec3-4fb1-8a1d-3eef7689a982&google_tc=
https://s.cpx.to/ca.png?dsp=dbm&fid=aee13e30-7ec3-4fb1-8a1d-3eef7689a982&google_gid=CAESEMeFM8RWCdPmHLw6rPeESfs&google_cver=1

95 B
804 B

37ms
36ms

Image
image/png

52.16.75.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=aee13e30-7ec3-4fb1-8a1d-3eef7689a982&google_gid=CAESEMeFM8RWCdPmHLw6rPeESfs&google_cver=1

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware

Protocol

HTTP/1.1

Server

52.16.75.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-75-86.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 18 Apr 2022 16:01:59 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Mon, 18 Apr 2022 16:01:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=aee13e30-7ec3-4fb1-8a1d-3eef7689a982&google_gid=CAESEMeFM8RWCdPmHLw6rPeESfs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12542%26ref%3Dhttps%253A%252F%252Ft.co%252F%26url%3Dhttps%253A%252F%252Fwww.windowscentral.com%252F...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12542%2526ref%253Dhttps%25253A%25252F%25252Ft.co%25252F%2526url%253Dh...
https://s.cpx.to/an_fire?app_nexus_uid=2721421729896284876&pid=12542&ref=https%3A%2F%2Ft.co%2F&url=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&...

95 B
865 B

35ms
35ms

Image
image/png

52.16.75.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=2721421729896284876&pid=12542&ref=https%3A%2F%2Ft.co%2F&url=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&hn_ver=40&fid=aee13e30-7ec3-4fb1-8a1d-3eef7689a982

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware

Protocol

HTTP/1.1

Server

52.16.75.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-75-86.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 18 Apr 2022 16:01:59 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Mon, 18 Apr 2022 16:01:59 UTC

Redirect headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 16:01:59 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f7457522-319c-4022-92d0-7da0e9ff1087
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=2721421729896284876&pid=12542&ref=https%3A%2F%2Ft.co%2F&url=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&hn_ver=40&fid=aee13e30-7ec3-4fb1-8a1d-3eef7689a982
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=0fkciot&ttd_tpi=1
https://s.cpx.to/sync?dsp_uid=d5702c25-577c-4efd-963c-4bee40daafbe&dsp=TTD

95 B
876 B

35ms
35ms

Image
image/png

52.16.75.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=d5702c25-577c-4efd-963c-4bee40daafbe&dsp=TTD

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware

Protocol

HTTP/1.1

Server

52.16.75.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-75-86.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 18 Apr 2022 16:01:59 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Mon, 18 Apr 2022 16:01:59 UTC

Redirect headers

pragma: no-cache
date: Mon, 18 Apr 2022 16:01:59 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.cpx.to/sync?dsp_uid=d5702c25-577c-4efd-963c-4bee40daafbe&dsp=TTD
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 179

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Daee13e30-7ec3-4fb1-8a1d-3eef7689a982
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Daee13e30-7ec3-4fb1-8a1d-3eef7689a982
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=68BCEDBE-EFBD-48FF-8A6D-B2ECBEA23701&fid=aee13e30-7ec3-4fb1-8a1d-3eef7689a982

95 B
881 B

36ms
35ms

Image
image/png

52.16.75.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=68BCEDBE-EFBD-48FF-8A6D-B2ECBEA23701&fid=aee13e30-7ec3-4fb1-8a1d-3eef7689a982

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware

Protocol

HTTP/1.1

Server

52.16.75.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-75-86.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 18 Apr 2022 16:02:01 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Mon, 18 Apr 2022 16:02:01 UTC

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=68BCEDBE-EFBD-48FF-8A6D-B2ECBEA23701&fid=aee13e30-7ec3-4fb1-8a1d-3eef7689a982
date: Mon, 18 Apr 2022 11:03:59 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ 0
214 B 65ms
8ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=34010&puid=253b42a041083e59&gdpr=0
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 400
Bad Request sync
pool.grid-data.bidswitch.net/ 43 B
244 B 639ms
121ms Image
image/gif 35.211.144.1
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.144.1 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 1.144.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 16:01:59 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/10055482/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

8ms
7ms

Script
application/javascript

13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 15:58:49 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 192
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f06c87fa57d0c9fd7439d7fdbd148c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: xCnZ_cH4MCVG6OnvcAz1ysABN07LUOYLo3AFanyuFPL_B5ckRTW5aA==

Redirect headers

location: /internal-cs/default/beacon.js
date: Mon, 18 Apr 2022 16:02:00 GMT
via: 1.1 f06c87fa57d0c9fd7439d7fdbd148c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
content-length: 0
x-amz-cf-id: iDOCoJHPl9RaZsbhDWRzt63gws8KvPhE9ZwIdBNgLqO3--bk99_gjg==
x-cache: Miss from cloudfront

GET
H2 204 b2
sb.scorecardresearch.com/ 0
189 B 9ms
9ms Image
text/plain 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=10055482&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=0&cs_cmp_id=10&cs_cmp_sv=38&cs_cmp_rt=0&cs_it=b2&cv=3.8.0.210223&ns__t=1650297720488&ns_c=UTF-8&c7=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&c8=Windows%20workstations%20under%20attack%20by%20newly%20discovered%20malware%20%7C%20Windows%20Central&c9=https%3A%2F%2Ft.co%2F
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:00 GMT
via: 1.1 f06c87fa57d0c9fd7439d7fdbd148c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: Jz7TG3n8X78jGzltr01g99hGoOicvWwKqMoEB0U13rsKy4fHUKobmg==
x-cache: Miss from cloudfront

GET
H2

200

rt=ifr Show response
bcp.crwdcntrl.net/5/ct=y/c=12464/rand=642268536/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/ Frame 40D4
Redirect Chain

https://bcp.crwdcntrl.net/5/c=12464/rand=642268536/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr
https://bcp.crwdcntrl.net/5/ct=y/c=12464/rand=642268536/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr

163 B
403 B

47ms
47ms

Document
text/html

3.248.131.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=12464/rand=642268536/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/12464/cc.js?ns=_cc12464
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.131.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-131-63.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b

Request headers

Referer: https://www.windowscentral.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-length: 163
content-type: text/html;charset=utf-8
date: Mon, 18 Apr 2022 16:02:01 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-consent: absent
x-server: 10.45.24.48

Redirect headers

cache-control: no-cache
content-length: 0
date: Mon, 18 Apr 2022 16:02:01 GMT
expires: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=12464/rand=642268536/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.45.4.68

GET
H2 200 json Show response
trc.taboola.com/mobilenations1-windowcentral/trc/3/ 45 KB
14 KB 494ms
492ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/mobilenations1-windowcentral/trc/3/json?tim=16%3A02%3A05.301&lti=inc_video_ctrl&data=%7B%22id%22%3A252%2C%22ii%22%3A%22%2Fwindows-workstations-under-attack-newly-discovered-malware%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1650272604222%2C%22vi%22%3A1650297725290%2C%22cv%22%3A%2220220418-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22pev%22%3A7295%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22%22%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware%22%2C%22vpi%22%3A%22%2Fwindows-workstations-under-attack-newly-discovered-malware%22%2C%22e%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4464%2C%22nsid%22%3A%22mobilenations1-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbs-ma-01%3Apub%3Dmobilenations1-network%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnails%22%2C%22cd%22%3A2028.578125%2C%22mw%22%3A728%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-d%3Apub%3Dmobilenations1-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20article%204x2%22%2C%22orig_uip%22%3A%22Below%20article%204x2%22%2C%22cd%22%3A3637.28125%2C%22mw%22%3A1080%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fwindows-workstations-under-attack-newly-discovered-malware%2CBelow%20article%204x2%3Dthumbnails-d%3Apub%3Dmobilenations1-network%3Aabp%3D0%2C%2CMid%20Article%20Thumbnails%3Dthumbs-ma-01%3Apub%3Dmobilenations1-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22inc_video_ctrl%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220418-3-RELEASE.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f013719f9f3fbb547b5a32a6951d353456a14b47898b5e5d50408e8ada61caa

Request headers

Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 486
date: Mon, 18 Apr 2022 16:02:05 GMT
content-encoding: gzip
server: nginx
x-timer: S1650297725.306961,VS0,VE486
x-served-by: cache-hhn4072-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.windowscentral.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 wc-logo-color.svg
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 5 KB
2 KB 21ms
21ms Image
image/svg+xml 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577c6dfe3ebcb5435b28de78f9112774f8910e67e889aad87895daf6cd1a9f44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:05 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 15:02:30 GMT
server: cloudflare
age: 1837137
etag: W/"62349f06-121f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 6fde9f726bce9225-FRA
expires: Thu, 28 Apr 2022 09:43:07 GMT

GET
H2 200 cta-component.20220418-3-RELEASE.es5.js Show response
cdn.taboola.com/libtrc/ 19 KB
6 KB 7ms
6ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20220418-3-RELEASE.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mobilenations1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d6e18ce277549165b933ee539b5a854350210087bfb007f95a5b4523341b8ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: xnuVlnoku0OhHSTz617jrbA3nAp8.omZ
content-encoding: gzip
etag: "130858347704f16835285c1e7b8a0d2a"
age: 25153
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5411
x-amz-id-2: sHbPryNnnpikaidz9ZIaCtoPHYb1y0iuH/MU0GPF0cWSvpvl6cx9+vZ5M0R1bQttPDH6vpb3SG8=
x-served-by: cache-hhn4072-HHN
last-modified: Mon, 18 Apr 2022 09:02:50 GMT
server: AmazonS3
x-timer: S1650297726.837360,VS0,VE0
date: Mon, 18 Apr 2022 16:02:05 GMT
vary: Accept-Encoding
x-amz-request-id: 3N0VPRB1NHQW0JYT
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 93
x-cache-hits: 11631

GET
H2 200 tb Show response
15.taboola.com/ 35 KB
10 KB 35ms
34ms XHR
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=mobilenations1-windowcentral&unitType=4&tbloc=&pageType=text&pstn=Mid%20Article%20Thumbnails&uuip=&cisrf=https%3A%2F%2Ft.co%2F&cirf=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&encoded=1&uid=093f8e49-90c3-48d4-aa51-66753dde7c1e-tuct95710fd&variant=-100|493387&callback=TRC.videoTagCallbacks.videoCallback1&cb=1650297725839&tagid=&cntry=DE&platform=1&sesid=7618ea2a1c1ffa49b33e3283fb8ec502&itemid=/windows-workstations-under-attack-newly-discovered-malware&viewid=1650297725290&geolat=&geoing=&deviceifa=&appid=&sd=v2_7618ea2a1c1ffa49b33e3283fb8ec502_093f8e49-90c3-48d4-aa51-66753dde7c1e-tuct95710fd_1650297725_1650297725_CGoQ5I1DGOrCo-uDMCABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGiD2JXN5_L01rUBcAA&ri=e3ecc42b199ac081ce6ebfbbf5802547&appname=&cdb=&gdprApplies=true&rid=&sii=8527795652151390451&oee=true&tpubid=1099492&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BY&hasGDPRConsent=true&tcfVersion=2&cmpStatus=0&tnetid=1099489&prcnt=&layer=&normp=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220418-3-RELEASE.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1fa8156dac4ff382ceb604b37cec5bb752240a6aebcaa18c0032ee6959e3a094

Request headers

Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 18 Apr 2022 16:02:05 GMT
content-encoding: gzip
access-control-allow-origin: https://www.windowscentral.com
machineid: 1444
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-hhn4072-HHN
pragma: no-cache
server: nginx
x-timer: S1650297726.842850,VS0,VE28
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 userx.20220418-3-RELEASE.es5.js Show response
cdn.taboola.com/libtrc/ 22 KB
6 KB 7ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20220418-3-RELEASE.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mobilenations1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6a805640069aed8b4844585d77756384895de297f810b2016099a7285afec3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: FVMXCnSkuO7_jLQ9JX5tYVZuEwOiE9QU
content-encoding: gzip
etag: "96995ae02873eddbbb6981c645baa5fb"
age: 25348
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5730
x-amz-id-2: tGLgaOKy3f/z97R6ZcbdIGUTvO9vvqbYHvVMy6ch5hcK+zTrGTdjmEsQfbX3RcFw1TaLYiNBvrw=
x-served-by: cache-hhn4072-HHN
last-modified: Mon, 18 Apr 2022 08:59:35 GMT
server: AmazonS3
x-timer: S1650297726.842698,VS0,VE0
date: Mon, 18 Apr 2022 16:02:05 GMT
vary: Accept-Encoding
x-amz-request-id: X3MTS8SJEFCH0RX2
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 93
x-cache-hits: 10117

GET
H2 200 explore-more.20220418-3-RELEASE.es5.js Show response
cdn.taboola.com/libtrc/ 21 KB
6 KB 7ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20220418-3-RELEASE.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mobilenations1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 488b6aaafa304972f548bd8bb8dd9b9743ca21371de420faec68943964f160bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: JouVPYwACgzMXPo47Igy1Y2FPv4YI9s6
content-encoding: gzip
etag: "57316a6d069cb1c8c3e8fab2aa642339"
age: 25138
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 6139
x-amz-id-2: 1SX8Um+m8CAzmxpCJB+w+OC9zbAqrK25Me0o3mpgT8a9qZ5TcsHDIC5jHJ1f3i9S1XXYa8N++Hc=
x-served-by: cache-hhn4072-HHN
last-modified: Mon, 18 Apr 2022 09:02:16 GMT
server: AmazonS3
x-timer: S1650297726.845300,VS0,VE0
date: Mon, 18 Apr 2022 16:02:05 GMT
vary: Accept-Encoding
x-amz-request-id: 5TXP6J2FA7K4FKFZ
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 93
x-cache-hits: 3883

GET
H2 200 feed-card-placeholder.20220418-3-RELEASE.es5.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 7ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20220418-3-RELEASE.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mobilenations1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67aca0eb9a298640df1c15671bce15fdbf4ac0b37c74a87d91312aeb702a0703

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: Xd.D_ZXIsa6H211gitcWPwX_JXnRV7WL
content-encoding: gzip
etag: "14946efbcf14c3e8d2b28bd6ce128004"
age: 25076
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1513
x-amz-id-2: tuDd8qCTtAPnQ/LGenEQDjcxBVKWNZoKQYI9kMIDfgRXD6kwB8PMAAKB87vRX7XLst6SpXEl/gI=
x-served-by: cache-hhn4072-HHN
last-modified: Mon, 18 Apr 2022 09:02:06 GMT
server: AmazonS3
x-timer: S1650297726.853704,VS0,VE0
date: Mon, 18 Apr 2022 16:02:05 GMT
vary: Accept-Encoding
x-amz-request-id: QXGT0V06EZCRX364
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 93
x-cache-hits: 10926

GET
H2 204 supply-feature
trc.taboola.com/mobilenations1-windowcentral/log/3/ 0
217 B 23ms
22ms Image
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/mobilenations1-windowcentral/log/3/supply-feature?route=AM:AM:V&lti=inc_video_ctrl&ri=e3ecc42b199ac081ce6ebfbbf5802547&sd=v2_7618ea2a1c1ffa49b33e3283fb8ec502_093f8e49-90c3-48d4-aa51-66753dde7c1e-tuct95710fd_1650297725_1650297725_CGoQ5I1DGOrCo-uDMCABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGiD2JXN5_L01rUBcAA&ui=093f8e49-90c3-48d4-aa51-66753dde7c1e-tuct95710fd&pi=/windows-workstations-under-attack-newly-discovered-malware&wi=8527795652151390451&pt=text&vi=1650297725290&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=16%3A02%3A05.841&id=8768&llvl=2&cv=20220418-3-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms: 16
pragma: no-cache
date: Mon, 18 Apr 2022 16:02:05 GMT
via: 1.1 varnish
server: nginx
x-timer: S1650297726.887512,VS0,VE16
x-served-by: cache-hhn4072-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 wc-logo-color.svg
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 5 KB
2 KB 26ms
26ms Image
image/svg+xml 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577c6dfe3ebcb5435b28de78f9112774f8910e67e889aad87895daf6cd1a9f44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:05 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 15:02:30 GMT
server: cloudflare
age: 1837137
etag: W/"62349f06-121f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 6fde9f72fcb49225-FRA
expires: Thu, 28 Apr 2022 09:43:07 GMT

GET
H2 204 /
loadus.exelator.com/load/ 0
93 B 1132ms
1011ms Image
text/plain 18.198.69.109

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=1252&g=8&cpid=15988083&publisher=mobilenations1-windowcentral&ad_id=3172633165&j=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:07 GMT
server: nginx
server-timing: total;dur=1.002
etag: "613a21d2-0"

GET
H2 204 social
am-trc-events.taboola.com/mobilenations1-windowcentral/log/3/ 0
231 B 126ms
14ms Image
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/mobilenations1-windowcentral/log/3/social?route=AM:AM:V&lti=inc_video_ctrl&ri=e3ecc42b199ac081ce6ebfbbf5802547&sd=v2_7618ea2a1c1ffa49b33e3283fb8ec502_093f8e49-90c3-48d4-aa51-66753dde7c1e-tuct95710fd_1650297725_1650297725_CGoQ5I1DGOrCo-uDMCABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGiD2JXN5_L01rUBcAA&ui=093f8e49-90c3-48d4-aa51-66753dde7c1e-tuct95710fd&pi=/windows-workstations-under-attack-newly-discovered-malware&wi=8527795652151390451&pt=text&vi=1650297725290&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware%22%2C%22rref%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Windows%20workstations%20under%20attack%20by%20newly%20discovered%20malware%22%2C%22sec%22%3A%22News%22%2C%22aut%22%3A%5B%22Sean%20Endicott%22%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.windowscentral.com%2Fsites%2Fwpcentral.com%2Ffiles%2Fstyles%2Flarge%2Fpublic%2Ffield%2Fimage%2F2021%2F05%2Fhp-zbook-studio-g8-ports2.jpg%22%2C%22v%22%3A15%2C%22ui%22%3A%22%22%2C%22ut%22%3A%22%22%2C%22pw%22%3A%22%22%7D%5D%7D&tim=16%3A02%3A05.936&id=188&llvl=2&cv=20220418-3-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 18 Apr 2022 16:02:06 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
trc.taboola.com/mobilenations1-windowcentral/log/3/ 0
59 B 20ms
20ms Image
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/mobilenations1-windowcentral/log/3/abtests?route=AM:AM:V&lti=inc_video_ctrl&ri=e3ecc42b199ac081ce6ebfbbf5802547&sd=v2_7618ea2a1c1ffa49b33e3283fb8ec502_093f8e49-90c3-48d4-aa51-66753dde7c1e-tuct95710fd_1650297725_1650297725_CGoQ5I1DGOrCo-uDMCABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGiD2JXN5_L01rUBcAA&ui=093f8e49-90c3-48d4-aa51-66753dde7c1e-tuct95710fd&pi=/windows-workstations-under-attack-newly-discovered-malware&wi=8527795652151390451&pt=text&vi=1650297725290&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1650297725945%7D&tim=16%3A02%3A05.945&id=6116&llvl=2&cv=20220418-3-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Mon, 18 Apr 2022 16:02:05 GMT
via: 1.1 varnish
server: nginx
x-timer: S1650297726.952808,VS0,VE8
x-served-by: cache-hhn4072-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.7.0/ 99 KB
29 KB 10ms
6ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.7.0/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220418-3-RELEASE.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b9467aba0de1d1acafd0553282d7da2ba58d3544872ae622d7cf4e992c99374

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:05 GMT
via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront), 1.1 varnish
age: 1049494
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 28857
x-served-by: cache-hhn4072-HHN
last-modified: Wed, 06 Apr 2022 12:29:49 GMT
server: AmazonS3
x-timer: S1650297726.977501,VS0,VE0
etag: "c2b8a68b1b588800747ff3ff1421208f"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Ujo90RZ_JyNhs3STYr5LJdXfbyf5hSiH5ERWxVxw6Q1qRD0LBotVdQ==
x-cache-hits: 46722

GET
H2 204 supply-feature
trc.taboola.com/mobilenations1-windowcentral/log/3/ 0
184 B 36ms
25ms Image
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/mobilenations1-windowcentral/log/3/supply-feature?route=AM:AM:V&lti=inc_video_ctrl&ri=e3ecc42b199ac081ce6ebfbbf5802547&sd=v2_7618ea2a1c1ffa49b33e3283fb8ec502_093f8e49-90c3-48d4-aa51-66753dde7c1e-tuct95710fd_1650297725_1650297725_CGoQ5I1DGOrCo-uDMCABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGiD2JXN5_L01rUBcAA&ui=093f8e49-90c3-48d4-aa51-66753dde7c1e-tuct95710fd&pi=/windows-workstations-under-attack-newly-discovered-malware&wi=8527795652151390451&pt=text&vi=1650297725290&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=16%3A02%3A06.017&id=8321&llvl=2&cv=20220418-3-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms: 16
pragma: no-cache
date: Mon, 18 Apr 2022 16:02:06 GMT
via: 1.1 varnish
server: nginx
x-timer: S1650297726.050668,VS0,VE16
x-served-by: cache-hhn4072-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 supply-feature
trc.taboola.com/mobilenations1-windowcentral/log/3/ 0
174 B 24ms
17ms Image
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/mobilenations1-windowcentral/log/3/supply-feature?route=AM:AM:V&lti=inc_video_ctrl&ri=e3ecc42b199ac081ce6ebfbbf5802547&sd=v2_7618ea2a1c1ffa49b33e3283fb8ec502_093f8e49-90c3-48d4-aa51-66753dde7c1e-tuct95710fd_1650297725_1650297725_CGoQ5I1DGOrCo-uDMCABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGiD2JXN5_L01rUBcAA&ui=093f8e49-90c3-48d4-aa51-66753dde7c1e-tuct95710fd&pi=/windows-workstations-under-attack-newly-discovered-malware&wi=8527795652151390451&pt=text&vi=1650297725290&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%7D&tim=16%3A02%3A06.021&id=4448&llvl=2&cv=20220418-3-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 18 Apr 2022 16:02:06 GMT
via: 1.1 varnish
server: nginx
x-timer: S1650297726.052109,VS0,VE9
x-served-by: cache-hhn4072-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 wc-logo-color.svg
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 5 KB
2 KB 27ms
19ms Image
image/svg+xml 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577c6dfe3ebcb5435b28de78f9112774f8910e67e889aad87895daf6cd1a9f44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 15:02:30 GMT
server: cloudflare
age: 1837138
etag: W/"62349f06-121f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 6fde9f73ddde9225-FRA
expires: Thu, 28 Apr 2022 09:43:07 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 4 KB
3 KB 369ms
367ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=510&height=286&pubid=169497&tagid=953497&crid=6510155&noaop=5&sortOrderType=0&cb=1650297726321&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1388&pt=-967546266&tz=0&viewable=true&ddast=V7a2cCFgOYvfMMoGPFSASYvfMMoGPFSAUAAAAGBgQHG8aczGibEY21WS02w91stphMhsvhZDGZDGHDmJMZbTOisTarxWa4m60Wu8FgsdjMRqMpWDTTZFBQTk-P2WUQFV1vi93hNHvekIWm0-Fz3et1v99d97Sb_L7Px2U3XR5mu8bv9uuedpPf93nr_pav5_QwPf12z1t1N7ksb4Xp9PB43XKX7-x8i5yej9_2srxMbrXD7HtYXnYAAAAAeAAYs1qC-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMAjK1wCA4sCQv-nosltcl59BbzGIXJaD6OG6uCz_AAB4eAABABDAIAEY2G0pAXDBHT4BAAAAAAAAAGD5____jwHYYxuTGfBfb-gBePABeCAqIC1iBAAAAJBbvZl6NKkTKosqAACCdCuAKwCAAMAetPHQMAAAgAAxNc26mF93rcOxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJlTElZIWJEKxp_YLCACw9gsIAMCmbgAAbwJwIdeAptPhc93rRXeN3y86glYMBqszoOVmM9zNDgAAAODu____H09Nsy7m113rUA_kZovhymFZODaOmc1hWk48m5VnMtzMLMaVxzWYbC_IQ4qyqdzlsc-imSaDgnJ6eswug6joelvsDqfZc78JW4xWk8lmOZwtF5PBcDQcjfY3EIPBACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYWC5mRlXpuVaOdh41qLhyLRWOFyLtWy2W21GJpdv41i5Ra-P6bnaLQYzkxUP5mN4-GsXLgoGVO1FcJFO1H6L0-yyO0xPv93zWOuedpPf93HZTZeH2SKWaE4W6UR22fdmi-HKYVk4No6ZzWFaTjyblWcy3MwsxpXHNZjsC8vNzLgyLdfKwcazFg1HprXC4VqsZbPdajMyuXwbx8oten1Mz9VuMZiZ_I3ZajBZ7naT1b4xWw0my91ustp3eHxHa8kY8fiUD9-tOrE5DAqXweL9SUyLaXd28Px-R6dO_VIWdUbh5Xv0GhSeg8c0UabEOmtfJiwmrwrHwaCIJYLTRToRvYyni1gieVqkE5Vn5fGYJhPHcrnwGIaLjcu2stgsFptrOJisRruJWKI0XaQTve5pN_l9n7fub_l6Tg_T02_3vFV3k8vyVphOD4_XLXf5zs63yOn5-G0vy8vkVjvMvoflZVH_8SGGq7lksZkrVqu5YrZcJQAAAAAAAACAJcyZNwEAAAA4DWQ0Wk1WywWAMCbXBQYBAAAAAADYtcOCth_VhJ0_5mi_xWl22R2mp9_ueax1T7vJ7_u47KbLw2xlAAjjcObNnglirVbLGgAAQAAbAAAggFs3bwFhVhwAAEBgHAAAAIAc!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=10&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3061955&dpubid=244525&abtst=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mdag_vA!pblc_vE!spa2_vB!t45!t45!ufm&mPre=0.033&cirf=https%3A%2F%2Fwww.windowscentral.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.7.0/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 391da2116cb4fdb7beb2702f2217b2e2f448755129460e98e79d2a461e9cdcaf

Request headers

Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type: text/plain

Response headers

date: Mon, 18 Apr 2022 16:02:06 GMT
content-encoding: gzip
access-control-allow-origin: https://www.windowscentral.com
machineid: 1429
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4072-HHN
pragma: no-cache
server: nginx
x-timer: S1650297726.342382,VS0,VE308
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://ads.stickyadstv.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 49ms
15ms Image
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8088675&crid=6510155&dast=V7a2cCFgOYvfMMoGPFSASYvfMMoGPFSAUAAAAGBgQHG8aczGibEY21WS02w91stphMhsvhZDGZDGHDmJMZbTOisTarxWa4m60Wu8FgsdjMRqMpWDTTZFBQTk-P2WUQFV1vi93hNHvekIWm0-Fz3et1v99d97Sb_L7Px2U3XR5mu8bv9uuedpPf93nr_pav5_QwPf12z1t1N7ksb4Xp9PB43XKX7-x8i5yej9_2srxMbrXD7HtYXnYAAAAAeAAYs1qC-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMAjK1wCA4sCQv-nosltcl59BbzGIXJaD6OG6uCz_AAB4eAABABDAIAEY2G0pAXDBHT4BAAAAAAAAAGD5____jwHYYxuTGfBfb-gBePABeCAqIC1iBAAAAJBbvZl6NKkTKosqAACCdCuAKwCAAMAetPHQMAAAgAAxNc26mF93rcOxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJlTElZIWJEKxp_YLCACw9gsIAMCmbgAAbwJwIdeAptPhc93rRXeN3y86glYMBqszoOVmM9zNDgAAAODu____H09Nsy7m113rUA_kZovhymFZODaOmc1hWk48m5VnMtzMLMaVxzWYbC_IQ4qyqdzlsc-imSaDgnJ6eswug6joelvsDqfZc78JW4xWk8lmOZwtF5PBcDQcjfY3EIPBACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYWC5mRlXpuVaOdh41qLhyLRWOFyLtWy2W21GJpdv41i5Ra-P6bnaLQYzkxUP5mN4-GsXLgoGVO1FcJFO1H6L0-yyO0xPv93zWOuedpPf93HZTZeH2SKWaE4W6UR22fdmi-HKYVk4No6ZzWFaTjyblWcy3MwsxpXHNZjsC8vNzLgyLdfKwcazFg1HprXC4VqsZbPdajMyuXwbx8oten1Mz9VuMZiZ_I3ZajBZ7naT1b4xWw0my91ustp3eHxHa8kY8fiUD9-tOrE5DAqXweL9SUyLaXd28Px-R6dO_VIWdUbh5Xv0GhSeg8c0UabEOmtfJiwmrwrHwaCIJYLTRToRvYyni1gieVqkE5Vn5fGYJhPHcrnwGIaLjcu2stgsFptrOJisRruJWKI0XaQTve5pN_l9n7fub_l6Tg_T02_3vFV3k8vyVphOD4_XLXf5zs63yOn5-G0vy8vkVjvMvoflZVH_8SGGq7lksZkrVqu5YrZcJQAAAAAAAACAJcyZNwEAAAA4DWQ0Wk1WywWAMCbXBQYBAAAAAADYtcOCth_VhJ0_5mi_xWl22R2mp9_ueax1T7vJ7_u47KbLw2xlAAjjcObNnglirVbLGgAAQAAbAAAggFs3bwFhVhwAAEBgHAAAAIAc!&cmcv=&pix=31589837&cb=1650297726318&uv=3165&tms=1650297726318&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mdag_vA!pblc_vE!spa2_vB!t45!t45!ufm&ru=https://t.co/&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1650297717016.4!ts:1650297726318&mntl=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:06 GMT
content-length: 0
server: nginx

GET
H2 200 st
imprammp.taboola.com/ 0
53 B 32ms
32ms Image
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8088675&crid=6510155&dast=V7a2cCFgOYvfMMoGPFSASYvfMMoGPFSAUAAAAGBgQHG8aczGibEY21WS02w91stphMhsvhZDGZDGHDmJMZbTOisTarxWa4m60Wu8FgsdjMRqMpWDTTZFBQTk-P2WUQFV1vi93hNHvekIWm0-Fz3et1v99d97Sb_L7Px2U3XR5mu8bv9uuedpPf93nr_pav5_QwPf12z1t1N7ksb4Xp9PB43XKX7-x8i5yej9_2srxMbrXD7HtYXnYAAAAAeAAYs1qC-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMAjK1wCA4sCQv-nosltcl59BbzGIXJaD6OG6uCz_AAB4eAABABDAIAEY2G0pAXDBHT4BAAAAAAAAAGD5____jwHYYxuTGfBfb-gBePABeCAqIC1iBAAAAJBbvZl6NKkTKosqAACCdCuAKwCAAMAetPHQMAAAgAAxNc26mF93rcOxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJlTElZIWJEKxp_YLCACw9gsIAMCmbgAAbwJwIdeAptPhc93rRXeN3y86glYMBqszoOVmM9zNDgAAAODu____H09Nsy7m113rUA_kZovhymFZODaOmc1hWk48m5VnMtzMLMaVxzWYbC_IQ4qyqdzlsc-imSaDgnJ6eswug6joelvsDqfZc78JW4xWk8lmOZwtF5PBcDQcjfY3EIPBACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYWC5mRlXpuVaOdh41qLhyLRWOFyLtWy2W21GJpdv41i5Ra-P6bnaLQYzkxUP5mN4-GsXLgoGVO1FcJFO1H6L0-yyO0xPv93zWOuedpPf93HZTZeH2SKWaE4W6UR22fdmi-HKYVk4No6ZzWFaTjyblWcy3MwsxpXHNZjsC8vNzLgyLdfKwcazFg1HprXC4VqsZbPdajMyuXwbx8oten1Mz9VuMZiZ_I3ZajBZ7naT1b4xWw0my91ustp3eHxHa8kY8fiUD9-tOrE5DAqXweL9SUyLaXd28Px-R6dO_VIWdUbh5Xv0GhSeg8c0UabEOmtfJiwmrwrHwaCIJYLTRToRvYyni1gieVqkE5Vn5fGYJhPHcrnwGIaLjcu2stgsFptrOJisRruJWKI0XaQTve5pN_l9n7fub_l6Tg_T02_3vFV3k8vyVphOD4_XLXf5zs63yOn5-G0vy8vkVjvMvoflZVH_8SGGq7lksZkrVqu5YrZcJQAAAAAAAACAJcyZNwEAAAA4DWQ0Wk1WywWAMCbXBQYBAAAAAADYtcOCth_VhJ0_5mi_xWl22R2mp9_ueax1T7vJ7_u47KbLw2xlAAjjcObNnglirVbLGgAAQAAbAAAggFs3bwFhVhwAAEBgHAAAAIAc!&cmcv=&pix=undefined&cb=1650297726318&uv=3165&tms=1650297726318&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mdag_vA!pblc_vE!spa2_vB!t45!t45!ufm&ru=https://t.co/&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=F92F63DF5351387661228982122&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:06 GMT
via: 1.1 varnish
server: nginx
x-timer: S1650297726.342504,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4072-HHN

GET
H2 200 cmTagWIDGET_ITEM.js Show response
vidstat.taboola.com/vpaid/units/31_6_5/infra/ 752 KB
130 KB 25ms
7ms Script
application/javascript 151.101.193.44

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/31_6_5/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.7.0/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 -, , ASN (),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 70889b8245e809fc8c9b9d543cc617aa2141fbb173aa1342badfb5b4f59be190

Request headers

Referer: https://www.windowscentral.com/
Origin: https://www.windowscentral.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:06 GMT
via: 1.1 varnish
age: 197237
x-amz-meta-mtime: 1650100325
x-cache: HIT
x-amz-meta-ctime: 1650100326
x-amz-meta-mode: 33188
content-encoding: br
content-length: 132136
x-amz-id-2: 7nY6HerL1UYXLYEG/vhwcKTrwia78ehR7TTCl7C5ORMdP16NXecoRywcvdcKufVHG3YaaMzQU9c=
x-served-by: cache-hhn4021-HHN
accept-ranges: bytes
last-modified: Sat, 16 Apr 2022 09:12:07 GMT
server: AmazonS3-br
x-timer: S1650297727.721255,VS0,VE0
etag: "59d93b7008120277bb4a31297065e5a9"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: WFVTVVXEE0CJ6QZJ
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 11778

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/31_6_5/assets/css/ 63 KB
9 KB 7ms
7ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/31_6_5/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.7.0/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: f851b17761d140f156750a1e1b239f75be8b2009887a3f89a0af2871e41405b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:06 GMT
via: 1.1 varnish
age: 197240
x-amz-meta-mtime: 1650100378
x-cache: HIT
x-amz-meta-ctime: 1650100378
x-amz-meta-mode: 33188
content-encoding: br
content-length: 8294
x-amz-id-2: HYXseUoc/nVU66ThFMkqpVJUUhq6t52swN+XvqbZZ4gEHb4dufYTozCZK+8WIBZd8SWjRpLa3jY=
x-served-by: cache-hhn4072-HHN
accept-ranges: bytes
last-modified: Sat, 16 Apr 2022 09:12:59 GMT
server: AmazonS3-br
x-timer: S1650297727.704444,VS0,VE0
etag: "7109a5557051e4983d59fded16204002"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: XSE1NC10AJBKR100
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 41040

GET
H2 204 abtests
trc.taboola.com/mobilenations1-windowcentral/log/3/ 0
244 B 15ms
15ms Image
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/mobilenations1-windowcentral/log/3/abtests?route=AM:AM:V&lti=inc_video_ctrl&ri=e3ecc42b199ac081ce6ebfbbf5802547&sd=v2_7618ea2a1c1ffa49b33e3283fb8ec502_093f8e49-90c3-48d4-aa51-66753dde7c1e-tuct95710fd_1650297725_1650297725_CGoQ5I1DGOrCo-uDMCABKAEwODib4wlAgooQSNzK2QNQpewQWABgAGiD2JXN5_L01rUBcAA&ui=093f8e49-90c3-48d4-aa51-66753dde7c1e-tuct95710fd&pi=/windows-workstations-under-attack-newly-discovered-malware&wi=8527795652151390451&pt=text&vi=1650297725290&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22HipLostNoAdjacInFirstWF%22%2C%22type%22%3A%22HipLost%22%2C%22eventTime%22%3A1650297726699%7D&tim=16%3A02%3A06.699&id=5052&llvl=2&cv=20220418-3-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Mon, 18 Apr 2022 16:02:06 GMT
via: 1.1 varnish
server: nginx
x-timer: S1650297727.704486,VS0,VE9
x-served-by: cache-hhn4072-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 wc-logo-color.svg
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 5 KB
2 KB 21ms
21ms Image
image/svg+xml 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577c6dfe3ebcb5435b28de78f9112774f8910e67e889aad87895daf6cd1a9f44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 15:02:30 GMT
server: cloudflare
age: 1837138
etag: W/"62349f06-121f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 6fde9f789d5e9225-FRA
expires: Thu, 28 Apr 2022 09:43:07 GMT

GET
H2 200 PMS.js Show response
vidstat.taboola.com/PMS/3.2.2/ 59 KB
17 KB 8ms
8ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/PMS/3.2.2/PMS.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_6_5/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:06 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront), 1.1 varnish
age: 377567
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 17509
x-served-by: cache-hhn4072-HHN
last-modified: Thu, 21 Jan 2021 11:30:56 GMT
server: AmazonS3
x-timer: S1650297727.836470,VS0,VE0
etag: "f237b8d35060f133ac8c595fd1234e1c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: XiPzI3T7-j00LduMNKNm2rmlUDrCpSGT1aq1AjMdveabScX3DbI-Pg==
x-cache-hits: 20215

POST
H2 204 bulk Show response
trc.taboola.com/mobilenations1-windowcentral/log/3/ 0
145 B 46ms
46ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/mobilenations1-windowcentral/log/3/bulk?route=AM%3AAM%3AV&lti=inc_video_ctrl&bulkSize=8
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220418-3-RELEASE.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 11
pragma: no-cache
date: Mon, 18 Apr 2022 16:02:06 GMT
via: 1.1 varnish
server: nginx
x-timer: S1650297727.970420,VS0,VE11
x-served-by: cache-hhn4072-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.windowscentral.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
720 B 7ms
6ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 2846
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: yeuhtSaIHTRzn5Sb/BhoRbmorY6jlIGKTN3jBjNJ2gjscig6jQv3GZOmCUvDSqzUCzHWH69H00k=
x-served-by: cache-hhn4072-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1650297727.019470,VS0,VE0
date: Mon, 18 Apr 2022 16:02:07 GMT
x-amz-request-id: DM4PBFJ9QH08DD7N
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 93
x-cache-hits: 415

GET
H2 200 content14_10_18m.js Show response
vidstat.taboola.com/ 37 KB
8 KB 7ms
6ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content14_10_18m.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_6_5/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:07 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront), 1.1 varnish
age: 394665
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 7638
x-served-by: cache-hhn4072-HHN
last-modified: Sun, 14 Oct 2018 13:31:31 GMT
server: AmazonS3
x-timer: S1650297727.322978,VS0,VE0
etag: "d8d81221ec6e604811ce469d899c9c8b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: t1A-OC7FrDGZJC7Tp3c5Te6utmhBjz82_E5tKO0J_wHxk5doBZKsXQ==
x-cache-hits: 48819

GET
H2 200 video-autoplay-detector.js Show response
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 8 KB
2 KB 7ms
6ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_6_5/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:07 GMT
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront), 1.1 varnish
age: 1591349
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 2210
x-served-by: cache-hhn4072-HHN
last-modified: Mon, 10 Jun 2019 11:55:53 GMT
server: AmazonS3
x-timer: S1650297727.330166,VS0,VE0
etag: "2fac39530c1c168282a35d1ab56450ed"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: dMQndaMYz4lAKRlFPrdUyMaueOEjTlwBX-FuhX2o7-w7PeNmsjlMEw==
x-cache-hits: 418815

GET
H2 200 wc-logo-color.svg
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 5 KB
2 KB 23ms
22ms Image
image/svg+xml 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577c6dfe3ebcb5435b28de78f9112774f8910e67e889aad87895daf6cd1a9f44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 15:02:30 GMT
server: cloudflare
age: 1837139
etag: W/"62349f06-121f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 6fde9f7bdb7a9225-FRA
expires: Thu, 28 Apr 2022 09:43:07 GMT

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v13.8.8/ 560 KB
115 KB 7ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.8.8/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_6_5/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 021b23d6cce7c934afbade06a6a3f058072f99930cc5f6a72038324d00686b18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:07 GMT
via: 1.1 varnish
age: 462660
x-amz-meta-mtime: 1649834988
x-cache: HIT
x-amz-meta-ctime: 1649835002
x-amz-meta-mode: 33188
content-encoding: br
content-length: 117253
x-amz-id-2: vuN9blCG8DpwDCzX9IGXWuewd680dsKQMRpWUqzxXIHzBauHpyNzK5KG8cSaoGvlgWE/MmHldnA=
x-served-by: cache-hhn4072-HHN
accept-ranges: bytes
last-modified: Wed, 13 Apr 2022 07:30:03 GMT
server: AmazonS3-br
x-timer: S1650297727.361709,VS0,VE0
etag: "39efc5b0f48ae414ef8f10d2c35d2e79"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 6H1SBFN2654Q5CZE
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 135473

GET
H2 200 sync Show response
am-match.taboola.com/ Frame B606 742 B
836 B 58ms
16ms Document
text/html 141.226.228.48

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7a2cCFgOYvfMMoGPFSASYvfMMoGPFSAUAAAAGBgQHG8aczGibEY21WS02w91stphMhsvhZDGZDGHDmJMZbTOisTarxWa4m60Wu8FgsdjMRqMpWDTTZFBQTk-P2WUQFV1vi93hNHvekIWm0-Fz3et1v99d97Sb_L7Px2U3XR5mu8bv9uuedpPf93nr_pav5_QwPf12z1t1N7ksb4Xp9PB43XKX7-x8i5yej9_2srxMbrXD7HtYXnYAAAAAeAAYs1qC-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMAjK1wCA4sCQv-nosltcl59BbzGIXJaD6OG6uCz_AAB4eAABABDAIAEY2G0pAXDBHT4BAAAAAAAAAGD5____jwHYYxuTGfBfb-gBePABeCAqIC1iBAAAAJBbvZl6NKkTKosqAACCdCuAKwCAAMAetPHQMAAAgAAxNc26mF93rcOxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJlTElZIWJEKxp_YLCACw9gsIAMCmbgAAbwJwIdeAptPhc93rRXeN3y86glYMBqszoOVmM9zNDgAAAODu____H09Nsy7m113rUA_kZovhymFZODaOmc1hWk48m5VnMtzMLMaVxzWYbC_IQ4qyqdzlsc-imSaDgnJ6eswug6joelvsDqfZc78JW4xWk8lmOZwtF5PBcDQcjfY3EIPBACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYWC5mRlXpuVaOdh41qLhyLRWOFyLtWy2W21GJpdv41i5Ra-P6bnaLQYzkxUP5mN4-GsXLgoGVO1FcJFO1H6L0-yyO0xPv93zWOuedpPf93HZTZeH2SKWaE4W6UR22fdmi-HKYVk4No6ZzWFaTjyblWcy3MwsxpXHNZjsC8vNzLgyLdfKwcazFg1HprXC4VqsZbPdajMyuXwbx8oten1Mz9VuMZiZ_I3ZajBZ7naT1b4xWw0my91ustp3eHxHa8kY8fiUD9-tOrE5DAqXweL9SUyLaXd28Px-R6dO_VIWdUbh5Xv0GhSeg8c0UabEOmtfJiwmrwrHwaCIJYLTRToRvYyni1gieVqkE5Vn5fGYJhPHcrnwGIaLjcu2stgsFptrOJisRruJWKI0XaQTve5pN_l9n7fub_l6Tg_T02_3vFV3k8vyVphOD4_XLXf5zs63yOn5-G0vy8vkVjvMvoflZVH_8SGGq7lksZkrVqu5YrZcJQAAAAAAAACAJcyZNwEAAAA4DWQ0Wk1WywWAMCbXBQYBAAAAAADYtcOCth_VhJ0_5mi_xWl22R2mp9_ueax1T7vJ7_u47KbLw2xlAAjjcObNnglirVbLGgAAQAAbAAAggFs3bwFhVhwAAEBgHAAAAIAc!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_6_5/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

Referer: https://www.windowscentral.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 18 Apr 2022 16:02:07 GMT
machineid: 3408
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 16ms
15ms Image
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=140&cisd=convusmp&cipid=8088675&crid=6510155&dast=V7a2cCFgOYvfMMoGPFSASYvfMMoGPFSAUAAAAGBgQHG8aczGibEY21WS02w91stphMhsvhZDGZDGHDmJMZbTOisTarxWa4m60Wu8FgsdjMRqMpWDTTZFBQTk-P2WUQFV1vi93hNHvekIWm0-Fz3et1v99d97Sb_L7Px2U3XR5mu8bv9uuedpPf93nr_pav5_QwPf12z1t1N7ksb4Xp9PB43XKX7-x8i5yej9_2srxMbrXD7HtYXnYAAAAAeAAYs1qC-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMAjK1wCA4sCQv-nosltcl59BbzGIXJaD6OG6uCz_AAB4eAABABDAIAEY2G0pAXDBHT4BAAAAAAAAAGD5____jwHYYxuTGfBfb-gBePABeCAqIC1iBAAAAJBbvZl6NKkTKosqAACCdCuAKwCAAMAetPHQMAAAgAAxNc26mF93rcOxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJlTElZIWJEKxp_YLCACw9gsIAMCmbgAAbwJwIdeAptPhc93rRXeN3y86glYMBqszoOVmM9zNDgAAAODu____H09Nsy7m113rUA_kZovhymFZODaOmc1hWk48m5VnMtzMLMaVxzWYbC_IQ4qyqdzlsc-imSaDgnJ6eswug6joelvsDqfZc78JW4xWk8lmOZwtF5PBcDQcjfY3EIPBACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYWC5mRlXpuVaOdh41qLhyLRWOFyLtWy2W21GJpdv41i5Ra-P6bnaLQYzkxUP5mN4-GsXLgoGVO1FcJFO1H6L0-yyO0xPv93zWOuedpPf93HZTZeH2SKWaE4W6UR22fdmi-HKYVk4No6ZzWFaTjyblWcy3MwsxpXHNZjsC8vNzLgyLdfKwcazFg1HprXC4VqsZbPdajMyuXwbx8oten1Mz9VuMZiZ_I3ZajBZ7naT1b4xWw0my91ustp3eHxHa8kY8fiUD9-tOrE5DAqXweL9SUyLaXd28Px-R6dO_VIWdUbh5Xv0GhSeg8c0UabEOmtfJiwmrwrHwaCIJYLTRToRvYyni1gieVqkE5Vn5fGYJhPHcrnwGIaLjcu2stgsFptrOJisRruJWKI0XaQTve5pN_l9n7fub_l6Tg_T02_3vFV3k8vyVphOD4_XLXf5zs63yOn5-G0vy8vkVjvMvoflZVH_8SGGq7lksZkrVqu5YrZcJQAAAAAAAACAJcyZNwEAAAA4DWQ0Wk1WywWAMCbXBQYBAAAAAADYtcOCth_VhJ0_5mi_xWl22R2mp9_ueax1T7vJ7_u47KbLw2xlAAjjcObNnglirVbLGgAAQAAbAAAggFs3bwFhVhwAAEBgHAAAAIAc!&cmcv=&pix=&cb=1650297727370&uv=3165&tms=1650297727370&su=&abt=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mdag_vA!pblc_vE!spa2_vB!t45!t45!ufm_vA&ru=https://t.co/&ft=0&unm=WIDGET_ITEM&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:07 GMT
content-length: 0
server: nginx

GET
BLOB 206
Partial Content 7a1e4d35-cd1a-41fb-ac49-1d6e136cc5c3
https://www.windowscentral.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.windowscentral.com/7a1e4d35-cd1a-41fb-ac49-1d6e136cc5c3
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content c7ce7a10-8208-4e0a-abc0-cf2e7c985114
https://www.windowscentral.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.windowscentral.com/c7ce7a10-8208-4e0a-abc0-cf2e7c985114
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H/1.1 200
OK 15886015 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 598ms
21ms XHR
application/xml 104.79.89.79

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/15886015?_fw_gdpr=1&schain=1.0,1!taboola.com,1099492,1,-360034195&_fw_us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.8.8/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.89.79 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 9f8917ffc7677c77c144d331df0865a5b23e6ba823b1199f7e3c22cf8ee5612f

Request headers

Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 16:02:08 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.windowscentral.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1176
x-sticky-vk: 1650297727926064-594
Expires: Mon, 18 Apr 2022 16:02:08 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 9ms
8ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220418-3-RELEASE.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: Q93sCEWoqxiO0LdTLulEOAOmIgRcHF1L
content-encoding: gzip
etag: "8cbcf8a5c724c32aa9be09d14a4c624d"
age: 98
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 923
x-amz-id-2: eBvA3Cn7Vmi0RQPvR7kaz9zs14aMYgzx2uA7jWWQOie8bh08mSXjXMH6nljkG1Q4xYusyg4kNp0=
x-served-by: cache-hhn4072-HHN
last-modified: Tue, 05 Apr 2022 10:34:30 GMT
server: AmazonS3
x-timer: S1650297728.818148,VS0,VE0
date: Mon, 18 Apr 2022 16:02:07 GMT
vary: Accept-Encoding
x-amz-request-id: 81KT1GAWAE081RQZ
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 93
x-cache-hits: 214

GET
H2 200 eid.js Show response
cdn.taboola.com/scripts/ 14 KB
5 KB 9ms
9ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220418-3-RELEASE.es5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b0b5da7e151ac3827a6b8f13fd19967fd4404ae45fa3eaca80adeabf35808c9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: 53OKvw2BQarIq1DW0RF8XLcp_dkKr3oX
content-encoding: gzip
etag: "4574ed3f43bc468d4dc39dc39e86297d"
age: 1269
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5298
x-amz-id-2: XEesAgezm8waO2ezFQxspnwwFZU0hmhbKX4/WIevW1IstnLbRypgemH5EwVHwTsFHgBp7Nz/B3k=
x-served-by: cache-hhn4072-HHN
last-modified: Tue, 05 Apr 2022 10:34:31 GMT
server: AmazonS3
x-timer: S1650297728.818274,VS0,VE0
date: Mon, 18 Apr 2022 16:02:07 GMT
vary: Accept-Encoding
x-amz-request-id: XJJ3B96FZT0D5SZ0
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 93
x-cache-hits: 2004

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame B606 70 B
264 B 37ms
36ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7a2cCFgOYvfMMoGPFSASYvfMMoGPFSAUAAAAGBgQHG8aczGibEY21WS02w91stphMhsvhZDGZDGHDmJMZbTOisTarxWa4m60Wu8FgsdjMRqMpWDTTZFBQTk-P2WUQFV1vi93hNHvekIWm0-Fz3et1v99d97Sb_L7Px2U3XR5mu8bv9uuedpPf93nr_pav5_QwPf12z1t1N7ksb4Xp9PB43XKX7-x8i5yej9_2srxMbrXD7HtYXnYAAAAAeAAYs1qC-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMAjK1wCA4sCQv-nosltcl59BbzGIXJaD6OG6uCz_AAB4eAABABDAIAEY2G0pAXDBHT4BAAAAAAAAAGD5____jwHYYxuTGfBfb-gBePABeCAqIC1iBAAAAJBbvZl6NKkTKosqAACCdCuAKwCAAMAetPHQMAAAgAAxNc26mF93rcOxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJlTElZIWJEKxp_YLCACw9gsIAMCmbgAAbwJwIdeAptPhc93rRXeN3y86glYMBqszoOVmM9zNDgAAAODu____H09Nsy7m113rUA_kZovhymFZODaOmc1hWk48m5VnMtzMLMaVxzWYbC_IQ4qyqdzlsc-imSaDgnJ6eswug6joelvsDqfZc78JW4xWk8lmOZwtF5PBcDQcjfY3EIPBACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYWC5mRlXpuVaOdh41qLhyLRWOFyLtWy2W21GJpdv41i5Ra-P6bnaLQYzkxUP5mN4-GsXLgoGVO1FcJFO1H6L0-yyO0xPv93zWOuedpPf93HZTZeH2SKWaE4W6UR22fdmi-HKYVk4No6ZzWFaTjyblWcy3MwsxpXHNZjsC8vNzLgyLdfKwcazFg1HprXC4VqsZbPdajMyuXwbx8oten1Mz9VuMZiZ_I3ZajBZ7naT1b4xWw0my91ustp3eHxHa8kY8fiUD9-tOrE5DAqXweL9SUyLaXd28Px-R6dO_VIWdUbh5Xv0GhSeg8c0UabEOmtfJiwmrwrHwaCIJYLTRToRvYyni1gieVqkE5Vn5fGYJhPHcrnwGIaLjcu2stgsFptrOJisRruJWKI0XaQTve5pN_l9n7fub_l6Tg_T02_3vFV3k8vyVphOD4_XLXf5zs63yOn5-G0vy8vkVjvMvoflZVH_8SGGq7lksZkrVqu5YrZcJQAAAAAAAACAJcyZNwEAAAA4DWQ0Wk1WywWAMCbXBQYBAAAAAADYtcOCth_VhJ0_5mi_xWl22R2mp9_ueax1T7vJ7_u47KbLw2xlAAjjcObNnglirVbLGgAAQAAbAAAggFs3bwFhVhwAAEBgHAAAAIAc!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 16:02:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame B606 43 B
183 B 346ms
98ms Image
image/gif 2600:1f18:612b:4264:35be:ace0:b22e:18d9

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7a2cCFgOYvfMMoGPFSASYvfMMoGPFSAUAAAAGBgQHG8aczGibEY21WS02w91stphMhsvhZDGZDGHDmJMZbTOisTarxWa4m60Wu8FgsdjMRqMpWDTTZFBQTk-P2WUQFV1vi93hNHvekIWm0-Fz3et1v99d97Sb_L7Px2U3XR5mu8bv9uuedpPf93nr_pav5_QwPf12z1t1N7ksb4Xp9PB43XKX7-x8i5yej9_2srxMbrXD7HtYXnYAAAAAeAAYs1qC-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMAjK1wCA4sCQv-nosltcl59BbzGIXJaD6OG6uCz_AAB4eAABABDAIAEY2G0pAXDBHT4BAAAAAAAAAGD5____jwHYYxuTGfBfb-gBePABeCAqIC1iBAAAAJBbvZl6NKkTKosqAACCdCuAKwCAAMAetPHQMAAAgAAxNc26mF93rcOxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJlTElZIWJEKxp_YLCACw9gsIAMCmbgAAbwJwIdeAptPhc93rRXeN3y86glYMBqszoOVmM9zNDgAAAODu____H09Nsy7m113rUA_kZovhymFZODaOmc1hWk48m5VnMtzMLMaVxzWYbC_IQ4qyqdzlsc-imSaDgnJ6eswug6joelvsDqfZc78JW4xWk8lmOZwtF5PBcDQcjfY3EIPBACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYWC5mRlXpuVaOdh41qLhyLRWOFyLtWy2W21GJpdv41i5Ra-P6bnaLQYzkxUP5mN4-GsXLgoGVO1FcJFO1H6L0-yyO0xPv93zWOuedpPf93HZTZeH2SKWaE4W6UR22fdmi-HKYVk4No6ZzWFaTjyblWcy3MwsxpXHNZjsC8vNzLgyLdfKwcazFg1HprXC4VqsZbPdajMyuXwbx8oten1Mz9VuMZiZ_I3ZajBZ7naT1b4xWw0my91ustp3eHxHa8kY8fiUD9-tOrE5DAqXweL9SUyLaXd28Px-R6dO_VIWdUbh5Xv0GhSeg8c0UabEOmtfJiwmrwrHwaCIJYLTRToRvYyni1gieVqkE5Vn5fGYJhPHcrnwGIaLjcu2stgsFptrOJisRruJWKI0XaQTve5pN_l9n7fub_l6Tg_T02_3vFV3k8vyVphOD4_XLXf5zs63yOn5-G0vy8vkVjvMvoflZVH_8SGGq7lksZkrVqu5YrZcJQAAAAAAAACAJcyZNwEAAAA4DWQ0Wk1WywWAMCbXBQYBAAAAAADYtcOCth_VhJ0_5mi_xWl22R2mp9_ueax1T7vJ7_u47KbLw2xlAAjjcObNnglirVbLGgAAQAAbAAAggFs3bwFhVhwAAEBgHAAAAIAc!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:35be:ace0:b22e:18d9 -, , ASN (),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:08 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame B606
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e60f96b7-bf30-11ec-a6fe-14e583300106&orig=video&us_privacy=1---gdpr=1&

0
98 B

16ms
14ms

Script
text/plain

141.226.228.48

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e60f96b7-bf30-11ec-a6fe-14e583300106&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7a2cCFgOYvfMMoGPFSASYvfMMoGPFSAUAAAAGBgQHG8aczGibEY21WS02w91stphMhsvhZDGZDGHDmJMZbTOisTarxWa4m60Wu8FgsdjMRqMpWDTTZFBQTk-P2WUQFV1vi93hNHvekIWm0-Fz3et1v99d97Sb_L7Px2U3XR5mu8bv9uuedpPf93nr_pav5_QwPf12z1t1N7ksb4Xp9PB43XKX7-x8i5yej9_2srxMbrXD7HtYXnYAAAAAeAAYs1qC-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMAjK1wCA4sCQv-nosltcl59BbzGIXJaD6OG6uCz_AAB4eAABABDAIAEY2G0pAXDBHT4BAAAAAAAAAGD5____jwHYYxuTGfBfb-gBePABeCAqIC1iBAAAAJBbvZl6NKkTKosqAACCdCuAKwCAAMAetPHQMAAAgAAxNc26mF93rcOxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJlTElZIWJEKxp_YLCACw9gsIAMCmbgAAbwJwIdeAptPhc93rRXeN3y86glYMBqszoOVmM9zNDgAAAODu____H09Nsy7m113rUA_kZovhymFZODaOmc1hWk48m5VnMtzMLMaVxzWYbC_IQ4qyqdzlsc-imSaDgnJ6eswug6joelvsDqfZc78JW4xWk8lmOZwtF5PBcDQcjfY3EIPBACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYWC5mRlXpuVaOdh41qLhyLRWOFyLtWy2W21GJpdv41i5Ra-P6bnaLQYzkxUP5mN4-GsXLgoGVO1FcJFO1H6L0-yyO0xPv93zWOuedpPf93HZTZeH2SKWaE4W6UR22fdmi-HKYVk4No6ZzWFaTjyblWcy3MwsxpXHNZjsC8vNzLgyLdfKwcazFg1HprXC4VqsZbPdajMyuXwbx8oten1Mz9VuMZiZ_I3ZajBZ7naT1b4xWw0my91ustp3eHxHa8kY8fiUD9-tOrE5DAqXweL9SUyLaXd28Px-R6dO_VIWdUbh5Xv0GhSeg8c0UabEOmtfJiwmrwrHwaCIJYLTRToRvYyni1gieVqkE5Vn5fGYJhPHcrnwGIaLjcu2stgsFptrOJisRruJWKI0XaQTve5pN_l9n7fub_l6Tg_T02_3vFV3k8vyVphOD4_XLXf5zs63yOn5-G0vy8vkVjvMvoflZVH_8SGGq7lksZkrVqu5YrZcJQAAAAAAAACAJcyZNwEAAAA4DWQ0Wk1WywWAMCbXBQYBAAAAAADYtcOCth_VhJ0_5mi_xWl22R2mp9_ueax1T7vJ7_u47KbLw2xlAAjjcObNnglirVbLGgAAQAAbAAAggFs3bwFhVhwAAEBgHAAAAIAc!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:08 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13667

Redirect headers

Date: Mon, 18 Apr 2022 16:02:08 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e60f96b7-bf30-11ec-a6fe-14e583300106&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 121
Connection: keep-alive
Content-Length: 0

GET
H2 200 / Show response
pips.taboola.com/ 4 B
127 B 25ms
6ms XHR
text/plain 151.101.193.44

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 -, , ASN (),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:08 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-hhn4021-HHN
access-control-allow-methods: GET
access-control-allow-origin: https://www.windowscentral.com
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 282ms
86ms XHR
text/plain 141.226.224.32

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=093f8e49-90c3-48d4-aa51-66753dde7c1e-tuct95710fd
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 18 Apr 2022 16:02:08 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame D5DC 337 KB
114 KB 685ms
15ms Script
application/x-javascript 2001:4de0:ac19::1:b:1a

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.8.8/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b27976767ef837d2f3c0e8d3c43e2821034cf59b38ea798ec8628f9144ee835

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 16:02:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 15:20:32 GMT
ETag: "1649863232"
X-HW: 1650297728.dop119.am5.t,1650297728.cds113.am5.shn,1650297728.cds113.am5.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 116268

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame D5DC 25 KB
25 KB 64ms
18ms XHR
application/octet-stream 2001:4de0:ac19::1:b:1a

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1650297728828
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 16:02:08 GMT
Last-Modified: Wed, 13 Apr 2022 15:20:32 GMT
ETag: "1649863232"
X-HW: 1650297728.dop125.am5.t,1650297728.cds202.am5.shn,1650297728.dop125.am5.t,1650297728.cds215.am5.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.windowscentral.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET
H/1.1

200
OK

bridge
cm.adgrx.com/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=d14fe0c8eb42d26113dca4c4d013a7&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l289f_7087974774718203543
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZDE0ZmUwYzhlYjQyZDI2MTEzZGNhNGM0ZDAxM2E3&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEFNiD15A5mmZvMKCfdkRORg&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=d5702c25-577c-4efd-963c-4bee40daafbe
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AADlJE7EuxcAAB-M1Q7G7w&gdpr=0
https://pr-bh.ybp.yahoo.com/sync/stickyads/d14fe0c8eb42d26113dca4c4d013a7?gdpr=0&gdpr_consent=&gdpr=0
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-HpsZrlRE2oNQe9KIKQBRKT_ODShtKPRyb1kTIbWU~A
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=5aydHb4P1NGtPj5
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE

43 B
408 B

454ms
25ms

Image
image/gif

173.231.181.122

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
Protocol: HTTP/1.1
Server: 173.231.181.122 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 16:02:10 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-3
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 16:02:09 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1650297729789066-572
Expires: Mon, 18 Apr 2022 16:02:09 GMT

GET
H2 200 wc-logo-color.svg
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 5 KB
2 KB 24ms
24ms Image
image/svg+xml 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577c6dfe3ebcb5435b28de78f9112774f8910e67e889aad87895daf6cd1a9f44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 15:02:30 GMT
server: cloudflare
age: 1837140
etag: W/"62349f06-121f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 6fde9f856c919225-FRA
expires: Thu, 28 Apr 2022 09:43:07 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame D5DC 301 B
861 B 22ms
15ms XHR
text/xml 104.79.89.79

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=15886015&loc=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&gdpr=1&gdpr_consent=
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.89.79 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: c06ef681cf2741da51a723919e2b18e813670541aa9ad45a72782231099b8945

Request headers

Accept: application/xml, text/xml
Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 16:02:08 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.windowscentral.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1650297728832043-508
Expires: Mon, 18 Apr 2022 16:02:08 GMT

GET
H/1.1 200
OK swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame D5DC 67 B
0 145ms
138ms XHR
application/xml 104.79.89.79

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=15886015&_fw_gdpr=1&_fw_us_privacy=1---&schain=1.0%2C1!taboola.com%2C1099492%2C1%2C-360034195&vav=097183faac221f0e6c0cc6be06ad7a94&vaviv=573a818cbee5cd305d836d561e3493fd&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.4.4&focus=true&percentViewable=100&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&playerSize=510x286&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.89.79 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: application/xml, text/xml
Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 16:02:09 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.windowscentral.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1650297728788063-504
Expires: Mon, 18 Apr 2022 16:02:09 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=1&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDE0ZmUwYzhlYjQyZDI2MTEzZGNhNGM0ZDAxM2E3&gdpr=1&gdpr_consent=

170 B
188 B

44ms
43ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDE0ZmUwYzhlYjQyZDI2MTEzZGNhNGM0ZDAxM2E3&gdpr=1&gdpr_consent=

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 16:02:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 16:02:08 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDE0ZmUwYzhlYjQyZDI2MTEzZGNhNGM0ZDAxM2E3&gdpr=1&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1650297728912005-506
Expires: Mon, 18 Apr 2022 16:02:08 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=1&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=d14fe0c8eb42d26113dca4c4d013a7&ex=freewheel.tv&gdpr=1&gdpr_consent=

43 B
556 B

394ms
100ms

Image
image/gif

209.54.177.54

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=d14fe0c8eb42d26113dca4c4d013a7&ex=freewheel.tv&gdpr=1&gdpr_consent=

Protocol

HTTP/1.1

Server

209.54.177.54 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 16:02:09 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: E5ZF6MF02JVTC4G1APD8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 16:02:08 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=d14fe0c8eb42d26113dca4c4d013a7&ex=freewheel.tv&gdpr=1&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1650297728753096-543
Expires: Mon, 18 Apr 2022 16:02:08 GMT

GET
H2 200 wc-logo-color.svg
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 5 KB
2 KB 22ms
22ms Image
image/svg+xml 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577c6dfe3ebcb5435b28de78f9112774f8910e67e889aad87895daf6cd1a9f44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 15:02:30 GMT
server: cloudflare
age: 1837140
etag: W/"62349f06-121f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 6fde9f85cd2d9225-FRA
expires: Thu, 28 Apr 2022 09:43:07 GMT

GET
H2 200 wc-logo-color.svg
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 5 KB
2 KB 24ms
24ms Image
image/svg+xml 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577c6dfe3ebcb5435b28de78f9112774f8910e67e889aad87895daf6cd1a9f44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 15:02:30 GMT
server: cloudflare
age: 1837141
etag: W/"62349f06-121f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 6fde9f863dc29225-FRA
expires: Thu, 28 Apr 2022 09:43:07 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 5 KB
3 KB 194ms
194ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=510&height=286&pubid=169497&tagid=953497&crid=6510155&noaop=5&sortOrderType=0&cb=1650297731654&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1388&pt=1599192701&tz=0&viewable=true&ddast=V7a2cCFgOYvfMMoGPFSASYvfMMoGPFSAUAAAAGBgQHG8aczGibEY21WS02w91stphMhsvhZDGZDGHDmJMZbTOisTarxWa4m60Wu8FgsdjMRqMpWDTTZFBQTk-P2WUQFV1vi93hNHvekIWm0-Fz3et1v99d97Sb_L7Px2U3XR5mu8bv9uuedpPf93nr_pav5_QwPf12z1t1N7ksb4Xp9PB43XKX7-x8i5yej9_2srxMbrXD7HtYXnYAAAAAeAAYs1qC-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMAjK1wCA4sCQv-nosltcl59BbzGIXJaD6OG6uCz_AAB4eAABABDAIAEY2G0pAXDBHT4BAAAAAAAAAGD5____jwHYYxuTGfBfb-gBePABeCAqIC1iBAAAAJBbvZl6NKkTKosqAACCdCuAKwCAAMAetPHQMAAAgAAxNc26mF93rcOxBXpY_H6zw67xu10GAAAAAAAAAGD2f_aPJlTElZIWJEKxp_YLCACw9gsIAMCmbgAAbwJwIdeAptPhc93rRXeN3y86glYMBqszoOVmM9zNDgAAAODu____H09Nsy7m113rUA_kZovhymFZODaOmc1hWk48m5VnMtzMLMaVxzWYbC_IQ4qyqdzlsc-imSaDgnJ6eswug6joelvsDqfZc78JW4xWk8lmOZwtF5PBcDQcjfY3EIPBACdisFxOJovJbjVajTbD3Wg2WKBADCZI0aLBZDUaTRaT4Wo0Wc2Wi91ugxStWs1Gm8FwNZvMdrvVcDBcjkY4YYvRajLZLIez5WIyGI6Go9EQYWC5mRlXpuVaOdh41qLhyLRWOFyLtWy2W21GJpdv41i5Ra-P6bnaLQYzkxUP5mN4-GsXLgoGVO1FcJFO1H6L0-yyO0xPv93zWOuedpPf93HZTZeH2SKWaE4W6UR22fdmi-HKYVk4No6ZzWFaTjyblWcy3MwsxpXHNZjsC8vNzLgyLdfKwcazFg1HprXC4VqsZbPdajMyuXwbx8oten1Mz9VuMZiZ_I3ZajBZ7naT1b4xWw0my91ustp3eHxHa8kY8fiUD9-tOrE5DAqXweL9SUyLaXd28Px-R6dO_VIWdUbh5Xv0GhSeg8c0UabEOmtfJiwmrwrHwaCIJYLTRToRvYyni1gieVqkE5Vn5fGYJhPHcrnwGIaLjcu2stgsFptrOJisRruJWKI0XaQTve5pN_l9n7fub_l6Tg_T02_3vFV3k8vyVphOD4_XLXf5zs63yOn5-G0vy8vkVjvMvoflZVH_8SGGq7lksZkrVqu5YrZcJQAAAAAAAACAJcyZNwEAAAA4DWQ0Wk1WywWAMCbXBQYBAAAAAADYtcOCth_VhJ0_5mi_xWl22R2mp9_ueax1T7vJ7_u47KbLw2xlAAjjcObNnglirVbLGgAAQAAbAAAggFs3bwFhVhwAAEBgHAAAAIAc!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=10&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3061955&dpubid=244525&abtst=adh5c-1_vA!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mdag_vA!pblc_vE!spa2_vB!t45!t45!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.windowscentral.com&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.8.8/OvaMediaPlayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f2873939f5091bde07beef62aaad75964e4e2182ad3794b24bd1203fd5660fc6

Request headers

Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type: text/plain

Response headers

date: Mon, 18 Apr 2022 16:02:11 GMT
content-encoding: gzip
access-control-allow-origin: https://www.windowscentral.com
machineid: 1402
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4072-HHN
pragma: no-cache
server: nginx
x-timer: S1650297732.658589,VS0,VE188
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://ads.stickyadstv.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 15886015 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 15ms
15ms XHR
application/xml 104.79.89.79

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/15886015?_fw_gdpr=1&schain=1.0,1!taboola.com,1099492,1,-360034164&_fw_us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.8.8/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.89.79 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 6d8dc4fe3ce73c45765fb8609bd89e728f7cc44482ccb37505a631ca72ca8bfb

Request headers

Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 16:02:11 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.windowscentral.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1176
x-sticky-vk: 1650297731847012-548
Expires: Mon, 18 Apr 2022 16:02:11 GMT

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 7871 337 KB
114 KB 15ms
15ms Script
application/x-javascript 2001:4de0:ac19::1:b:1a

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.8.8/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b27976767ef837d2f3c0e8d3c43e2821034cf59b38ea798ec8628f9144ee835

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 16:02:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 15:20:32 GMT
ETag: "1649863232"
X-HW: 1650297728.dop119.am5.t,1650297731.cds113.am5.shn,1650297731.cds113.am5.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 116268

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 7871 25 KB
25 KB 17ms
17ms XHR
application/octet-stream 2001:4de0:ac19::1:b:1a

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1650297731927
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 16:02:11 GMT
Last-Modified: Wed, 13 Apr 2022 15:20:32 GMT
ETag: "1649863232"
X-HW: 1650297728.dop125.am5.t,1650297728.cds202.am5.shn,1650297731.dop125.am5.t,1650297731.cds215.am5.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.windowscentral.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET auto-user-sync
ads.stickyadstv.com/ Frame 7871 0
0

GET
H/1.1

200
OK

bridge
cm.adgrx.com/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=1&gdpr_consent=

43 B
408 B

25ms
25ms

Image
image/gif

173.231.181.122

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Server: 173.231.181.122 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 16:02:11 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-3
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 16:02:11 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=1&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1650297731800068-533
Expires: Mon, 18 Apr 2022 16:02:11 GMT

GET
H2 200 wc-logo-color.svg
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 5 KB
2 KB 21ms
21ms Image
image/svg+xml 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577c6dfe3ebcb5435b28de78f9112774f8910e67e889aad87895daf6cd1a9f44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 15:02:30 GMT
server: cloudflare
age: 1837143
etag: W/"62349f06-121f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 6fde9f98baac9225-FRA
expires: Thu, 28 Apr 2022 09:43:07 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 7871 301 B
861 B 17ms
17ms XHR
text/xml 104.79.89.79

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=15886015&loc=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&gdpr=1&gdpr_consent=
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.89.79 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: c06ef681cf2741da51a723919e2b18e813670541aa9ad45a72782231099b8945

Request headers

Accept: application/xml, text/xml
Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 16:02:11 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.windowscentral.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1650297731871055-520
Expires: Mon, 18 Apr 2022 16:02:11 GMT

GET
H/1.1 200
OK swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 7871 67 B
0 116ms
116ms XHR
application/xml 104.79.89.79

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=15886015&_fw_gdpr=1&_fw_us_privacy=1---&schain=1.0%2C1!taboola.com%2C1099492%2C1%2C-360034164&vav=a2ed01577418debfd9b95b35e9973763&vaviv=3fbb2f102832a0a09d42237122ac3fe9&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.4.4&focus=true&percentViewable=100&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-workstations-under-attack-newly-discovered-malware&playerSize=510x286&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.89.79 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: application/xml, text/xml
Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 16:02:12 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.windowscentral.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1650297731815095-537
Expires: Mon, 18 Apr 2022 16:02:12 GMT

GET user-matching
ads.stickyadstv.com/ Frame 7871 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=1&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDE0ZmUwYzhlYjQyZDI2MTEzZGNhNGM0ZDAxM2E3&gdpr=1&gdpr_consent=

170 B
188 B

46ms
46ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDE0ZmUwYzhlYjQyZDI2MTEzZGNhNGM0ZDAxM2E3&gdpr=1&gdpr_consent=

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 16:02:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 16:02:11 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDE0ZmUwYzhlYjQyZDI2MTEzZGNhNGM0ZDAxM2E3&gdpr=1&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1650297731963011-558
Expires: Mon, 18 Apr 2022 16:02:11 GMT

GET user-matching
ads.stickyadstv.com/ Frame 7871 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=1&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=d14fe0c8eb42d26113dca4c4d013a7&ex=freewheel.tv&gdpr=1&gdpr_consent=

43 B
556 B

102ms
102ms

Image
image/gif

209.54.177.54

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=d14fe0c8eb42d26113dca4c4d013a7&ex=freewheel.tv&gdpr=1&gdpr_consent=

Protocol

HTTP/1.1

Server

209.54.177.54 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 16:02:12 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: Q59ZY1KP8JHYXZT9VC3Y
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 16:02:12 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=d14fe0c8eb42d26113dca4c4d013a7&ex=freewheel.tv&gdpr=1&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1650297731906087-506
Expires: Mon, 18 Apr 2022 16:02:12 GMT

GET
H2 200 wc-logo-color.svg
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 5 KB
2 KB 19ms
19ms Image
image/svg+xml 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577c6dfe3ebcb5435b28de78f9112774f8910e67e889aad87895daf6cd1a9f44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 15:02:30 GMT
server: cloudflare
age: 1837144
etag: W/"62349f06-121f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 6fde9f98fb1b9225-FRA
expires: Thu, 28 Apr 2022 09:43:07 GMT

GET
H2 200 wc-logo-color.svg
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 5 KB
2 KB 18ms
18ms Image
image/svg+xml 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577c6dfe3ebcb5435b28de78f9112774f8910e67e889aad87895daf6cd1a9f44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:02:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 15:02:30 GMT
server: cloudflare
age: 1837144
etag: W/"62349f06-121f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 6fde9f996bce9225-FRA
expires: Thu, 28 Apr 2022 09:43:07 GMT

POST
H2 200 OpportunityServlet
am-vid-events.taboola.com/ 1 B
125 B 18ms
18ms Ping
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_6_5/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.windowscentral.com
date: Mon, 18 Apr 2022 16:02:12 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=1&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=1&_fw_gdpr_consent=

Verdicts & Comments Add Verdict or Comment

226 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-20 11:55:12	Name: muc Value: cc9fa922-53a1-4b66-af91-fec7659153c9
.windowscentral.com/	1970-01-20 19:56:09	Name: _ga Value: GA1.2.549746150.1650297719
.windowscentral.com/	1970-01-20 02:26:24	Name: _gid Value: GA1.2.135335262.1650297719
.www.windowscentral.com/	1970-01-20 11:10:33	Name: usprivacy Value: 1YNN
.servebom.com/	1970-01-20 11:10:33	Name: u Value: A8629CC11FEB42B195F944F8693D613B
.windowscentral.com/	1970-01-20 02:24:57	Name: _gat Value: 1
.windowscentral.com/	1970-01-20 02:24:57	Name: _gat_global Value: 1
www.windowscentral.com/	1970-01-20 04:11:45	Name: h_id Value: A8629CC11FEB42B195F944F8693D613B
.windowscentral.com/	1970-01-20 02:24:59	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware%22%2C%22sref%22:%22https://t.co/%22%2C%22sts%22:1650297718903%2C%22slts%22:0}
.windowscentral.com/	1970-01-20 11:54:21	Name: _parsely_visitor Value: {%22id%22:%22pid=b1b8097cabe90a214b00a5d563049c32%22%2C%22session_count%22:1%2C%22last_session_ts%22:1650297718903}
www.windowscentral.com/	1970-01-20 02:24:59	Name: _tb_sess_r Value: https%3A//t.co/
www.windowscentral.com/	1970-01-20 02:24:59	Name: _tb_t_ppg Value: https%3A//www.windowscentral.com/windows-workstations-under-attack-newly-discovered-malware
.gumgum.com/	1970-01-20 11:10:33	Name: cs Value: true
.gumgum.com/	1970-01-20 03:08:09	Name: loc Value: SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdwXgciFy314eCa8DRCNeggGXhiT-f7JeZzLddO_-ZeqByeQVcyafU09Z_Dn94038kpcRXAVFOf9dw
.gumgum.com/	1970-01-20 11:10:33	Name: vst Value: e_cf31c735-4d12-4765-8e78-7a7c17270beb
uk-script.dotmetrics.net/	1970-01-20 02:35:02	Name: AWSALBCORS Value: wFCb8tZ4zb9OpkbDCjfwMJ2meZGiSfjnDYPhIoiVYzeZIIVel2PSlmwQ4vIMvqExGQPV+imFjrg5x31Q2jTDdnBzmz4Orsv2JrC/6qaz7Tz4QLQVf0EnERxCY0DA
.dotmetrics.net/	1970-01-20 11:10:33	Name: DotMetrics.DeviceKey Value: DeviceID=
.dotmetrics.net/	1970-01-20 11:10:33	Name: DotMetrics.UniqueUserIdentityCookie Value: UserID=932a1ce8-22ac-4cf5-873b-a9f11a520007&Created=04/18/2022 16:01:58&UserMode=0&guid=8a2e246b-a9c4-45c6-bd22-f1572d0f05b9&ver=1
.scorecardresearch.com/	1970-01-20 19:41:45	Name: UID Value: 10D1bd517412ff2d056d5521650297719
.cpx.to/	1970-01-20 11:10:33	Name: cpSess Value: 253b42a041083e59
.adnxs.com/	1970-01-20 04:34:33	Name: uuid2 Value: 2721421729896284876
.id5-sync.com/	1970-01-20 02:24:58	Name: cf Value:
.id5-sync.com/	1970-01-20 02:24:58	Name: cip Value:
.id5-sync.com/	1970-01-20 02:24:58	Name: cnac Value:
.id5-sync.com/	1970-01-20 02:24:58	Name: car Value:
.id5-sync.com/	1970-01-20 02:24:58	Name: gdpr Value:
.id5-sync.com/	1970-01-20 02:24:58	Name: callback Value:
.smartadserver.com/	1970-01-20 11:53:45	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 11:53:45	Name: pbw Value: %24b%3d16100%3b%24o%3d11100
.cpx.to/	1970-01-20 11:10:33	Name: dsp_app_nexus Value: 2721421729896284876#1650297719206
.adsrvr.org/	1970-01-20 11:10:33	Name: TDID Value: d5702c25-577c-4efd-963c-4bee40daafbe
.smartadserver.com/	1970-01-20 11:53:45	Name: pid Value: 2052219375308341716
.adsrvr.org/	1970-01-20 11:10:33	Name: TDCPM Value: CAEYBSABKAIyCwjaq7aB8NfQOhAFOAE.
.cpx.to/	1970-01-20 11:10:33	Name: dsp_TTD Value: d5702c25-577c-4efd-963c-4bee40daafbe#1650297719281
.doubleclick.net/	1970-01-20 11:46:33	Name: IDE Value: AHWqTUkWd54k1K8AuTmRiG3LfSWHn8gEodv1v2WAve1EHkFZHjdXuNdYxTAvnaHsfFc
.cpx.to/	1970-01-20 11:10:33	Name: dsp_dbm Value: CAESEMeFM8RWCdPmHLw6rPeESfs#1650297719364
.pubmatic.com/	1970-01-20 04:34:33	Name: KTPCACOOKIE Value: true
.pubmatic.com/	1970-01-20 04:34:33	Name: KADUSERCOOKIE Value: 68BCEDBE-EFBD-48FF-8A6D-B2ECBEA23701
.cpx.to/	1970-01-20 11:10:33	Name: dsp_pubmatic Value: 68BCEDBE-EFBD-48FF-8A6D-B2ECBEA23701#1650297721418
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://pool.grid-data.bidswitch.net/sync?pid=42 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
1f2e7.v.fwmrm.net
6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
a.teads.tv
ad-delivery.net
ads.servebom.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
api.btloader.com
audit-tcfv2.quantcast.mgr.consensu.org
bcp.crwdcntrl.net
bordeaux.futurecdn.net
btloader.com
c2.taboola.com
cdn.parsely.com
cdn.stickyadstv.com
cdn.taboola.com
cds.taboola.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
d1z2jf7jlzjs58.cloudfront.net
freyr.futurecdn.net
futureplc-com.videoplayerhub.com
g2.gumgum.com
id5-sync.com
image2.pubmatic.com
imprammp.taboola.com
js.gumgum.com
loadus.exelator.com
match.adsrvr.org
match.prod.bidr.io
ml314.com
p.cpx.to
p1.parsely.com
pips.taboola.com
pm.w55c.net
pool.grid-data.bidswitch.net
pr-bh.ybp.yahoo.com
quantcast.mgr.consensu.org
rm-script.dotmetrics.net
rules.quantcount.com
s.amazon-adsystem.com
s.cpx.to
sb.scorecardresearch.com
search-api.fie.futurecdn.net
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
sommelier.futurehybrid.tech
stats.g.doubleclick.net
sync-t1.taboola.com
sync.search.spotxchange.com
sync.smartadserver.com
t.co
taboola-supply-partners.tremorhub.com
tags.crwdcntrl.net
test.quantcast.mgr.consensu.org
token.rubiconproject.com
trc.taboola.com
uk-script.dotmetrics.net
unpkg.com
use.typekit.net
vidstat.taboola.com
wf.taboola.com
widget.perfectmarket.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.windowscentral.com
ads.stickyadstv.com
104.244.42.133
104.36.113.107
104.79.89.79
13.32.99.105
130.211.23.194
141.226.224.32
141.226.228.48
142.250.184.226
142.250.186.98
143.204.101.224
143.204.98.40
151.101.1.44
151.101.193.44
151.101.65.44
151.101.66.114
151.139.128.11
173.231.181.122
18.134.84.22
18.198.69.109
18.66.248.32
18.66.248.33
185.86.137.132
185.94.180.125
2.18.232.7
2001:4de0:ac19::1:b:1a
209.54.177.54
2600:1f18:612b:4264:35be:ace0:b22e:18d9
2600:9000:2057:6e00:d:5ce3:a4c0:93a1
2600:9000:2156:5000:6:44e3:f8c0:93a1
2600:9000:224a:4200:3:a4cd:8380:93a1
2600:9000:2315:8a00:9:46dc:4700:93a1
2606:4700:20::ac43:4513
2606:4700:20::ac43:4686
2606:4700:20::ac43:4acf
2606:4700::6810:7aaf
2606:4700::6812:551
2606:4700::6812:bc37
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c07::9b
2a02:26f0:f7::5c7b:e031
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a05:d018:d29:3605:9f4c:83a8:7085:a009
3.121.92.52
3.248.131.63
34.111.234.236
35.157.46.192
35.211.144.1
35.71.131.137
37.252.172.36
52.16.75.86
52.205.167.202
52.210.200.111
52.215.230.177
52.49.221.204
52.50.139.7
54.36.109.47
65.9.61.60
69.173.144.138
00f51b719a573dfa2938413394e4b37664f52cb517a443b422d3bb2d4b2c7586
00f7d628d0c49b1b0d512c3c56d16cc8d0ac222e7437efea750b584083c053dd
021b23d6cce7c934afbade06a6a3f058072f99930cc5f6a72038324d00686b18
067edf7df83e78af3ad8bd0b56325be772f837a5f9cb1f3c2d8a0f3d29da7f11
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd4246cc88ea9a0f90dc318e0ff3c42b4ab6da779c6557f00ca1d5d404408fa
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
0f507045398a529b76fa0de28f329699590b881503633f2cea95a87013359da6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12b6fd7add250b3e434d5a9c18270214db91b8c87ad8550eb77aff2780fdd5ff
1483ce188cdfc8c000e5e1072a4761acbb2bef65704c9828c6fddc6af5e0a3b1
14ab8336bc0b7a6ad6146a4b555799a72f9fd0391a963c2efa39157af72ff2da
1b4c22fb31bd965bc428138e49e4771d006b018b88237f9900ab3d35b2b5ad6b
1cf5396993e4b7b8e74c4bd348756f51104cc01ce20b5f7a193a45ec47574c63
1d57ec2247f33f3c0fa3c1497ef6c8d08ef730c135b1ff4ffaeb2fb8ebb535a5
1fa8156dac4ff382ceb604b37cec5bb752240a6aebcaa18c0032ee6959e3a094
25db43cdbafdfcb1e932d48d691a87835d88e898ef6817da85dba40cd3f7b2dc
26b19b50b1459f5c81dafdb46a5b5ec3930f77c1ce9f49df144351ced50f1256
26f577b08a6540a61c159561d36385de56aad1cb843da9986c726a1e0160ffbd
28183d032afee3e3f6cd4940b084a0f47e74288d5f60d91f11ab9885687b20c0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f03b278147f8f0bbfd56ebe73d183470ec71d18512c2d24bea55212bbe724e1
31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b
391da2116cb4fdb7beb2702f2217b2e2f448755129460e98e79d2a461e9cdcaf
3becb067173cdb743015978d2a1b3133b54a2f3add8250a2b84cb6781a9155bb
45b6640b10629fe0dcec64d3031726d9841d5504280f8be01f2d5ca2f31f5cdd
464b561ee00c86db1cddb80f2c9d6febbc2c1aa95f422fa73a4fb8ef7d5d5028
47574b2437bb834db5f02f5c5e4952fe1a2b6313348dd6cfbcecfaa579f704d6
47ee7c770102f566fd1b43746cb510d4beeac6838428d8e73c108ad34a942e62
488b6aaafa304972f548bd8bb8dd9b9743ca21371de420faec68943964f160bc
4cfc36761b65ef043cd4a948c54438b64dcb3e058cc4886c46a4d6c17b94bddf
4f013719f9f3fbb547b5a32a6951d353456a14b47898b5e5d50408e8ada61caa
5193e47e28655d2fc5b3dfc953deb76a214496204d95866998ddcd24f1700544
52ff2a623c77412b9c7f27ee7d24bd125b1e3dd37450c45fe373e0627824b9ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
577c6dfe3ebcb5435b28de78f9112774f8910e67e889aad87895daf6cd1a9f44
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5b9467aba0de1d1acafd0553282d7da2ba58d3544872ae622d7cf4e992c99374
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
67aca0eb9a298640df1c15671bce15fdbf4ac0b37c74a87d91312aeb702a0703
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c21173e97cdde5579f5144813a24b7e406ad2a6a483da2cd18b864a8d2ecc40
6d8dc4fe3ce73c45765fb8609bd89e728f7cc44482ccb37505a631ca72ca8bfb
6f200bcf9261646775132617515f713dadddbc35b310b94026892463adda7dd1
6f27ead86675e282e4ab4bb981cede9beab7ab1d2e849e42643654cca896c1e9
70889b8245e809fc8c9b9d543cc617aa2141fbb173aa1342badfb5b4f59be190
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac
74d4fe26abff96aadb849dea507e94f1d944bfb805ef7e410b5024dea3f6ba44
75d893335a1d25db1bf02e25ab904d97a3af743128850d8566b93d197e56e9e9
7fd77c2a1954dc2b757a6b8245a264a0422a70161f9566d997bac242f47d5bbc
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a
87a05e266719cffcabe1f5b046d7e6c0b095a2f35723e3d00b41d001b5b02ff0
8b27976767ef837d2f3c0e8d3c43e2821034cf59b38ea798ec8628f9144ee835
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e4f5f3bc3d6c472382dc6ae414a1d2558fc9fd1fe4ec4c7ae7d3adc8957d438
8f1ba51d31b2427887cf5c21231af0b907410b0e125e96646f03d3cf17c7fd4e
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9379485b510d404dc953c886c69acc421789b085804b6148d2f30be9f8ff0880
94fe2acdde59c996a475902afadf127e555e25fb6aae6f8f93914b318de3e19d
9d6e18ce277549165b933ee539b5a854350210087bfb007f95a5b4523341b8ac
9dc039d6499f245fa5df5ef87eec8135ef1afddd555566042560c89dc61b1d0a
9f8917ffc7677c77c144d331df0865a5b23e6ba823b1199f7e3c22cf8ee5612f
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
ad1cd9c9fd8f0eb0c9e41a7683654a834d6da5e3ba132f70096b7929e79eb298
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed98a9e46eb03e8f84c07f12241c32a436c87ebf56fc65d7d5ec14ae4f98bf4
b0b5da7e151ac3827a6b8f13fd19967fd4404ae45fa3eaca80adeabf35808c9b
b1371d0f926a79debf9bb4be641ae6600ad41e6b27b6cc007f9ec30257160ed0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b25590ed0eb80f9d4324448b2f2be99e6b7c73affaaed9625d1643826fe218c1
b6a805640069aed8b4844585d77756384895de297f810b2016099a7285afec3f
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c06ef681cf2741da51a723919e2b18e813670541aa9ad45a72782231099b8945
c19896ac0a9f3d1f75b8dea30ed6dee1114b31efa7b0045a30b043152be802bb
c1c9d79d4c1f7434241f585d6cda795673e9a883999631e6889c46d6e01681b1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c84a5b9e09825082ba7b583fddf8abca5efbdd05eb7beb7d9e2abdfcebda332c
c8cdfd1d7371da310ae27deaa68c776b650c6ef9bd3c439951202047d7a76495
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd058e51526b3cec4f24d62da25e068dddd98f10809f5f46cde0013c006d8607
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2f14c14f8b1cc9659e849b3db6b22410b5641152120e50e5a1292d78016016c
da03f140d305f2abdf496bdd3fad9cfed87a237cf09f6a2edcec58bc5a1f044d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd23f77e0f2633a6eb7eab764d98ab21a0ae46fe92d169262b52ffefd1dcf16c
dedf0005af46ab90d7b42e76026288fc5a2ba67ce8ffae805f22e971f358c55b
e233fa437ca8020631b91098a50cf0752b2c21e79bcaf08f088150f5a10ca0ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d30c76f6c4f12662e2a140e5900c3f0a68776ed72f22d3fd626d6b9b7218d2
e546a562c0d5844ce9045309c1c8a902dcf2add1f1618904ce967e618024551e
ec8bb84944a8a74ec3871ec6b07796680c6e78ddf663467fca8a56a7cafc4bb9
f2873939f5091bde07beef62aaad75964e4e2182ad3794b24bd1203fd5660fc6
f42e1cd6c29e600d1e67f3a4a315f29d13875e15ec3c6413eb9b4ec76929b528
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f851b17761d140f156750a1e1b239f75be8b2009887a3f89a0af2871e41405b9
fab2e6b042ec3920ace988314188075cf130ec5c8f9892bc8cddf94ac4ed7294
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

www.windowscentral.com Open in urlscan Pro 2606:4700::6812:bc37 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

161 Requests

87 %HTTPS

35 %IPv6

49 Domains

74 Subdomains

56 IPs

5 Countries

2188 kBTransfer

8649 kBSize

40 Cookies

34 Outgoing links

Page URL History

Redirected requests

161 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.windowscentral.com Open in urlscan Pro
2606:4700::6812:bc37 Public Scan

Screenshot
Live screenshot

Full Image

161
Requests

87 %
HTTPS

35 %
IPv6

49
Domains

74
Subdomains

56
IPs

5
Countries

2188 kB
Transfer

8649 kB
Size

40
Cookies

161 HTTP transactions
0 data transactions