www.windowscentral.com Open in urlscan Pro
2606:4700::6812:bc37 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Submission: On September 07 via api (September 7th 2021, 5:22:26 am UTC) from GB

Summary HTTP 170 Redirects Links 48 Behaviour Indicators

Summary

This website contacted 46 IPs in 7 countries across 39 domains to perform 170 HTTP transactions. The main IP is 2606:4700::6812:bc37, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.windowscentral.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 5th 2021. Valid for: a year.

This is the only time www.windowscentral.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	2606:4700::68... 2606:4700::6812:bc37	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
29	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
2	2600:9000:218... 2600:9000:2182:3200:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.226.155.79 13.226.155.79	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:303... 2606:4700:3039::6815:c076	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:78b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	52.210.129.48 52.210.129.48	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.92.94 18.66.92.94	16509 (AMAZON-02) (AMAZON-02)
2	91.228.74.134 91.228.74.134	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	34.247.104.176 34.247.104.176	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.112.8 18.66.112.8	16509 (AMAZON-02) (AMAZON-02)
1	13.226.155.92 13.226.155.92	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	18.203.163.22 18.203.163.22	16509 (AMAZON-02) (AMAZON-02)
2	151.101.13.181 151.101.13.181	54113 (FASTLY) (FASTLY)
3	151.101.194.114 151.101.194.114	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
1	34.194.161.83 34.194.161.83	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:223... 2600:9000:223c:7800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3 7	13.32.121.72 13.32.121.72	16509 (AMAZON-02) (AMAZON-02)
3 7	52.209.129.133 52.209.129.133	16509 (AMAZON-02) (AMAZON-02)
1	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1 3	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2 2	63.32.159.255 63.32.159.255	16509 (AMAZON-02) (AMAZON-02)
4 4	54.36.109.46 54.36.109.46	16276 (OVH) (OVH)
1 1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (TURN) (TURN)
2	34.251.173.19 34.251.173.19	16509 (AMAZON-02) (AMAZON-02)
1	13.226.155.99 13.226.155.99	16509 (AMAZON-02) (AMAZON-02)
1	52.19.214.88 52.19.214.88	16509 (AMAZON-02) (AMAZON-02)
1	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
4 7	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
170	46

21 2606:4700::6812:bc37 (United States)

ASN13335 (CLOUDFLARENET, US)

www.windowscentral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

bordeaux.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.servebom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2182:3200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-79.dus51.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c076 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

futureplc-com.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.129.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-129-48.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.92.94 (United States)

ASN16509 (AMAZON-02, US)

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.134 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.104.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.8 (United States)

ASN16509 (AMAZON-02, US)

js.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-92.dus51.r.cloudfront.net

uk-script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.163.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-163-22.eu-west-1.compute.amazonaws.com

sommelier.futurehybrid.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.194.114 (United States)

ASN54113 (FASTLY, US)

search-api.fie.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223c:7800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.32.121.72 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.209.129.133 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.74.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.159.255 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-159-255.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.36.109.46 (Sheridan, United States) 4 redirects

ASN16276 (OVH, FR)
PTR: p01.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.173.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-173-19.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-99.dus51.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.214.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-214-88.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c094ed766426ca937c17df73db7df9f7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	taboola.com cdn.taboola.com c2.taboola.com trc.taboola.com il-trc-events.taboola.com images.taboola.com	436 KB
22	googlesyndication.com c094ed766426ca937c17df73db7df9f7.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	161 KB
21	windowscentral.com www.windowscentral.com	274 KB
20	ampproject.org cdn.ampproject.org	405 KB
19	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net	180 KB
9	google.com 4 redirects adservice.google.com www.google.com	932 B
8	crwdcntrl.net 3 redirects tags.crwdcntrl.net bcp.crwdcntrl.net sync.crwdcntrl.net	15 KB
7	scorecardresearch.com 3 redirects sb.scorecardresearch.com	5 KB
4	id5-sync.com 4 redirects id5-sync.com	6 KB
4	google-analytics.com www.google-analytics.com	1 KB
4	futurecdn.net bordeaux.futurecdn.net search-api.fie.futurecdn.net	236 KB
3	quantcount.com rules.quantcount.com	1 KB
3	gumgum.com js.gumgum.com g2.gumgum.com	38 KB
3	typekit.net use.typekit.net	79 KB
2	servebom.com ads.servebom.com	360 B
2	adsafeprotected.com cdn.adsafeprotected.com pixel.adsafeprotected.com	8 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	615 B
2	parsely.com cdn.parsely.com p1.parsely.com	18 KB
2	google.dk adservice.google.dk	1018 B
2	perfectmarket.com widget.perfectmarket.com	33 KB
2	quantserve.com secure.quantserve.com	18 KB
2	facebook.net connect.facebook.net	69 KB
2	consensu.org quantcast.mgr.consensu.org	73 KB
2	facebook.com www.facebook.com	248 B
1	turn.com 1 redirects d.turn.com	444 B
1	bluekai.com 1 redirects tags.bluekai.com	295 B
1	mathtag.com 1 redirects sync.mathtag.com	601 B
1	adsrvr.org match.adsrvr.org	265 B
1	futurehybrid.tech sommelier.futurehybrid.tech	1 KB
1	dotmetrics.net uk-script.dotmetrics.net	3 KB
1	unpkg.com unpkg.com	2 KB
1	ml314.com ml314.com	13 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	1 KB
1	cpx.to p.cpx.to	3 KB
1	btloader.com btloader.com	6 KB
1	videoplayerhub.com 1 redirects futureplc-com.videoplayerhub.com	541 B
0	tapad.com Failed pixel.tapad.com Failed
170	39

	Domain	Requested by
21	www.windowscentral.com	www.windowscentral.com
20	cdn.ampproject.org	securepubads.g.doubleclick.net
16	tpc.googlesyndication.com	www.windowscentral.com securepubads.g.doubleclick.net tpc.googlesyndication.com
16	images.taboola.com	www.windowscentral.com
10	securepubads.g.doubleclick.net	www.windowscentral.com securepubads.g.doubleclick.net bordeaux.futurecdn.net
9	cdn.taboola.com	www.windowscentral.com cdn.taboola.com
7	www.google.com	4 redirects www.windowscentral.com tpc.googlesyndication.com
7	sb.scorecardresearch.com	3 redirects widget.perfectmarket.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	googleads.g.doubleclick.net	www.windowscentral.com
4	id5-sync.com	4 redirects
4	sync.crwdcntrl.net	1 redirects bcp.crwdcntrl.net
4	www.google-analytics.com	www.windowscentral.com
3	trc.taboola.com	cdn.taboola.com
3	cm.g.doubleclick.net	1 redirects bcp.crwdcntrl.net
3	bcp.crwdcntrl.net	2 redirects tags.crwdcntrl.net
3	rules.quantcount.com	secure.quantserve.com
3	search-api.fie.futurecdn.net	www.windowscentral.com search-api.fie.futurecdn.net
3	use.typekit.net	www.windowscentral.com
2	ads.servebom.com	bordeaux.futurecdn.net
2	g2.gumgum.com	js.gumgum.com
2	dpm.demdex.net	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.dk	securepubads.g.doubleclick.net
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	stats.g.doubleclick.net	www.windowscentral.com
2	secure.quantserve.com	www.windowscentral.com
2	connect.facebook.net	www.windowscentral.com connect.facebook.net
2	quantcast.mgr.consensu.org	www.windowscentral.com quantcast.mgr.consensu.org
2	www.facebook.com	www.windowscentral.com
1	c094ed766426ca937c17df73db7df9f7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	il-trc-events.taboola.com
1	pixel.adsafeprotected.com	cdn.adsafeprotected.com
1	cdn.adsafeprotected.com	bordeaux.futurecdn.net
1	d.turn.com	1 redirects
1	tags.bluekai.com	1 redirects
1	sync.mathtag.com	1 redirects
1	match.adsrvr.org	bcp.crwdcntrl.net
1	p1.parsely.com	www.windowscentral.com
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	sommelier.futurehybrid.tech	bordeaux.futurecdn.net
1	uk-script.dotmetrics.net	www.windowscentral.com
1	js.gumgum.com	www.windowscentral.com
1	unpkg.com	www.windowscentral.com
1	ml314.com	www.windowscentral.com
1	www.googletagmanager.com	www.windowscentral.com
1	d1z2jf7jlzjs58.cloudfront.net	www.windowscentral.com
1	p.cpx.to	www.windowscentral.com
1	c2.taboola.com	www.windowscentral.com
1	btloader.com	www.windowscentral.com
1	futureplc-com.videoplayerhub.com	1 redirects
1	tags.crwdcntrl.net	www.windowscentral.com
1	bordeaux.futurecdn.net	www.windowscentral.com
0	pixel.tapad.com Failed
170	55

This site contains links to these domains. Also see Links.

Domain
forums.windowscentral.com
www.thrifter.com
www.androidcentral.com
www.anomali.com
www.bleepingcomputer.com
www.esentire.com
popup.taboola.com
om.forgeofempires.com
trc.taboola.com
www.pricerunner.dk
info.expertmarket.com
info.hearclear.com
tmbvt.com
umtij.com
www.voordeelnieuwtje.net
www.mobilenations.com
www.futureplc.com
www.imore.com
crackberry.com
thrifter.com
www.technobuffalo.com
youtube.com
passport.mobilenations.com
www.twitter.com
www.facebook.com
www.youtube.com
instagram.com
yourfuturejob.futureplc.com

Subject Issuer	Validity	Valid
windowscentral.com Cloudflare Inc ECC CA-3	`2021-06-05` - `2022-06-04`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
bordeaux.futurecdn.net R3	`2021-07-14` - `2021-10-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-05` - `2022-09-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2021-02-02` - `2022-02-02`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
*.gumgum.com Amazon	`2020-11-14` - `2021-12-13`	a year	crt.sh
*.dotmetrics.net Amazon	`2020-11-23` - `2021-12-22`	a year	crt.sh
sommelier.futurehybrid.tech R3	`2021-08-13` - `2021-11-11`	3 months	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
hawk.techradar.com R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
*.google.dk GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.adsafeprotected.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
ads.servebom.com R3	`2021-07-11` - `2021-10-09`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Frame ID: D59A4F3564AA11B348E28644C589D08E
Requests: 111 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=12464/rand=957838635/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr
Frame ID: F1468EBE8CB3B14F697874FF82CBE35E
Requests: 7 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: C133F5F6050DE297084B4C4954EE90ED
Requests: 2 HTTP requests in this frame

Frame: https://c094ed766426ca937c17df73db7df9f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 21732CB0C568A8938BCA4F4D39A5266A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs
Frame ID: 8C00673A4D6B683853531121B63447B8
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs
Frame ID: BC7A947B57EFDC70E804E55EA0EFE2F9
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs
Frame ID: EB33F51953F306D040697DC6202A8EB9
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs
Frame ID: EC5D9EB188CEBCC6970AE7F797ED70B7
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: D3B78E09ED7C7E617EA5BB2F25D04014
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 972783484DDFEC3F422F36DD6766C75F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

'Windows 11 Alpha' malware attack tried to trick people out of financial data | Windows Central

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

170
Requests

99 %
HTTPS

46 %
IPv6

39
Domains

55
Subdomains

46
IPs

7
Countries

2114 kB
Transfer

6266 kB
Size

10
Cookies

48 Outgoing links

These are links going to different origins than the main page.

URL: https://forums.windowscentral.com/?utm_source=wc&utm_medium=navbar&utm_campaign=navigation
Title: Forums

Search URL Search Domain Scan URL

URL: https://www.thrifter.com//?utm_source=wc&utm_medium=navbar&utm_campaign=navigation
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.androidcentral.com/best-vpn?utm_source=wp&utm_medium=topicblock&utm_campaign=navigation
Title: Best VPN

Search URL Search Domain Scan URL

URL: https://www.anomali.com/blog/cybercrime-group-fin7-using-windows-11-alpha-themed-docs-to-drop-javascript-backdoor
Title: discovered the attack

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/watch-out-for-new-malware-campaign-s-windows-11-alpha-attachment/
Title: Bleeping Computer

Search URL Search Domain Scan URL

URL: https://www.androidcentral.com/best-vpn-deals
Title: VPN Deals: Lifetime license for $16, monthly plans at $1 & more

Search URL Search Domain Scan URL

URL: https://www.esentire.com/security-advisories/notorious-cybercrime-gang-fin7-lands-malware-in-law-firm-using-fake-legal-complaint-against-jack-daniels-owner-brown-forman-inc
Title: eSentire

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=mobilenations1-windowcentral&utm_medium=referral&utm_content=thumbnails-d:Below%20article%204x2:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://om.forgeofempires.com/foe/dk/?ref=tab_dk_dk_build&&external_param=144427865&pid=mobilenations1-windowcentral&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fc47701d555fd706bf758fdfd01d2e9e5.jpg&tblci=GiBMn18mEByOrgNVM0d6eEq0ncjFoe27t5hBOtzmQYd94yDJqD8ohYvlvuWgusy6AQ#build
Title: Forge Of Empires

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/mobilenations1-windowcentral/log/3/click?pi=%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data&ri=0f3ec845a14926b5b8fcc178723a5aa1&sd=v2_66190014733a20fb77fe4c74cc27b69d_f22992e5-d77d-46dd-9097-35c4f8e52498-tuct8307c85_1630992133_1630992133_CNawjgYQ5I1DGLfa0_W7LyABKAEwOjj5twhAoIoQSImC2QNQxtkMWABgAGj9wYbU7pDul8cBcAA&ui=f22992e5-d77d-46dd-9097-35c4f8e52498-tuct8307c85&it=text&ii=~~V1~~-5693237860655747436~~yf_uSHuKqGa-adP8eJetYUkFOa6BCwmZvTa3VADio6Y9ZEj1nSOh25J82sTDXEn1oWs157JoiAAXIKi9-eLaKG3GM7Q_aWDX9O8A-oTuarjB3pAXD2426g4yuaugyXYaN63gxaKde9rsWPArupdiqoHFWyzxmRytqLXgJhYSyWBfLp_zoFvv2LP_DHf1scDyfNxLVoGDn7Y9z-3GaLAdlA6ra5VsSIF_Rk8iJ2lkg4gCw9Gaw9ex_TS_ST3h31y5WzV-pEzQxc5A-MICQRwgu46zhr_uog6GC70OqLAd6RE&pt=text&li=rbox-t2m&sig=85bd956a811533f2a4d797e596395175057efcc97ced&redir=https%3A%2F%2Fom.forgeofempires.com%2Ffoe%2Fdk%2F%3Fref%3Dtab_dk_dk_build%26%26external_param%3D144427865%26pid%3Dmobilenations1-windowcentral%26bid%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252Fc47701d555fd706bf758fdfd01d2e9e5.jpg%26tblci%3DGiBMn18mEByOrgNVM0d6eEq0ncjFoe27t5hBOtzmQYd94yDJqD8ohYvlvuWgusy6AQ%23build&vi=1630992133431&p=innogamesforgeofempiressc&r=5&lti=dup_place_2_ctrl&ppb=CI8G&cpb=EhMyMDIxMDgzMS0yOC1SRUxFQVNFGMuOHiCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh3YXRlcjA4NjiAqJiTBUD5twhIoIoQUImC2QNYxtkMYwjXFhDVHxgjZGMIyyAQpywYJGRjCNIDEOAGGAhkYwiWFBCZHBgYZGMI2SEQ5y0YCmRjCPQUEJ4dGB9keAGAAQKIAemEk8MB&cta=true
Title: Spil nu

Search URL Search Domain Scan URL

URL: https://www.pricerunner.dk/bo/lk-fuga-usb-lader-energieffektiv-praktisk-og-flot-design?ref-site=sponsored&ref-ad=taboola&utm_medium=banner&utm_campaign=sponsored&utm_source=taboola
Title: PriceRunner

Search URL Search Domain Scan URL

URL: https://info.expertmarket.com/securitysystemer?utm_campaign=5060545&utm_content=2979055262&cid=5a03321741213&utm_source=taboola&utm_medium=cpc&campaign=SEC-DK-EM-June-D&platform=Desktop&utm_term=Sj%C3%A6lland%3A+Mange+danskere+har+opdaget+dette+trick+til+beskyttelse+af+deres&content=https%3A%2F%2Fconsole.brax-cdn.com%2Fcreatives%2F44dd7285-cd6a-4a0f-9085-8137587509a3%2FSEC_cursed_hugo_1000x600_a0edeaea2261028a8a5cd8570dbbaaa8.png&network=mobilenations1-windowcentral&title=Sj%C3%A6lland%3A+Mange+danskere+har+opdaget+dette+trick+til+beskyttelse+af+deres&click-id=GiBMn18mEByOrgNVM0d6eEq0ncjFoe27t5hBOtzmQYd94yCGmj8omuaIqumZmrq0AQ#tblciGiBMn18mEByOrgNVM0d6eEq0ncjFoe27t5hBOtzmQYd94yCGmj8omuaIqumZmrq0AQ
Title: Expert Market

Search URL Search Domain Scan URL

URL: https://info.hearclear.com/mikrohoreapparater-Danmark?utm_campaign=3739960&utm_content=3005492608&cid=5b112ae693095&utm_source=taboola&utm_medium=cpc&campaign=HA-DK-HC-Jan20-D&platform=Desktop&utm_term=Danske+seniorer%3A+Glem+alt+om+h%C3%B8reapparater+p%C3%A5+recept+-+brug+disse+i+stedet&content=https%3A%2F%2Fconsole.brax-cdn.com%2Fcreatives%2F44dd7285-cd6a-4a0f-9085-8137587509a3%2F952e1ede-ae6b-4f43-887a-cffed74d192e_1000x600_337336718df5ac45f47696fe4e11d302.png&network=mobilenations1-windowcentral&title=Danske+seniorer%3A+Glem+alt+om+h%C3%B8reapparater+p%C3%A5+recept+-+brug+disse+i+stedet&click-id=GiBMn18mEByOrgNVM0d6eEq0ncjFoe27t5hBOtzmQYd94yCqs0Ao1IOr1OzftZAb#tblciGiBMn18mEByOrgNVM0d6eEq0ncjFoe27t5hBOtzmQYd94yCqs0Ao1IOr1OzftZAb
Title: HearClear

Search URL Search Domain Scan URL

URL: https://tmbvt.com/a1588217-e4e9-4a65-b55b-6ea231f553e1?tci=GiBMn18mEByOrgNVM0d6eEq0ncjFoe27t5hBOtzmQYd94yCa_lMo0_ry0JDfn-_qAQ&site=mobilenations1-windowcentral&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F8e4dd95879be16c55f50e29c8b7071db.jpg&title=Utrolig+japansk+kniv+overtager+alle+k%C3%B8kkener+i+Danmark&platform=Desktop&campaign_item_id=2994971982#tblciGiBMn18mEByOrgNVM0d6eEq0ncjFoe27t5hBOtzmQYd94yCa_lMo0_ry0JDfn-_qAQ
Title: Huusk

Search URL Search Domain Scan URL

URL: http://umtij.com/cid/fedf2193-9c9c-470b-864f-de1d3c4431df?campaignid=11573348&platform=Desktop&campaignitemid=3016037718&site=mobilenations1-windowcentral&clickid=GiBMn18mEByOrgNVM0d6eEq0ncjFoe27t5hBOtzmQYd94yCKyVQo9ajC1IWKzuiYAQ&timestamp=2021-09-07+05%3A22%3A13&thumbnail=http%3A%2F%2Fumtij.com%2Fcontent%2F48dd5d57-7667-4840-b082-4e7e3d657941.png&title=Viby+Sj%C3%A6lland%3A+disse+hybridbiler+fra+2021+er+n%C3%A6sten+givet+v%C3%A6k#tblciGiBMn18mEByOrgNVM0d6eEq0ncjFoe27t5hBOtzmQYd94yCKyVQo9ajC1IWKzuiYAQ
Title: Suv Biler Hybrid | Søgeannoncer

Search URL Search Domain Scan URL

URL: http://www.voordeelnieuwtje.net/a11289a8-de11-405d-8465-d8fca8ab518a?site_id=1099492&site=mobilenations1-windowcentral&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F7eb2f456d4506461099acf6e50872077.png&title=Hvorfor+k%C3%B8be+dyrere+kikkerter%2C+n%C3%A5r+denne+kikkert+til+524+kr.+leverer+den+samme+kvalitet%3F&campaign_id=9359009&campaign_item_id=3007051094&cost=%7Bcost%7D&click_id=GiBMn18mEByOrgNVM0d6eEq0ncjFoe27t5hBOtzmQYd94yCmr1Mo27zn1_LvjdAs&utm_source=taboola&utm_medium=referral&campaign={campaign}&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F7eb2f456d4506461099acf6e50872077.png&title=Hvorfor+k%C3%B8be+dyrere+kikkerter%2C+n%C3%A5r+denne+kikkert+til+524+kr.+leverer+den+samme+kvalitet%3F&site=mobilenations1-windowcentral&click_id=GiBMn18mEByOrgNVM0d6eEq0ncjFoe27t5hBOtzmQYd94yCmr1Mo27zn1_LvjdAs#tblciGiBMn18mEByOrgNVM0d6eEq0ncjFoe27t5hBOtzmQYd94yCmr1Mo27zn1_LvjdAs
Title: Nature Gadgets

Search URL Search Domain Scan URL

URL: http://www.voordeelnieuwtje.net/e0e1be2f-da98-4f81-bfbc-0c3b9ead3cef?site_id=1099492&site=mobilenations1-windowcentral&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0a505db6265bc664c7ded05a564e0e79.png&title=Denne+t%C3%A6tningsspray+er+anvendelig+i+overraskende+mange+tilf%C3%A6lde&campaign_id=11713079&campaign_item_id=3023345828&cost=%7Bcost%7D&click_id=GiBMn18mEByOrgNVM0d6eEq0ncjFoe27t5hBOtzmQYd94yCqrlUo1OvV1pfjpJ3rAQ&utm_source=taboola&utm_medium=referral&campaign={campaign}&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0a505db6265bc664c7ded05a564e0e79.png&title=Denne+t%C3%A6tningsspray+er+anvendelig+i+overraskende+mange+tilf%C3%A6lde&site=mobilenations1-windowcentral&click_id=GiBMn18mEByOrgNVM0d6eEq0ncjFoe27t5hBOtzmQYd94yCqrlUo1OvV1pfjpJ3rAQ#tblciGiBMn18mEByOrgNVM0d6eEq0ncjFoe27t5hBOtzmQYd94yCqrlUo1OvV1pfjpJ3rAQ
Title: LeakSeal Pro

Search URL Search Domain Scan URL

URL: https://forums.windowscentral.com/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Forums

Search URL Search Domain Scan URL

URL: https://www.mobilenations.com/licensing-reprints/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Licensing and Reprints

Search URL Search Domain Scan URL

URL: https://www.mobilenations.com/advertise?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/accessibility-statement/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Accessibility Statement

Search URL Search Domain Scan URL

URL: https://www.androidcentral.com/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Android Central

Search URL Search Domain Scan URL

URL: https://www.imore.com/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: iMore

Search URL Search Domain Scan URL

URL: https://crackberry.com/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: CrackBerry

Search URL Search Domain Scan URL

URL: https://thrifter.com/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Thrifter

Search URL Search Domain Scan URL

URL: https://www.technobuffalo.com/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: TechnoBuffalo

Search URL Search Domain Scan URL

URL: http://youtube.com/c/themrmobile?utm_source=wp&utm_medium=drawer&utm_campaign=navigation&sub_confirmation=1
Title: MrMobile

Search URL Search Domain Scan URL

URL: https://passport.mobilenations.com/?u=eNpVj0FuwyAQRe_CnhiC7dSTZaQeoO3eGsOkQcaAMBGVqt690GRTFqPPG_7wB-EE3zvII7BExibSeb5cJ8fOlQkB7JZz3KHrSimHYr0JZdfkc0J30GHrnohLydHFG_INXcFEHHNGvfKcLJlWq44UoiMe7plfrUevLTpuMOPfZ-P_XDDzZobGVQ2mxuv0Yobj0gsSajT6Kkkb0kqpaZGnvr3rge02U5PVUWITdSTqbINvlwGYC5_WPzYDdnl_e50_wkqVLCCelL6iTfjw2BpKiameQdX2BCxSqvtZvzaLPP_8AoVEZvA,
Title: Log in

Search URL Search Domain Scan URL

URL: https://passport.mobilenations.com/?utm_source=wp&utm_medium=signup&utm_campaign=passport&u=eNpVT8FuwyAM_RfuNFCStKHHSfuAbffIAXdFIYCIKyZN-_fB2st8sJ6f_exn0Fwn_b1redQso3UZDc337NmlckJodiNKu-66UsqhuGBj2Q0GyuAPJm7dk-JScvDpBnwDXyAjB1wiMCun7NC2XFxxwpg88nhcJ351AYJx4LkFgr9j438D82aHxqtqTI3X6WyH49ILFGq05irRWDRKqWmRp77N9ZrtjrDBqiipgboSDLkYWnFu-z_dTpgfz2n28v72On_EFevAosWTxa_kMjxkrvpSYqoxqNqeNEuY64surE1cIi8_v9x0aD8%2C
Title: Sign up

Search URL Search Domain Scan URL

URL: http://www.twitter.com/windowscentral?utm_source=wc&utm_medium=burger&utm_campaign=navigation
Title: t

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WindowsCentral?utm_source=wc&utm_medium=burger&utm_campaign=navigation
Title: f

Search URL Search Domain Scan URL

URL: https://www.youtube.com/wmexperts?utm_source=wc&utm_medium=burger&utm_campaign=navigation
Title: p

Search URL Search Domain Scan URL

URL: http://instagram.com/WindowsCentral?utm_source=wc&utm_medium=burger&utm_campaign=navigation
Title: i

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: © Future US, Inc.

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/terms-conditions/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/privacy-policy?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/cookies-policy?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: http://yourfuturejob.futureplc.com/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/services/endorsement-licensing/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Licensing

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/accessibility-statement?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Accessibility Statement

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/?utm_source=wp&utm_medium=footer&utm_campaign=navigation
Title: © Future US, Inc.

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/terms-conditions/?utm_source=wp&utm_medium=footer&utm_campaign=navigation
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/privacy-policy?utm_source=wp&utm_medium=footer&utm_campaign=navigation
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/cookies-policy?utm_source=wp&utm_medium=footer&utm_campaign=navigation
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: http://yourfuturejob.futureplc.com/?utm_source=wp&utm_medium=footer&utm_campaign=navigation
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/services/endorsement-licensing/?utm_source=wp&utm_medium=footer&utm_campaign=navigation
Title: Licensing

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/accessibility-statement?utm_source=wp&utm_medium=footer&utm_campaign=navigation
Title: Accessibility Statement

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/services/advertising/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://futureplc-com.videoplayerhub.com/galleryplayer.js HTTP 301
https://btloader.com/tag?h=futureplc-com&upapi=true

Request Chain 60

https://bcp.crwdcntrl.net/5/c=12464/rand=957838635/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=12464/rand=957838635/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr

Request Chain 62

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=7ba36136-f6ff-4600-97b0-c619baf8ac35

Request Chain 63

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YTb3AAAEkZMeDgA4 HTTP 302
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YTb3AAAEkZMeDgA4&_test=YTb3AAAEkZMeDgA4

Request Chain 64

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=M2VkYjJhOWVhZjBmODk5ZDg0Yzg1YmZhNzVkZGI4ZmI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=M2VkYjJhOWVhZjBmODk5ZDg0Yzg1YmZhNzVkZGI4ZmI&google_tc=

Request Chain 65

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=3edb2a9eaf0f899d84c85bfa75ddb8fb&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=3edb2a9eaf0f899d84c85bfa75ddb8fb&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=77220942461845690612775504718985767057

Request Chain 66

https://id5-sync.com/s/19/9.gif?puid=3edb2a9eaf0f899d84c85bfa75ddb8fb&gdpr=1 HTTP 302
https://id5-sync.com/c/19/19/9/1.gif?puid=3edb2a9eaf0f899d84c85bfa75ddb8fb&gdpr=1&gdpr_consent= HTTP 302
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://tags.bluekai.com/site/5907?limit=0&id=56848f5801e84fe42df509190a9a0919&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOgCOp-J_9hO1nCp8PFQXi6P2LxSWrQwjpO8Ewjw/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/224/7/3.gif?puid=4436697092637524094&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOgCOp-J_9hO1nCp8PFQXi6P2LxSWrQwjpO8Ewjw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=M2VkYjJhOWVhZjBmODk5ZDg0Yzg1YmZhNzVkZGI4ZmI&google_redir={xENCODEDURL}&id5id=ID5-ZHMOgCOp-J_9hO1nCp8PFQXi6P2LxSWrQwjpO8Ewjw

Request Chain 67

https://sb.scorecardresearch.com/cs/10055482/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 68

https://sb.scorecardresearch.com/b?c1=2&c2=10055482&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1630992128835&ns_c=UTF-8&c7=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data&c8=%27Windows%2011%20Alpha%27%20malware%20attack%20tried%20to%20trick%20people%20out%20of%20financial%20data%20%7C%20Windows%20Central&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=10055482&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1630992128835&ns_c=UTF-8&c7=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data&c8=%27Windows%2011%20Alpha%27%20malware%20attack%20tried%20to%20trick%20people%20out%20of%20financial%20data%20%7C%20Windows%20Central&c9=

Request Chain 71

https://sb.scorecardresearch.com/p?c1=8&c2=15039634&c3=9&c4=n6aekmb1&c7=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data&c8=%27Windows%2011%20Alpha%27%20malware%20attack%20tried%20to%20trick%20people%20out%20of%20financial%20data%20%7C%20Windows%20Central&c9=&cv=2.0&cj=1&ns__t=1630992130267 HTTP 302
https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=9&c4=n6aekmb1&c7=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data&c8=%27Windows%2011%20Alpha%27%20malware%20attack%20tried%20to%20trick%20people%20out%20of%20financial%20data%20%7C%20Windows%20Central&c9=&cv=2.0&cj=1&ns__t=1630992130267

Request Chain 74

https://id5-sync.com/s/441/9.gif?puid=e_03aecfe7-1110-4152-8f05-f19f3a9e75f1&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/441/9/1.gif?puid=e_03aecfe7-1110-4152-8f05-f19f3a9e75f1&gdpr=1&gdpr_consent= HTTP 302
https://match.adsby.bidtheatre.com/usersync?cb=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F487%2F8%2F2.gif%3Fpuid%3D%7Buid%7D%26gdpr%3D1%26gdpr_consent%3D&gpdr_consent=&gdpr=1 HTTP 302
https://id5-sync.com/c/441/487/8/2.gif?puid=ee0ab632-26a7-4069-80d5-cc4fc71fc10d&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOBxgX8u7kgjpOraSdsvhWnLfThoYGL_LR6i8tsQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOBxgX8u7kgjpOraSdsvhWnLfThoYGL_LR6i8tsQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/441/124/7/3.gif?puid=c6dca8de-fce9-4da6-a2bb-63449b18a9f6&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 301
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/441/146/6/4.gif?puid=4b97b8e4-718f-4cab-9847-2b84b408bb5b&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/19/5/5.gif?puid=3edb2a9eaf0f899d84c85bfa75ddb8fb&gdpr=1&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=3edb2a9eaf0f899d84c85bfa75ddb8fb&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F485%2F4%2F6.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/485/4/6.gif?puid=57326283732412471205743738876508231195&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/441/101/3/7.gif?puid=96fbb58b-3382-478c-bb42-ca4f71e2fecd&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F2%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F2%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Request Chain 159

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 160

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 162

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 163

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

170 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request windows-11-alpha-malware-attack-tried-trick-people-out-financial-data Show response
www.windowscentral.com/ 138 KB
31 KB 38ms
20ms Document
text/html 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc3ccc08cee3c5f01aad5ee24e233bf8102a71429bfba20c034bce6bd994db2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.windowscentral.com
:scheme: https
:path: /windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
content-language: en
x-frame-options: SAMEORIGIN
mn-server-ip: 165
strict-transport-security: max-age=86400
link: <https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2021/04/surface-laptop-4-amd-2021-display.jpg>; rel="image_src",<https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data>; rel="canonical",<https://www.windowscentral.com/node/87480>; rel="shortlink"
cache-control: public, max-age=300, s-maxage=21600
expires: Tue, 07 Sep 2021 01:37:33 GMT
content-security-policy: upgrade-insecure-requests;
cf-cache-status: HIT
age: 13773
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 68ad7f573cd12c56-FRA
content-encoding: gzip

GET
H2 200 surface-laptop-4-amd-2021-display.jpg
www.windowscentral.com/sites/wpcentral.com/files/styles/large_wm_brw/public/field/image/2021/04/ 45 KB
45 KB 18ms
17ms Image
image/webp 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/wpcentral.com/files/styles/large_wm_brw/public/field/image/2021/04/surface-laptop-4-amd-2021-display.jpg
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c9f7955140dd85450788bfefe25d37024c6053118b2a32f34da1f056ece46c8

Request headers

:path: /sites/wpcentral.com/files/styles/large_wm_brw/public/field/image/2021/04/surface-laptop-4-amd-2021-display.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.windowscentral.com
referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
cf-cache-status: HIT
age: 64798
cf-polished: qual=85, origFmt=jpeg, origSize=86114
content-disposition: inline; filename="surface-laptop-4-amd-2021-display.webp"
content-length: 45656
last-modified: Mon, 26 Apr 2021 18:07:43 GMT
server: cloudflare
etag: "6087016f-15062"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 07 Oct 2021 11:22:07 GMT
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 68ad7f575d012c56-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 l
use.typekit.net/af/6d4bb2/00000000000000003b9acafc/27/ 26 KB
26 KB 24ms
12ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6d4bb2/00000000000000003b9acafc/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e66d93bb563a106e7b4f14a4b2720d56be32aa46d2164919768c099a2d6ae153

Request headers

Origin: https://www.windowscentral.com
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
server: nginx
etag: "7d4a321fb4284bed9856c33aee6c065aba0855a7"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26388

GET
H2 200 fa-solid-900.woff2
www.windowscentral.com/sites/all/fonts/fontawesome-min/ 8 KB
8 KB 17ms
16ms Font
application/octet-stream 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/all/fonts/fontawesome-min/fa-solid-900.woff2
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd23f77e0f2633a6eb7eab764d98ab21a0ae46fe92d169262b52ffefd1dcf16c

Request headers

:path: /sites/all/fonts/fontawesome-min/fa-solid-900.woff2
pragma: no-cache
origin: https://www.windowscentral.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.windowscentral.com
referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.windowscentral.com
Referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
cf-cache-status: HIT
last-modified: Tue, 17 Aug 2021 18:51:32 GMT
server: cloudflare
age: 1123556
etag: "611c0534-1ff4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 68ad7f575d052c56-FRA
content-length: 8180
expires: Sat, 25 Sep 2021 05:16:10 GMT

GET
H2 200 mona-icons.ttf
www.windowscentral.com/sites/all/fonts/ 2 KB
2 KB 20ms
19ms Font
application/octet-stream 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/all/fonts/mona-icons.ttf
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2f14c14f8b1cc9659e849b3db6b22410b5641152120e50e5a1292d78016016c

Request headers

:path: /sites/all/fonts/mona-icons.ttf
pragma: no-cache
origin: https://www.windowscentral.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.windowscentral.com
referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.windowscentral.com
Referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
cf-cache-status: HIT
last-modified: Tue, 17 Aug 2021 18:51:31 GMT
server: cloudflare
age: 1123556
etag: "611c0533-70c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 68ad7f575d062c56-FRA
content-length: 1804
expires: Sat, 25 Sep 2021 05:16:10 GMT

GET
H2 200 css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
www.windowscentral.com/sites/wpcentral.com/files/advagg_css/ 297 KB
48 KB 27ms
26ms Stylesheet
text/css 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c84a5b9e09825082ba7b583fddf8abca5efbdd05eb7beb7d9e2abdfcebda332c

Request headers

:path: /sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
pragma: no-cache
cookie: has_js=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.windowscentral.com
referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Aug 2021 16:03:53 GMT
server: cloudflare
age: 1222783
etag: W/"611a8c69-4a370"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Fri, 24 Sep 2021 01:42:23 GMT
cache-control: max-age=2678400
cf-polished: origSize=303984
cf-ray: 68ad7f57ad872c56-FRA
cf-bgj: minify

GET
H2 200 js__n7HQ4TG1EEZYz2tjiNVR6cVScwcUWaE3qTK3TEDs0X4__9EA7hkw0GUzw6lOi7bH2luHaBUOMOCMv-1NWe_50wbg__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.js Show response
www.windowscentral.com/sites/wpcentral.com/files/advagg_js/ 194 KB
63 KB 20ms
19ms Script
application/x-javascript 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_js/js__n7HQ4TG1EEZYz2tjiNVR6cVScwcUWaE3qTK3TEDs0X4__9EA7hkw0GUzw6lOi7bH2luHaBUOMOCMv-1NWe_50wbg__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2ae56b1a6ca3e19dfe524fe5342627b179685a6fd231851d0fc41ea0b50bf68

Request headers

:path: /sites/wpcentral.com/files/advagg_js/js__n7HQ4TG1EEZYz2tjiNVR6cVScwcUWaE3qTK3TEDs0X4__9EA7hkw0GUzw6lOi7bH2luHaBUOMOCMv-1NWe_50wbg__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.windowscentral.com
referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Apr 2021 20:29:43 GMT
server: cloudflare
age: 2229316
etag: W/"6070b937-3ab7e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Sun, 12 Sep 2021 10:06:50 GMT
cache-control: max-age=2678400
cf-polished: origSize=240510
cf-ray: 68ad7f576d112c56-FRA
cf-bgj: minify

GET
H2 200 js__c0wIEn2kbwfSABNH37FFHYYM7mCF9kYLDVp5KdHQI30__Pr-ynne3WA3SaozEBe8Rs0OElNLarFAb10Yxr7wDwvw__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.js Show response
www.windowscentral.com/sites/wpcentral.com/files/advagg_js/ 21 KB
6 KB 17ms
16ms Script
application/x-javascript 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_js/js__c0wIEn2kbwfSABNH37FFHYYM7mCF9kYLDVp5KdHQI30__Pr-ynne3WA3SaozEBe8Rs0OElNLarFAb10Yxr7wDwvw__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dedf0005af46ab90d7b42e76026288fc5a2ba67ce8ffae805f22e971f358c55b

Request headers

:path: /sites/wpcentral.com/files/advagg_js/js__c0wIEn2kbwfSABNH37FFHYYM7mCF9kYLDVp5KdHQI30__Pr-ynne3WA3SaozEBe8Rs0OElNLarFAb10Yxr7wDwvw__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.windowscentral.com
referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 03 Feb 2021 22:05:42 GMT
server: cloudflare
age: 1123548
etag: W/"601b1e36-739a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Sat, 25 Sep 2021 05:16:18 GMT
cache-control: max-age=2678400
cf-polished: origSize=29594
cf-ray: 68ad7f576d132c56-FRA
cf-bgj: minify

GET
H2 200 bordeaux.js Show response
bordeaux.futurecdn.net/ 388 KB
106 KB 105ms
37ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://bordeaux.futurecdn.net/bordeaux.js

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

bdd869f6a879f7d0910bb077f5c54d165a50a5371170917e6d5b8f5a375c0da3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 12:11:26 GMT
server: nginx/1.19.0
etag: W/"6130bf6e-6117f"
strict-transport-security: max-age=15724800; includeSubDomains
x-hw: 1630992126.cds055.fr8.hn,1630992126.cds215.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=667
accept-ranges: bytes
bordeaux-version: 4.6.1
content-length: 108157

GET
H2 200 tr
www.facebook.com/ 44 B
147 B 9ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1765793593738454&ev=PageView&noscript=1

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 07 Sep 2021 05:22:06 GMT

GET
H2 200 tr
www.facebook.com/ 44 B
101 B 9ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1765793593738454&ev=ViewContent&noscript=1

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 07 Sep 2021 05:22:06 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/mobilenations1-network/ 436 KB
37 KB 98ms
32ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/mobilenations1-network/loader.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: obaker.93.1.2-11.73.5 /
Resource Hash: e048256aeff711c2ac9e3f00ce50fc47da3274019af3d150460e97684b9eb8cc

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: opl_y72hZcKrYWiXJh3f4UzzfufiwX7T
content-encoding: gzip
etag: "7952b085b2c12ed1899741c26880df8323f80ec6"
age: 972
via: 1.1 varnish
x-cache: HIT
x-from-cache: 1
content-length: 36919
x-amz-id-2: AHqp04mfv57nO3lQxJGB3jgt8vg4bOdqCrqwXO8KK2LfSis3ZPFVSXdtJjXE54lI07whO1o0bW8=
x-served-by: cache-fra19137-FRA
last-modified: Tue, 07 Sep 2021 03:49:36 UTC
server: obaker.93.1.2-11.73.5
x-timer: S1630992127.747260,VS0,VE1
date: Tue, 07 Sep 2021 05:22:06 GMT
vary: Accept-Encoding, Accept-Encoding
x-amz-request-id: MYHHFT5MKE5QJ8KW
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 13
x-cache-hits: 1

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/uer8ZPXHG8WDU/www.windowscentral.com/ 5 KB
2 KB 32ms
11ms Script
application/javascript 2600:9000:2182:3200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/uer8ZPXHG8WDU/www.windowscentral.com/choice.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da04dec0e58764cce0b002e6242ff5a6c91e06b1bf6a1b361e15a321479b057a

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 07 Sep 2021 05:21:38 GMT
content-encoding: br
last-modified: Thu, 26 Aug 2021 15:24:29 GMT
server: AmazonS3
age: 54
etag: W/"3d8ef35dda3051cd51515ed72e12e8e0"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: gOBfqQPKOM6QtYzbRPHFY8kYREM9Vg0-pLdNGV_VLCHS2M1EFxYL8A==

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/12464/ 38 KB
11 KB 130ms
37ms Script
application/json 13.226.155.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/12464/cc.js?ns=_cc12464
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-79.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94fe2acdde59c996a475902afadf127e555e25fb6aae6f8f93914b318de3e19d

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 19:11:52 GMT
content-encoding: gzip
etag: W/"60ae9e169e0216122e9d8bf94f8906db"
last-modified: Wed, 11 Mar 2020 04:01:36 GMT
server: AmazonS3
age: 36615
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: gTd8_NRPf5LZG679pYDFSNmC1Blf0CFhUPOotU2bV7bwkM77LeJdlw==

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://futureplc-com.videoplayerhub.com/galleryplayer.js
https://btloader.com/tag?h=futureplc-com&upapi=true

15 KB
6 KB

31ms
16ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=futureplc-com&upapi=true
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe002bfd96db43e429278542c81094406f1a9ace230fe9cd6e39ed103314e945

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cf-ray: 68ad7f581c724db2-FRA
date: Tue, 07 Sep 2021 05:22:06 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2978
etag: W/"6c97973b0e47b28836bddec683b3bd69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jsqdr1UuZJmqQ7BAZe0FPEn0OJuxaT8MVZTvITTcAvEv1V%2BkGmfLfOlX%2FW3X%2F03UDbR%2FrVpBqkHn3b1%2Bf7FZZRLbcG3m9yW67F8RYX%2FNjx1Jghm3B6c6xvirc%2FL8zZExVQz1kEHXQq%2BvEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
content-encoding: br

Redirect headers

date: Tue, 07 Sep 2021 05:22:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOclCQyuhb2v5RG6AdvmbD9%2B0G%2BfvnclYZbQOI5Lr7S4%2FMePbWr0uQfMwHsTTPK6ub2lxoKZtxoELrQIHjkZV90%2BX%2BR80HQYH6sToKSCx4%2F9V25qJnDR4pj%2BcbUzlTVHUw%2FqFKyBYrqSvdod2PQrUEbKm3DUgQY7HO81Jzvw"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=futureplc-com&upapi=true
cache-control: max-age=3600
cf-ray: 68ad7f57dfab42db-FRA
expires: Tue, 07 Sep 2021 06:22:06 GMT

GET
H2 200 glade.js Show response
securepubads.g.doubleclick.net/static/ 31 KB
13 KB 193ms
67ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/glade.js

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

298b1806d3ad5fab73f204849b99705f9603b9cf8c72aedb465ace41dbf2017f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1533569005437780"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=1800, stale-while-revalidate=3600
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12446
x-xss-protection: 0
expires: Tue, 07 Sep 2021 05:22:06 GMT

GET
H2 200 js__0TtPV7tYtOKF8q4xu8UDn_i8ZNmArXKAaAgO1n7Dv5g__Ezk6UoDVzZZfZHThsUKi8ypoa4TqBYJG_z5ccTqKTIc__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.js Show response
www.windowscentral.com/sites/wpcentral.com/files/advagg_js/ 46 KB
14 KB 27ms
25ms Script
application/x-javascript 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_js/js__0TtPV7tYtOKF8q4xu8UDn_i8ZNmArXKAaAgO1n7Dv5g__Ezk6UoDVzZZfZHThsUKi8ypoa4TqBYJG_z5ccTqKTIc__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdbd254cd82af2c162090853c566be73bdcf67820ecce9eab5af763a4deb35e7

Request headers

:path: /sites/wpcentral.com/files/advagg_js/js__0TtPV7tYtOKF8q4xu8UDn_i8ZNmArXKAaAgO1n7Dv5g__Ezk6UoDVzZZfZHThsUKi8ypoa4TqBYJG_z5ccTqKTIc__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.js
pragma: no-cache
cookie: has_js=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.windowscentral.com
referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Apr 2021 20:29:43 GMT
server: cloudflare
age: 2229312
etag: W/"6070b937-fc7f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Sun, 12 Sep 2021 10:06:54 GMT
cache-control: max-age=2678400
cf-polished: origSize=64639
cf-ray: 68ad7f57ad7f2c56-FRA
cf-bgj: minify

GET
H2 200 analytics.js Show response
www.windowscentral.com/sites/wpcentral.com/files/googleanalytics/ 48 KB
19 KB 23ms
22ms Script
application/x-javascript 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/wpcentral.com/files/googleanalytics/analytics.js?qz1gc2
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4285b2f44b7d0ef6c15a67f3c51c3633807e8708fc90f0043ac5863e3dad690

Request headers

:path: /sites/wpcentral.com/files/googleanalytics/analytics.js?qz1gc2
pragma: no-cache
cookie: has_js=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.windowscentral.com
referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Aug 2021 15:35:33 GMT
server: cloudflare
age: 17036
etag: W/"611a85c5-c0ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Fri, 08 Oct 2021 00:38:10 GMT
cache-control: max-age=2678400
cf-polished: origSize=49389
cf-ray: 68ad7f57ad862c56-FRA
cf-bgj: minify

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/mobilenations1-windowcentral/ 62 KB
16 KB 107ms
32ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/mobilenations1-windowcentral/newsroom.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e4f5f3bc3d6c472382dc6ae414a1d2558fc9fd1fe4ec4c7ae7d3adc8957d438

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "1dbadc531dcc54906bcc5f5e1fe01430"
age: 82
x-cache: HIT
content-length: 16437
x-amz-id-2: z6CzQmQY6FoSxDUD7E/g/wsXcgiLl12fpiaFL3XYv+ncTGKNFu4J54CwLDzTXAAAyIWYx+szNPU=
x-served-by: cache-fra19132-FRA
last-modified: Fri, 04 Sep 2020 23:39:59 GMT
server: AmazonS3
x-timer: S1630992127.757755,VS0,VE1
date: Tue, 07 Sep 2021 05:22:06 GMT
vary: Accept-Encoding
x-amz-request-id: S91CPR58QD6Z7CQB
via: 1.1 varnish
cache-control: max-age=14400
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 wc-logo-color.svg
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 5 KB
2 KB 18ms
16ms Image
image/svg+xml 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577c6dfe3ebcb5435b28de78f9112774f8910e67e889aad87895daf6cd1a9f44

Request headers

:path: /sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
pragma: no-cache
cookie: has_js=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.windowscentral.com
referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 17 Aug 2021 18:51:31 GMT
server: cloudflare
age: 1123483
etag: W/"611c0533-121f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 68ad7f57bd952c56-FRA
expires: Sat, 25 Sep 2021 05:17:23 GMT

GET
H2 200 l
use.typekit.net/af/027dd4/00000000000000003b9acafa/27/ 26 KB
26 KB 12ms
10ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/027dd4/00000000000000003b9acafa/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b67b8d53ea5dfecb7b2c1cf5949fe4616d1924a75dfa49c35bf186bea939b747

Request headers

Origin: https://www.windowscentral.com
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
server: nginx
etag: "37da2a6b18214f547dbbc4036f830d9caa1b9787"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26676

GET
H2 200 l
use.typekit.net/af/46da36/00000000000000003b9acaf6/27/ 26 KB
26 KB 6ms
6ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/46da36/00000000000000003b9acaf6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a4cc179995cc5c8bfe5b358466cfd5a871821bc1d4e64723ccf16da6f3edd387

Request headers

Origin: https://www.windowscentral.com
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
server: nginx
etag: "de29fb2e3e401b15877c6b3a0953702fe7fa1105"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26812

GET
H2 200 4x3.png
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 38 B
281 B 18ms
17ms Image
image/webp 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/4x3.png
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 146efe90cd5a3bcee5cb557ff9606487035ba967150c77b59285570b0bf21609

Request headers

:path: /sites/all/themes/mbn2_twig/assets/images/4x3.png
pragma: no-cache
cookie: has_js=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.windowscentral.com
referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
cf-cache-status: HIT
age: 463424
cf-polished: origFmt=png, origSize=73
content-disposition: inline; filename="4x3.webp"
content-length: 38
last-modified: Tue, 17 Aug 2021 18:51:31 GMT
server: cloudflare
etag: "611c0533-49"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 02 Oct 2021 20:38:22 GMT
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 68ad7f580e082c56-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1x1.png
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 38 B
189 B 24ms
23ms Image
image/webp 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/1x1.png
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f03b278147f8f0bbfd56ebe73d183470ec71d18512c2d24bea55212bbe724e1

Request headers

:path: /sites/all/themes/mbn2_twig/assets/images/1x1.png
pragma: no-cache
cookie: has_js=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.windowscentral.com
referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
cf-cache-status: HIT
age: 454643
cf-polished: origFmt=png, origSize=68
content-disposition: inline; filename="1x1.webp"
content-length: 38
last-modified: Tue, 17 Aug 2021 18:51:31 GMT
server: cloudflare
etag: "611c0533-44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 02 Oct 2021 23:04:43 GMT
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 68ad7f581e092c56-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1011 B 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/googleanalytics/analytics.js?qz1gc2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 04:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3444
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Tue, 07 Sep 2021 05:24:42 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/28/ 278 KB
71 KB 11ms
10ms Script
text/javascript 2600:9000:2182:3200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/28/cmp2.js?referer=www.windowscentral.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/uer8ZPXHG8WDU/www.windowscentral.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:3200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29507fd3a172d0d54a23c53defa95fe78dbf477c5577b7b789abc2946c8a40d8

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:21:27 GMT
content-encoding: br
age: 52
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Wed, 10 Mar 2021 17:10:52 GMT
server: AmazonS3
etag: W/"814cf3c7bdd5dafb6ad642c1b52006c2"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-meta-qc-ineu: True
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: khJVfOh9ytq5XNldUeKt-MynHEY2JreYIaz5tMLd6A6aLNymQXtqiQ==

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12542/ 3 KB
3 KB 214ms
50ms Script
application/javascript 52.210.129.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12542/px.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.129.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-129-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 862701d910657705bbcd1389ac37bf20c5c8ab442d523ed74ecc0c9fe09afaee

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 07 Sep 2021 05:22:06 GMT
Cache-Control: max-age=2419200, public
Connection: keep-alive
Content-Length: 3010
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5d51c2d2d99d5c71f61c1efd7842744538b05035ff8b302a390be25a675fc225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: p5d120ud2Qn297Ut/WxEMQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: MRYqOGVoLJKkznPkNxBB9H/3pJi8Xerx8dU4XdlQpZ8VlogAbq22bZOL0GD9GJSgvuK+Pt2I/0RlifD6uJEaJQ==
x-fb-trip-id: 686109401
x-fb-content-md5: a52be9ef901385a34f31c8e2ef85d46a
x-frame-options: DENY
date: Tue, 07 Sep 2021 05:22:06 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "727f5b6951105a717562172245c08e91"
timing-allow-origin: *
expires: Tue, 07 Sep 2021 05:34:39 GMT

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 109ms
34ms Script
application/javascript 18.66.92.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: public
Date: Tue, 07 Sep 2021 00:52:11 GMT
Via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
Age: 16195
ETag: "5eb31be4-3a2"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA56-P2
Content-Length: 930
X-Amz-Cf-Id: g1O8b--aNbHMkR-tCKXR0W2LgQdFUxu6CFZWC6x4egPk9u-QSRPZ6w==
Expires: Wed, 08 Sep 2021 00:52:11 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 419ms
39ms Script
application/javascript 91.228.74.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:07 GMT
content-encoding: gzip
etag: "lp772EpWKwf8Kq7YKMhbuw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Tue, 14 Sep 2021 05:22:07 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 88 KB
35 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N9VHS7

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6e3bc7d17b69308c0be06ad1f9ae2e807151ebbd062a5518440acf2814e339e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35538
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Sep 2021 05:22:06 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 28 KB
13 KB 209ms
54ms Script
application/javascript 34.247.104.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?782021
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.104.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8036e893559287b0a9982f4476fc16208c7b98a0b0b73622085a1d7a35a62270

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 07 Sep 2021 05:22:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Sep 2021 22:01:11 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=59944
Connection: keep-alive
Content-Length: 12574
Expires: Tue, 07 Sep 2021 22:01:11 GMT

GET
H2 200 web-vitals.js Show response
unpkg.com/web-vitals@2.0.1/dist/ 5 KB
2 KB 36ms
17ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@2.0.1/dist/web-vitals.js?module

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

45b6640b10629fe0dcec64d3031726d9841d5504280f8be01f2d5ca2f31f5cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.windowscentral.com
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8330288
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
fly-request-id: 01F772X99PWAJAQW68ENFJEC5C
server: cloudflare
etag: W/"13f0-FB5AIG1d3V3SKXQC+aDRC1j67uc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 68ad7f586a3e4e9d-FRA

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 30ms
15ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=2118906020&t=pageview&_s=1&dl=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data&ul=en-us&de=UTF-8&dt=%27Windows%2011%20Alpha%27%20malware%20attack%20tried%20to%20trick%20people%20out%20of%20financial%20data%20%7C%20Windows%20Central&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAAIhAAAAAC~&jid=853407881&gjid=1652009053&cid=707554222.1630992127&tid=UA-1058506-1&_gid=104715719.1630992127&_r=1&_slc=1&cd1=full&cd2=default&cd3=true&cd4=C%3Aarticle%2CS%3Astandard%2CB%3Aaside%2CB%3Aw400&cd12=news%2Cwindows&cd13=windows%2011&cd14=87480&z=1268761889

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/googleanalytics/analytics.js?qz1gc2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Sep 2021 05:22:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.windowscentral.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 227 KB
67 KB 14ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ac702909ec46d342a092c8ac905021a3

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cd1dd3418dafb945dd763359592bc9b22ea7fdf98493544426cd1b1d1d018714

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.windowscentral.com
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: uzOK6Cu3+Vgu8iRRhzns6g==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 68284
x-fb-rlafr: 0
x-fb-debug: EDHhEzhU4PgKCMTcAVIZ7J59ifrdOzsrNdt29GFKwkKSet949AiwIUwfJQSVOzdMGJMDrIKRZxXH1TFlI8iGmw==
x-fb-content-md5: 2d46624907a9c3150f440d1a7ec34ffc
x-frame-options: DENY
date: Tue, 07 Sep 2021 05:22:06 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "f7240858c2e13f87227f156ac8f1e1a1"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 07 Sep 2022 03:55:18 GMT

GET
H2 200 services.js Show response
js.gumgum.com/ 99 KB
37 KB 119ms
40ms Script
application/javascript 18.66.112.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.gumgum.com/services.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f55d6329951a0fc9abde82911fca744e59159c18a0173e2df2a8a8449d0ce1f1

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: R6st5voNofeVPrmCwuB4Loi1b2kblSCr
content-encoding: gzip
etag: W/"47d5d953c869de55c50d1cc510b2aafd"
age: 15392
x-cache: Hit from cloudfront
x-amz-meta-timing-allow-origin: *
x-amz-meta-access-control-allow-origin: *
last-modified: Thu, 02 Sep 2021 23:03:38 GMT
server: AmazonS3
date: Tue, 07 Sep 2021 01:05:35 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: eDlPCnOZSrBoD-oqwIWknRXhRPhoilq7ag108QP_yCooqE9czDMmiw==

GET
H2 200 door.js Show response
uk-script.dotmetrics.net/ 7 KB
3 KB 138ms
62ms Script
application/javascript 13.226.155.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uk-script.dotmetrics.net/door.js?id=5257
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-92.dus51.r.cloudfront.net
Software: Kestrel /
Resource Hash: e213b53477c260dcbf4d7b3589bd28678f1df9acbca53f712e1b3884af32c5b3

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
content-encoding: br
server: Kestrel
x-amz-cf-pop: DUS51-C1
etag: "5257...184.2021090705"
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
cache-control: private
content-type: application/javascript
x-amz-cf-id: ek9NVLfBKJqQw7Scw4iwqZgf1M0WLJQ0azAw3XQxrz3_sy8gn8pxLQ==

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 15ms
15ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=2118906020&t=pageview&_s=1&dl=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data&ul=en-us&de=UTF-8&dt=%27Windows%2011%20Alpha%27%20malware%20attack%20tried%20to%20trick%20people%20out%20of%20financial%20data%20%7C%20Windows%20Central&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACAIhBAAAAC~&jid=1374106399&gjid=1092335269&cid=707554222.1630992127&tid=UA-4245582-4&_gid=104715719.1630992127&_r=1&_slc=1&cd1=full&cd2=News&cd3=true&cd4=C%3Aarticle%2CS%3Astandard%2CB%3Aaside%2CB%3Aw400&cd6=news%2Cwindows&cd7=windows%2011&cd8=0&cd9=87480&cd10=242&z=1477112058

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/googleanalytics/analytics.js?qz1gc2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Sep 2021 05:22:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.windowscentral.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
90 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-1058506-1&cid=707554222.1630992127&jid=853407881&gjid=1652009053&_gid=104715719.1630992127&_u=aGBAAAIgAAAAAC~&z=475772570

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/googleanalytics/analytics.js?qz1gc2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 07 Sep 2021 05:22:06 GMT
content-type: text/plain
access-control-allow-origin: https://www.windowscentral.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-4245582-4&cid=707554222.1630992127&jid=1374106399&gjid=1092335269&_gid=104715719.1630992127&_u=aGDACAIhBAAAAC~&z=1944832197

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/googleanalytics/analytics.js?qz1gc2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 07 Sep 2021 05:22:06 GMT
content-type: text/plain
access-control-allow-origin: https://www.windowscentral.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config Show response
sommelier.futurehybrid.tech/ 5 KB
1 KB 183ms
53ms Fetch
application/json 18.203.163.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sommelier.futurehybrid.tech/config?r=501&tpl=normal&l=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data

Requested by

Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.203.163.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-163-22.eu-west-1.compute.amazonaws.com

Software

nginx/1.19.0 /

Resource Hash

86d463797a8c78b68c4618ed44cd03547ae3de7f2e829c58d5fbf238817b167a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 07 Sep 2021 05:22:07 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: nginx/1.19.0
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json

GET
H2 200 load.js Show response
widget.perfectmarket.com/mobilenations1-network/ 3 KB
2 KB 251ms
178ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/mobilenations1-network/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mobilenations1-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad1cd9c9fd8f0eb0c9e41a7683654a834d6da5e3ba132f70096b7929e79eb298

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: J4XuLknNLAuC7N4qV0D8ae6KQwP3.A6b
content-encoding: gzip
etag: "685ca634ee38daf89f4b9f310d082b34"
age: 230
x-cache: HIT, MISS
content-length: 1106
x-amz-id-2: SDPAes79qMu03luncqG8gp2wLCKtVBuFQNkzSj0nHY8U3R1QX/p4id3AHntBdDK/UZxJPmorb88=
x-served-by: cache-sna10730-LGB, cache-fra19165-FRA
last-modified: Thu, 28 Feb 2019 04:56:18 GMT
server: AmazonS3
x-timer: S1630992127.984370,VS0,VE145
date: Tue, 07 Sep 2021 05:22:07 GMT
vary: Accept-Encoding,,
x-amz-request-id: 5FKZF8PGRXEKXJBQ
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 0

GET
H2 200 impl.20210831-28-RELEASE.js Show response
cdn.taboola.com/libtrc/ 526 KB
117 KB 32ms
32ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210831-28-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mobilenations1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 6c805697ad6f0dd589a50e0d0b1f418182dad8e63c725e4f4425099257d2fd9a

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: GrMvJf.omZlgdSCNuWoBedSVUPWD8twc
content-encoding: br
etag: "8e842732afb568bbc724218820372aaa"
age: 27387
x-cache: HIT
content-length: 119293
x-amz-id-2: HXu/6hZ8c3/RIQzG6ea1yWdVgYvE9ibOWJQjKcIkN8m+e/aazqZ7nDPAh5UcQ9lvmsuLbxQQEMc=
x-served-by: cache-fra19137-FRA
last-modified: Thu, 02 Sep 2021 13:42:28 GMT
server: AmazonS3-br
x-timer: S1630992127.909868,VS0,VE0
date: Tue, 07 Sep 2021 05:22:06 GMT
vary: Accept-Encoding
x-amz-request-id: E0V8HRPHPWB5KVWC
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 55
x-cache-hits: 331

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
78 B 31ms
31ms Image
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=dup_place_2_ctrl
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1630992127.909949,VS0,VE0
x-served-by: cache-fra19137-FRA
x-cache: HIT
content-type: text/html
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2 200 mona.js Show response
search-api.fie.futurecdn.net/js/w/es6/ 356 KB
117 KB 72ms
21ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://search-api.fie.futurecdn.net/js/w/es6/mona.js

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c21db3ee5cbd8888a36b551b69e6396fe2273800685b97b747670e8b32e879a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Origin: https://www.windowscentral.com
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
content-encoding: gzip
x-hawk-country
xkey: asset-type-fie-widgets
age: 1171
x-ftr-backend-server: fievarnishprodwhite
x-hawk-area: DK
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
content-length: 119575
x-ftr-expires: Tue, 07 Sep 2021 05:22:35 GMT
x-ftr-balancer: hawk-proxy-185-113-25-36
x-cache: MISS, HIT
x-ftr-request-id: 00000000:F276_00000000:01BB_6136F278_29DFBEB:7675
last-modified: Mon, 06 Sep 2021 11:05:18 GMT
x-timer: S1630992127.976804,VS0,VE1
etag: "6135f5ee-58f46"
x-served-by: cache-lon11628-LON, cache-cph20632-CPH
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges: bytes
access-control-allow-origin: *
x-cache-hits: 0, 1

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=2118906020&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data&ul=en-us&de=UTF-8&dt=%27Windows%2011%20Alpha%27%20malware%20attack%20tried%20to%20trick%20people%20out%20of%20financial%20data%20%7C%20Windows%20Central&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AlertBar&ea=View&el=www.windowscentral&_u=aGDACAIhBAAAAC~&jid=&gjid=&cid=707554222.1630992127&tid=UA-1058506-1&_gid=104715719.1630992127&cd1=full&cd2=default&cd3=true&cd4=C%3Aarticle%2CS%3Astandard%2CB%3Aaside%2CB%3Aw400&cd12=news%2Cwindows&cd13=windows%2011&cd14=87480&z=1388171198

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Sep 2021 10:24:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 68243
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.dk/adsid/ 107 B
853 B 50ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.dk/adsid/integrator.js?domain=www.windowscentral.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/static/glade.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Sep 2021 05:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.windowscentral.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/static/glade.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Sep 2021 05:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 p.js Show response
cdn.parsely.com/keys/windowscentral.com/ 47 KB
18 KB 112ms
41ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/windowscentral.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5193e47e28655d2fc5b3dfc953deb76a214496204d95866998ddcd24f1700544

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: public
date: Mon, 06 Sep 2021 13:06:35 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 17:08:16 GMT
server: nginx
age: 58540
etag: W/"603d1f80-bd33"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: FD5_GSut_DWVq2fMIUhZrtNayqaHcfvYOsd0M3wN9hKRr3zqUSWNKg==
expires: Tue, 07 Sep 2021 13:06:27 GMT

GET
H2 200 logo-future.png
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 938 B
1 KB 19ms
18ms Image
image/webp 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/logo-future.png
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b4c22fb31bd965bc428138e49e4771d006b018b88237f9900ab3d35b2b5ad6b

Request headers

:path: /sites/all/themes/mbn2_twig/assets/images/logo-future.png
pragma: no-cache
cookie: has_js=1; _ga=GA1.2.707554222.1630992127; _gid=GA1.2.104715719.1630992127; _gat=1; _gat_global=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.windowscentral.com
referer: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
cf-cache-status: HIT
age: 131261
cf-polished: origFmt=png, origSize=2774
content-disposition: inline; filename="logo-future.webp"
content-length: 938
last-modified: Tue, 17 Aug 2021 18:51:31 GMT
server: cloudflare
etag: "611c0533-ad6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 06 Oct 2021 16:54:25 GMT
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 68ad7f597fc42c56-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 fa-brands-400.woff2
www.windowscentral.com/sites/all/fonts/fontawesome-min/ 3 KB
3 KB 18ms
17ms Font
application/octet-stream 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/all/fonts/fontawesome-min/fa-brands-400.woff2
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ee7c770102f566fd1b43746cb510d4beeac6838428d8e73c108ad34a942e62

Request headers

sec-fetch-mode: cors
origin: https://www.windowscentral.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: has_js=1; _ga=GA1.2.707554222.1630992127; _gid=GA1.2.104715719.1630992127; _gat=1; _gat_global=1
:path: /sites/all/fonts/fontawesome-min/fa-brands-400.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.windowscentral.com
referer: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.windowscentral.com
Referer: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
cf-cache-status: HIT
last-modified: Tue, 17 Aug 2021 18:51:32 GMT
server: cloudflare
age: 1123555
etag: "611c0534-aa4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 68ad7f597fc52c56-FRA
content-length: 2724
expires: Sat, 25 Sep 2021 05:16:11 GMT

GET
H2 200 fa-light-300.woff2
www.windowscentral.com/sites/all/fonts/fontawesome-min/ 10 KB
11 KB 20ms
19ms Font
application/octet-stream 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/all/fonts/fontawesome-min/fa-light-300.woff2
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00f51b719a573dfa2938413394e4b37664f52cb517a443b422d3bb2d4b2c7586

Request headers

sec-fetch-mode: cors
origin: https://www.windowscentral.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: has_js=1; _ga=GA1.2.707554222.1630992127; _gid=GA1.2.104715719.1630992127; _gat=1; _gat_global=1
:path: /sites/all/fonts/fontawesome-min/fa-light-300.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.windowscentral.com
referer: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.windowscentral.com
Referer: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
cf-cache-status: HIT
last-modified: Tue, 17 Aug 2021 18:51:32 GMT
server: cloudflare
age: 1123555
etag: "611c0534-29b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 68ad7f597fc62c56-FRA
content-length: 10672
expires: Sat, 25 Sep 2021 05:16:11 GMT

GET
H2 200 fa-regular-400.woff2
www.windowscentral.com/sites/all/fonts/fontawesome-min/ 10 KB
10 KB 18ms
17ms Font
application/octet-stream 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/all/fonts/fontawesome-min/fa-regular-400.woff2
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1371d0f926a79debf9bb4be641ae6600ad41e6b27b6cc007f9ec30257160ed0

Request headers

sec-fetch-mode: cors
origin: https://www.windowscentral.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: has_js=1; _ga=GA1.2.707554222.1630992127; _gid=GA1.2.104715719.1630992127; _gat=1; _gat_global=1
:path: /sites/all/fonts/fontawesome-min/fa-regular-400.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.windowscentral.com
referer: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.windowscentral.com
Referer: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:06 GMT
cf-cache-status: HIT
last-modified: Tue, 17 Aug 2021 18:51:32 GMT
server: cloudflare
age: 1222781
etag: "611c0534-27e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 68ad7f597fc72c56-FRA
content-length: 10208
expires: Fri, 24 Sep 2021 01:42:24 GMT

GET
H3-29 200 extra_36.js Show response
securepubads.g.doubleclick.net/static/glade/ 7 KB
3 KB 98ms
46ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/glade/extra_36.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/static/glade.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

109367238429c8fc53a824c10ea641b995d4d126422b626019ded05a3fc5a854

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 21:52:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3044
x-xss-protection: 0
last-modified: Mon, 06 Aug 2018 15:21:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Sep 2022 21:52:00 GMT

GET
H2 200 translations.php Show response
search-api.fie.futurecdn.net/ 31 KB
11 KB 22ms
21ms Fetch
application/json 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://search-api.fie.futurecdn.net/translations.php?language=en-GB

Requested by

Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/mona.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2abf1d709b47d09b963e37eba1a35516972c4208157636616ea86c6aa4c112e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:07 GMT
content-encoding: gzip
x-hawk-country
age: 546
x-ftr-backend-server: fievarnishprodred
x-hawk-area: DK
x-ftr-dc: TC
x-ftr-realm: pip
x-ftr-backend: fie-api
x-ftr-cache-status: HIT
content-length: 10329
x-ftr-expires: Tue, 07 Sep 2021 05:33:00 GMT
x-ftr-balancer: hawkproxyprodred
x-cache: MISS, HIT
x-ftr-request-id: 00000000:2618_00000000:01BB_6136F4E3_2A635B5:280A
x-timer: S1630992127.078624,VS0,VE0
x-served-by: cache-lon4257-LON, cache-cph20632-CPH
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/json; charset=utf-8;
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
x-cache-hits: 0, 3

GET
H2 200 wp.min.css
search-api.fie.futurecdn.net/css/browser/ 5 KB
2 KB 61ms
20ms Stylesheet
text/css 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://search-api.fie.futurecdn.net/css/browser/wp.min.css

Requested by

Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/mona.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b110fd3d5570e27a9bc9d1258cdc1a5e4a06446705a0decea050096a4524ffe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:07 GMT
content-encoding: gzip
x-hawk-country
xkey: asset-type-fie-widgets
age: 1172
x-ftr-backend-server: fievarnishprodwhite
x-hawk-area: DK
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
content-length: 1619
x-ftr-expires: Tue, 07 Sep 2021 05:22:35 GMT
x-ftr-balancer: hawkproxyprodblue
x-cache: MISS, HIT
x-ftr-request-id: 00000000:0CB6_00000000:01BB_6136F2A6_839087:3BD5
last-modified: Mon, 06 Sep 2021 11:05:18 GMT
x-timer: S1630992127.124408,VS0,VE0
etag: "6135f5ee-1260"
x-served-by: cache-lon4261-LON, cache-cph20639-CPH
strict-transport-security: max-age=31557600
content-type: text/css
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges: bytes
access-control-allow-origin: *
x-cache-hits: 0, 2

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
258 B 480ms
120ms Image
image/gif 34.194.161.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1630992127080&plid=57583490&idsite=windowscentral.com&url=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data&sref=&sts=1630992127076&slts=0&title=%27Windows+11+Alpha%27+malware+attack+tried+to+trick+people+out+of+financial+data+%7C+Windows+Central&date=Tue+Sep+07+2021+07%3A22%3A07+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=43616199&u=pid%3D0a5e678f4caa40df4d271032709c9f0f
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-161-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 07 Sep 2021 05:22:07 GMT
Cache-Control: no-cache
Last-Modified: Tuesday, 07-Sep-2021 05:22:07 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 pmk-201901001.3.js Show response
widget.perfectmarket.com/mobilenations1-network/ 117 KB
32 KB 32ms
31ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/mobilenations1-network/pmk-201901001.3.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/mobilenations1-network/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b6fd7add250b3e434d5a9c18270214db91b8c87ad8550eb77aff2780fdd5ff

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: bfUibajn8Hr9uOSWwagmUKVBmPbHEKOs
content-encoding: gzip
etag: "42798c9bd56143345cd9e74dcc5ac1b9"
age: 1629440
x-cache: HIT, HIT
content-length: 32077
x-amz-id-2: DK5Vk3+BdsaxJVoHQWpwt0Uw18pE/Ifr483rXRjnt70C8wRRRsq9AnLuL9mlbXGQyk+7oto9Weo=
x-served-by: cache-lax10647-LGB, cache-fra19165-FRA
last-modified: Thu, 28 Feb 2019 04:56:18 GMT
server: AmazonS3
x-timer: S1630992127.161907,VS0,VE0
date: Tue, 07 Sep 2021 05:22:07 GMT
vary: Accept-Encoding,,
x-amz-request-id: 52G24C5NAAFDNATH
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 7, 4347

GET
H2 200 rules-p-ebutdjFEkjMk-.js Show response
rules.quantcount.com/ 3 B
428 B 23ms
6ms Script
application/javascript 2600:9000:223c:7800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-ebutdjFEkjMk-.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:7800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 17:06:38 GMT
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
age: 44129
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 21:03:35 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: QcTiMyDgocICfOfal114iT3j9gFyJxw_BqiVAJ8-WFy4LqMAHr3M1g==

GET
H2 200 rules-p-8bC03lZwjgqy2.js Show response
rules.quantcount.com/ 3 B
427 B 23ms
7ms Script
application/javascript 2600:9000:223c:7800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-8bC03lZwjgqy2.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:7800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 17:06:38 GMT
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
age: 44129
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:13:13 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: i28mz3-Y7zkcSm3HO91FlfusQmbGZrf9JdqN1w3iiQhU2vSb3CNTng==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 106ms
35ms Script
application/javascript 13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/mobilenations1-network/pmk-201901001.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 06:25:18 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 113008
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: VQiW2P2I13BeR6qEYvRAC7KdbFrgVOG2qUzCVI_gkr7NkQOYqmZ5UQ==

GET
H2

200

rt=ifr Show response
bcp.crwdcntrl.net/5/ct=y/c=12464/rand=957838635/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/ Frame F146
Redirect Chain

https://bcp.crwdcntrl.net/5/c=12464/rand=957838635/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr
https://bcp.crwdcntrl.net/5/ct=y/c=12464/rand=957838635/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr

1 KB
2 KB

85ms
85ms

Document
text/html

52.209.129.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=12464/rand=957838635/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/12464/cc.js?ns=_cc12464
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 004baae7fe756e4777406e6492096e7304762dfbae57611af2f754004dbbe942

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /5/ct=y/c=12464/rand=957838635/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.windowscentral.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _cc_cc=ctst
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.windowscentral.com/

Response headers

date: Tue, 07 Sep 2021 05:22:07 GMT
content-type: text/html;charset=utf-8
content-length: 1129
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.23.84
set-cookie: _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 04-Jun-2022 05:06:00 GMT;SameSite=None;Secure _cc_id=3edb2a9eaf0f899d84c85bfa75ddb8fb;Path=/;Domain=crwdcntrl.net;Expires=Sat, 04-Jun-2022 05:06:00 GMT;SameSite=None;Secure _cc_cc="ACZ4XmNQME5NSTJKtExNTDNIs7C0TLEwSbYwTUpLNDdNSUmySEtiAIJEs2%2F%2FQTQEcF%2Fft16CcUMiw39GRoZ3S%2BawwNjnjh5ihrGvnFeHMXfvuywAYz%2F8YgljHl6M0Nk5%2BaQWTPz4pilwE1esf8oNE3%2BGpB4AR%2BU7Lg%3D%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 04-Jun-2022 05:06:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4XmNgYGBINPv2H0hBABMDA9cMEJP1sDCQBABNqAQM";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 04-Jun-2022 05:06:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)

Redirect headers

date: Tue, 07 Sep 2021 05:22:07 GMT
content-length: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=12464/rand=957838635/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.7.232
set-cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
server: Jetty(9.4.38.v20210224)

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F146 70 B
265 B 183ms
80ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=12464/rand=957838635/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Sep 2021 05:22:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame F146
Redirect Chain

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=7ba36136-f6ff-4600-97b0-c619baf8ac35

49 B
264 B

53ms
52ms

Image
image/gif

52.209.129.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=7ba36136-f6ff-4600-97b0-c619baf8ac35
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=12464/rand=957838635/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Sep 2021 05:22:08 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.10.93
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Date: Tue, 07 Sep 2021 05:22:07 GMT
Server: MT3 3905 f19d76c master zrh-pixel-x2
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=7ba36136-f6ff-4600-97b0-c619baf8ac35
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 07 Sep 2021 05:22:06 GMT

GET
H2

200

tpid=YTb3AAAEkZMeDgA4&_test=YTb3AAAEkZMeDgA4
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame F146
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YTb3AAAEkZMeDgA4
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YTb3AAAEkZMeDgA4&_test=YTb3AAAEkZMeDgA4

49 B
264 B

52ms
52ms

Image
image/gif

52.209.129.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YTb3AAAEkZMeDgA4&_test=YTb3AAAEkZMeDgA4
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=12464/rand=957838635/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Sep 2021 05:22:08 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.23.84
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 07 Sep 2021 05:22:08 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1630992128.088031,VS0,VE0
x-served-by: cache-fra19121-FRA
x-cache: HIT
location: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YTb3AAAEkZMeDgA4&_test=YTb3AAAEkZMeDgA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F146
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=M2VkYjJhOWVhZjBmODk5ZDg0Yzg1YmZhNzVkZGI4ZmI
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=M2VkYjJhOWVhZjBmODk5ZDg0Yzg1YmZhNzVkZGI4ZmI&google_tc=

170 B
188 B

53ms
53ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=M2VkYjJhOWVhZjBmODk5ZDg0Yzg1YmZhNzVkZGI4ZmI&google_tc=

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=12464/rand=957838635/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Sep 2021 05:22:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Sep 2021 05:22:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=M2VkYjJhOWVhZjBmODk5ZDg0Yzg1YmZhNzVkZGI4ZmI&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

tpid=77220942461845690612775504718985767057
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame F146
Redirect Chain

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=3edb2a9eaf0f899d84c85bfa75ddb8fb&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=3edb2a9eaf0f899d84c85bfa75ddb8fb&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=77220942461845690612775504718985767057

49 B
265 B

53ms
53ms

Image
image/gif

52.209.129.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=77220942461845690612775504718985767057
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=12464/rand=957838635/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Sep 2021 05:22:08 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.18.105
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

DCS: dcs-prod-irl1-1-v015-03d4af42b.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: zGB0XuqDQDU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=77220942461845690612775504718985767057
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame F146
Redirect Chain

https://id5-sync.com/s/19/9.gif?puid=3edb2a9eaf0f899d84c85bfa75ddb8fb&gdpr=1
https://id5-sync.com/c/19/19/9/1.gif?puid=3edb2a9eaf0f899d84c85bfa75ddb8fb&gdpr=1&gdpr_consent=
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpui...
https://tags.bluekai.com/site/5907?limit=0&id=56848f5801e84fe42df509190a9a0919&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent=
https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOgCOp-J_9hO1nCp8PFQXi6P2LxSWrQwjpO8Ewjw/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_...
https://id5-sync.com/c/19/224/7/3.gif?puid=4436697092637524094&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOgCOp-J_9hO1nCp8PFQXi6P2...
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=M2VkYjJhOWVhZjBmODk5ZDg0Yzg1YmZhNzVkZGI4ZmI&google_redir={xENCODEDURL}&id5id=ID5-ZHMOgCOp-J_9hO1nCp8PFQXi6P2LxSWrQwjpO8Ewjw

170 B
188 B

45ms
44ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=M2VkYjJhOWVhZjBmODk5ZDg0Yzg1YmZhNzVkZGI4ZmI&google_redir={xENCODEDURL}&id5id=ID5-ZHMOgCOp-J_9hO1nCp8PFQXi6P2LxSWrQwjpO8Ewjw

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=12464/rand=957838635/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Sep 2021 05:22:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Sep 2021 05:22:08 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=M2VkYjJhOWVhZjBmODk5ZDg0Yzg1YmZhNzVkZGI4ZmI&google_redir={xENCODEDURL}&id5id=ID5-ZHMOgCOp-J_9hO1nCp8PFQXi6P2LxSWrQwjpO8Ewjw
cache-control: no-cache
x-server: 10.45.10.93
content-length: 0
expires: 0

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/10055482/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

35ms
34ms

Script
application/javascript

13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:14:47 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 442
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: NxH0_ZvDTeHM2b2G0jJhtFObCIeBW7mhHFMm0SZDezhicxNCO3GdqA==

Redirect headers

date: Tue, 07 Sep 2021 05:22:08 GMT
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-cs/default/beacon.js
content-length: 52
x-amz-cf-id: C8TIPOE_LMCTaQW0sXV-A5eHLTYlHWqC1aZ480HLyYJNgA-shvSO8Q==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=10055482&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1630992128835&ns_c=UTF-8&c7=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tri...
https://sb.scorecardresearch.com/b2?c1=2&c2=10055482&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1630992128835&ns_c=UTF-8&c7=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tr...

64 B
331 B

37ms
36ms

Image
image/gif

13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=10055482&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1630992128835&ns_c=UTF-8&c7=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data&c8=%27Windows%2011%20Alpha%27%20malware%20attack%20tried%20to%20trick%20people%20out%20of%20financial%20data%20%7C%20Windows%20Central&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:08 GMT
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: unGGCvotapIX959-SW_YbwH_GfFvNmiHfwBDKm-dZkI8w1Z7kJN7TA==

Redirect headers

date: Tue, 07 Sep 2021 05:22:08 GMT
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=10055482&cs_cmp_nc=1&cs_it=b2&cv=3.8.0.210223&ns__t=1630992128835&ns_c=UTF-8&c7=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data&c8='Windows%2011%20Alpha'%20malware%20attack%20tried%20to%20trick%20people%20out%20of%20financial%20data%20%7C%20Windows%20Central&c9=
content-length: 389
x-amz-cf-id: mYIHMuhl9ZqCuzfuOZcvUm-WKWwd-xvMaCpCYu-T6rraOA_vVozcOg==

GET
H2 200 services Show response
g2.gumgum.com/zones/n6aekmb1/ 449 B
913 B 689ms
586ms XHR
application/json 34.251.173.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/zones/n6aekmb1/services?dp=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data&pu=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data&ogu=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data&rf=&r=3.85.2&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.85.2%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=9523&bf=51ffd23075d12ff79ac5f4d033dbe867546d4027&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1630992129461&to=-120&vpii=false&vph=1200&vpw=1600&gdprApplies=1
Requested by: Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3d6a2a6117e7951f736672bcdf62eaee4d7de1a1aadcb80df2aaee4be9c2cdc

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Sep 2021 05:22:10 GMT
content-encoding: gzip
server: nginx
etag: W/"095b8d5f97adfdb721f615e255ac6b348"
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.windowscentral.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8

GET
H2 200 new Show response
g2.gumgum.com/assets/ 140 B
482 B 66ms
65ms XHR
application/json 34.251.173.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/assets/new?assets=%7B%22v%22%3A%221.1%22%2C%22pv%22%3A%22fe1f90bb-f705-4651-8aa1-40cae3ca530e%22%2C%22r%22%3A%223.85.2%22%2C%22t%22%3A%22n6aekmb1%22%2C%22rf%22%3A%22%22%2C%22fs%22%3Afalse%2C%22ce%22%3Atrue%2C%22p%22%3A%22https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data%22%2C%22a%22%3A%5B%7B%22i%22%3A1%2C%22u%22%3A%22https%3A%2F%2Fwww.windowscentral.com%2Fsites%2Fwpcentral.com%2Ffiles%2Fstyles%2Flarge_wm_brw%2Fpublic%2Ffield%2Fimage%2F2021%2F04%2Fsurface-laptop-4-amd-2021-display.jpg%22%2C%22w%22%3A750%2C%22h%22%3A562%2C%22x%22%3A260%2C%22y%22%3A815%2C%22lt%22%3A%22none%22%2C%22af%22%3Afalse%2C%22prefetch%22%3Afalse%2C%22ia%22%3A%22Surface%20Laptop%204%20Amd%202021%20Display%22%7D%5D%2C%22ac%22%3A%7B%7D%2C%22vp%22%3A%7B%22ii%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A1200%7D%2C%22sc%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22d%22%3A1%7D%2C%22tr%22%3A0.4%2C%22ogu%22%3A%22https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data%22%7D&bf=51ffd23075d12ff79ac5f4d033dbe867546d4027&lt=1630992130280&to=-120&gdprApplies=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.85.2%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=9523
Requested by: Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 61cbfd2458df8acc437630b09ce25338e1932e62e2b9b9521e9edcb95dd97897

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Sep 2021 05:22:10 GMT
content-encoding: gzip
server: nginx
etag: W/"094da238a21d21d58e5c6133cee53063f"
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.windowscentral.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=8&c2=15039634&c3=9&c4=n6aekmb1&c7=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data&c8=%27Windows%20...
https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=9&c4=n6aekmb1&c7=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data&c8=%27Windows%2...

64 B
330 B

37ms
36ms

Image
image/gif

13.32.121.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=9&c4=n6aekmb1&c7=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data&c8=%27Windows%2011%20Alpha%27%20malware%20attack%20tried%20to%20trick%20people%20out%20of%20financial%20data%20%7C%20Windows%20Central&c9=&cv=2.0&cj=1&ns__t=1630992130267
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-72.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:10 GMT
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: CRG8ybvf6OP0pR0qH0j_YYJatdq4zabCgNXM_OGMhxhlRrwnjFChnA==

Redirect headers

date: Tue, 07 Sep 2021 05:22:10 GMT
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=9&c4=n6aekmb1&c7=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data&c8='Windows%2011%20Alpha'%20malware%20attack%20tried%20to%20trick%20people%20out%20of%20financial%20data%20%7C%20Windows%20Central&c9=&cv=2.0&cj=1&ns__t=1630992130267
content-length: 370
x-amz-cf-id: 76Ugc9zLRTddP-36dR2sCLBFxmSfA6kP9GtST7ALSKzEVM2lG9sgvA==

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame C133 24 KB
9 KB 40ms
39ms Script
application/javascript 91.228.74.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:10 GMT
content-encoding: gzip
etag: "lp772EpWKwf8Kq7YKMhbuw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Tue, 14 Sep 2021 05:22:10 GMT

GET
H2 200 rules-p-00TsOkvHvnsZU.js Show response
rules.quantcount.com/ Frame C133 3 B
427 B 7ms
6ms Script
application/javascript 2600:9000:223c:7800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-00TsOkvHvnsZU.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:7800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 22:42:42 GMT
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
age: 34138
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:30:30 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: -g8900HKn-1TQ62X65JjDxnixyCb9uaqYSI8qAlqJcCYfs96pb2_YQ==

GET

check
pixel.tapad.com/idsync/ex/push/
Redirect Chain

https://id5-sync.com/s/441/9.gif?puid=e_03aecfe7-1110-4152-8f05-f19f3a9e75f1&gdpr=1&gdpr_consent=
https://id5-sync.com/c/441/441/9/1.gif?puid=e_03aecfe7-1110-4152-8f05-f19f3a9e75f1&gdpr=1&gdpr_consent=
https://match.adsby.bidtheatre.com/usersync?cb=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F487%2F8%2F2.gif%3Fpuid%3D%7Buid%7D%26gdpr%3D1%26gdpr_consent%3D&gpdr_consent=&gdpr=1
https://id5-sync.com/c/441/487/8/2.gif?puid=ee0ab632-26a7-4069-80d5-cc4fc71fc10d&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOBxgX8u7kgjpOraSdsvhWnLfThoYGL_LR6i8tsQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOBxgX8u7kgjpOraSdsvhWnLfThoYGL_LR6i8tsQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fp...
https://id5-sync.com/cq/441/124/7/3.gif?puid=c6dca8de-fce9-4da6-a2bb-63449b18a9f6&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/441/146/6/4.gif?puid=4b97b8e4-718f-4cab-9847-2b84b408bb5b&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/441/19/5/5.gif?puid=3edb2a9eaf0f899d84c85bfa75ddb8fb&gdpr=1&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=3edb2a9eaf0f899d84c85bfa75ddb8fb&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F485%2F4%2F6.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gd...
https://id5-sync.com/c/441/485/4/6.gif?puid=57326283732412471205743738876508231195&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/441/101/3/7.gif?puid=96fbb58b-3382-478c-bb42-ca4f71e2fecd&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F2%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F2%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...

0
0

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 120ms
38ms Script
application/javascript 13.226.155.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-99.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 15:42:36 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 02 Jun 2021 17:38:57 GMT
Server: AmazonS3
Age: 308377
ETag: W/"51636de3ce868a2172f9e6996c2934e0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: NZJK4ta6BF7uUK_eN-cnFWB6gpx7N_LE9oFn_4Oga_6AvKHt0WrDbA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 70 KB
25 KB 71ms
70ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

ed2e3a62be83ddda79eb1312d3da002272b51c438c3e41db9590d8040f213bc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "980 / 690 of 1000 / last-modified: 1630707028"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24940
x-xss-protection: 0
expires: Tue, 07 Sep 2021 05:22:12 GMT

GET
H2 200 hybrid_id Show response
ads.servebom.com/ 43 B
360 B 218ms
138ms Fetch
application/json 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servebom.com/hybrid_id
Requested by: Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7e7bf11e67a5f6c2f014ee23b4641b0d744ee5f810e57059ae70914ceac36766

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://www.windowscentral.com
date: Tue, 07 Sep 2021 05:22:12 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 69
x-hw: 1630992132.cds164.fr8.hn,1630992132.cds125.fr8.sc,1630992132.cds125.fr8.p
content-type: application/json

GET
H3-29 200 pubads_impl_2021083101.js Show response
securepubads.g.doubleclick.net/gpt/ 333 KB
116 KB 54ms
53ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

821bdc4f69b0d71c8ee65e9e97c232e0a127004991b92133da9019dbe8f90047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Aug 2021 08:39:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119248
x-xss-protection: 0
expires: Tue, 07 Sep 2021 05:22:12 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 81 B
104 B 110ms
54ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.windowscentral.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

fc286ad100c4e5e3675e79a3635c1e67622443530e7ae358aecb7c72c86cab2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Sep 2021 05:22:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79
x-xss-protection: 0
expires: Tue, 07 Sep 2021 05:22:12 GMT

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 1 KB
1 KB 155ms
57ms XHR
application/json 52.19.214.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=923193&slot=%7Bid:bordeaux-preemptive-ad-0,ss:%5B728.90,970.66,970.90,970.250,980.120%5D,p:/10518929/tmnp.WPCentral/article_infinitescroll_haas,t:display%7D&slot=%7Bid:bordeaux-preemptive-ad-1,ss:%5B300.250,300.600,300.1050%5D,p:/10518929/tmnp.WPCentral/article_infinitescroll_haas,t:display%7D&slot=%7Bid:bordeaux-preemptive-ad-2,ss:%5B1.1,728.90,970.90%5D,p:/10518929/tmnp.WPCentral/article_infinitescroll_haas,t:display%7D&slot=%7Bid:bordeaux-preemptive-ad-3,ss:%5B1.1%5D,p:/10518929/tmnp.WPCentral/article_infinitescroll_haas,t:display%7D&slot=%7Bid:bordeaux-preemptive-ad-4,ss:%5B970.250,728.90,970.66,970.90,980.120%5D,p:/10518929/tmnp.WPCentral/article_infinitescroll_haas,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=2307f96a-d94f-b484-bbd9-8bdacb886130&url=https%253A%252F%252Fwww.windowscentral.com%252Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.214.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-214-88.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: da6e97e612ecd118b3aa6a8f0d73dd574c4c64c9d073c84321536cc9a41d5069

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:12 GMT
x-server-name: app10.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.windowscentral.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 json Show response
trc.taboola.com/mobilenations1-windowcentral/trc/3/ 17 KB
6 KB 455ms
454ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/mobilenations1-windowcentral/trc/3/json?tim=07%3A22%3A13.433&lti=dup_place_2_ctrl&data=%7B%22id%22%3A222%2C%22ii%22%3A%22%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1630573113455%2C%22vi%22%3A1630992133431%2C%22cv%22%3A%2220210831-28-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22pev%22%3A5863%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22%22%2C%22gwto%22%3Atrue%2C%22ccpa_ps%22%3A%221YYY%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4924%2C%22nsid%22%3A%22mobilenations1-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-d%3Apub%3Dmobilenations1-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20article%204x2%22%2C%22orig_uip%22%3A%22Below%20article%204x2%22%2C%22cd%22%3A3847.734375%2C%22mw%22%3A1080%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22dup_place_2_ctrl%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210831-28-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e8d6a813d5b6618c59922a3165fb0102918b7ca7f8e892f78abdb4afd6af55b4

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 421
date: Tue, 07 Sep 2021 05:22:13 GMT
content-encoding: gzip
server: nginx
x-timer: S1630992133.460985,VS0,VE421
x-served-by: cache-fra19137-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.windowscentral.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 19 KB
6 KB 52ms
52ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210831-28-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: A4C5uzAVxH2Ztj3AaZnQWTHahT65Jp9O
content-encoding: gzip
etag: "7a6ef5412d45e94af6813e18c060355d"
age: 26342
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5990
x-amz-id-2: 5MobSlc+iIpZcIvvqKj/kIaKd9zK/zHejUaSlk6O46g6IuLOoQUG1y7EPVZt4Nk4Bg5d+sG47tY=
x-served-by: cache-fra19137-FRA
last-modified: Tue, 06 Jul 2021 14:02:32 GMT
server: AmazonS3
x-timer: S1630992134.935157,VS0,VE0
date: Tue, 07 Sep 2021 05:22:13 GMT
vary: Accept-Encoding
x-amz-request-id: KQE2YD0951MP799B
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 55
x-cache-hits: 61189

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
1015 B 52ms
52ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210831-28-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding: gzip
etag: "10c372ee2c83a7fd12df18aebc5320c6"
age: 18399
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 719
x-amz-id-2: A8pOn0vHP2AZTFPKUH/E/XQ0BnACpoDi2Cn8umalQjLdBaCQMU0fH3eIPGkBpOFXLrfZ+JH/G5w=
x-served-by: cache-fra19137-FRA
last-modified: Tue, 06 Apr 2021 14:48:01 GMT
server: AmazonS3
x-timer: S1630992134.935293,VS0,VE0
date: Tue, 07 Sep 2021 05:22:13 GMT
vary: Accept-Encoding
x-amz-request-id: H26RXF80K5Y33KYT
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 55
x-cache-hits: 41971

GET
H2 200 tfa-eid.20210831-28-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 14 KB
5 KB 51ms
50ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210831-28-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mobilenations1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e8477252f95be484cb4870fa2a388257fc02f488bf5da024f6229a261af4b42

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: FEwij8B1whPgYzcgVqc.54pG1t7zPWyX
content-encoding: gzip
etag: "55d010c8eb4244f9293a5f74b90d3927"
age: 47
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5063
x-amz-id-2: kCLklv+ZXG22HbfOYd/PgODeV12UYbNS5eKd4XILG+E7LfKZTqZONEUa63jsOZYpK8C2pfa2h3o=
x-served-by: cache-fra19137-FRA
last-modified: Thu, 02 Sep 2021 13:43:16 GMT
server: AmazonS3
x-timer: S1630992134.935437,VS0,VE0
date: Tue, 07 Sep 2021 05:22:13 GMT
vary: Accept-Encoding
x-amz-request-id: 8ACM0ZT9DQ3NRG2A
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 55
x-cache-hits: 3

GET
H2 200 sha256.20210831-28-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 50ms
50ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210831-28-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mobilenations1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46bcbe8294372d8156a636383c3c18815d16604ba26c516ec54fa608af072f52

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: Fw31UB_7x7iPrXdf30g2L_daN12RxO5q
content-encoding: gzip
etag: "5817e191e263b37ca8cfb218da0a3abe"
age: 46
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2590
x-amz-id-2: 0ovKbCU1f+POzQ2vEBnkPYKeYxEuf0Z/7mF0+0PqqduNTnwOF2D6BtM32W3vL9dZnLRxGh/W0X0=
x-served-by: cache-fra19137-FRA
last-modified: Thu, 02 Sep 2021 13:43:02 GMT
server: AmazonS3
x-timer: S1630992134.935624,VS0,VE0
date: Tue, 07 Sep 2021 05:22:13 GMT
vary: Accept-Encoding
x-amz-request-id: 8ACS6P2KWZVB1A64
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 55
x-cache-hits: 3

GET
H2 200 wc-logo-color.svg
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 5 KB
2 KB 27ms
27ms Image
image/svg+xml 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577c6dfe3ebcb5435b28de78f9112774f8910e67e889aad87895daf6cd1a9f44

Request headers

:path: /sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
pragma: no-cache
cookie: _dlt=1; h_id=57721C6F064D4970AAA56BBBE96D3F6A; trc_cookie_storage=mobilenations1-windowcentral%253Asession-data%3Dv2_66190014733a20fb77fe4c74cc27b69d_f22992e5-d77d-46dd-9097-35c4f8e52498-tuct8307c85_1630992133_1630992133_CNawjgYQ5I1DGLfa0_W7LyABKAEwOjj5twhAoIoQSImC2QNQxtkMWABgAGj9wYbU7pDul8cBcAA%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522mobilenations1-windowcentral%253Asession-data%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Auser-id%3Df22992e5-d77d-46dd-9097-35c4f8e52498-tuct8307c85
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.windowscentral.com
referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 17 Aug 2021 18:51:31 GMT
server: cloudflare
age: 1123490
etag: W/"611c0533-121f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 68ad7f84f9412c56-FRA
expires: Sat, 25 Sep 2021 05:17:23 GMT

GET
H2 200 userx.20210831-28-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
5 KB 32ms
32ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210831-28-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mobilenations1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8adc61c995ad23e9aaf8ef8d53876416dce35695ac81c7fd96eb44969de564ef

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: A3HP.IYQg7gKYCS_mt0_cdzZRctXjOKz
content-encoding: gzip
etag: "26d398c0f25751ff3bf6790734c9f0a5"
age: 86
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5342
x-amz-id-2: yXFZh1km84Lv0ItU8JJ+DxhvtD+qhAjdgPIL7QUaYHTR5ohsUHB9lJb6N1JVGQvSgpjriwtLil8=
x-served-by: cache-fra19137-FRA
last-modified: Thu, 02 Sep 2021 13:43:21 GMT
server: AmazonS3
x-timer: S1630992134.941553,VS0,VE1
date: Tue, 07 Sep 2021 05:22:13 GMT
vary: Accept-Encoding
x-amz-request-id: 2AEGEPY2P3M5JB9Z
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 55
x-cache-hits: 1

GET
H2 204 social
il-trc-events.taboola.com/mobilenations1-windowcentral/log/3/ 0
231 B 291ms
91ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/mobilenations1-windowcentral/log/3/social?route=AM:IL:V&lti=dup_place_2_ctrl&ri=0f3ec845a14926b5b8fcc178723a5aa1&sd=v2_66190014733a20fb77fe4c74cc27b69d_f22992e5-d77d-46dd-9097-35c4f8e52498-tuct8307c85_1630992133_1630992133_CNawjgYQ5I1DGLfa0_W7LyABKAEwOjj5twhAoIoQSImC2QNQxtkMWABgAGj9wYbU7pDul8cBcAA&ui=f22992e5-d77d-46dd-9097-35c4f8e52498-tuct8307c85&pi=/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data&wi=-8114623762405617188&pt=text&vi=1630992133431&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22%27Windows%2011%20Alpha%27%20malware%20attack%20tried%20to%20trick%20people%20out%20of%20financial%20data%22%2C%22sec%22%3A%22News%22%2C%22aut%22%3A%5B%22Sean%20Endicott%22%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.windowscentral.com%2Fsites%2Fwpcentral.com%2Ffiles%2Fstyles%2Flarge%2Fpublic%2Ffield%2Fimage%2F2021%2F04%2Fsurface-laptop-4-amd-2021-display.jpg%22%2C%22v%22%3A15%2C%22ui%22%3A%22%22%2C%22ut%22%3A%22%22%2C%22pw%22%3A%22%22%7D%5D%7D&tim=07%3A22%3A13.926&id=7866&llvl=1&cv=20210831-28-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 07 Sep 2021 05:22:14 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 integrator.js Show response
adservice.google.dk/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.dk/adsid/integrator.js?domain=www.windowscentral.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Sep 2021 05:22:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.windowscentral.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Sep 2021 05:22:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 194 KB
22 KB 839ms
838ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3894403494113683&correlator=1438978660188524&output=ldjh&impl=fifs&eid=31061840%2C31062367%2C31062461%2C31062297&vrg=2021083101&ptt=17&rdp=1&gdpr=1&us_privacy=1YYY&sc=1&sfv=1-0-38&ecs=20210907&iu_parts=10518929%2Ctmnp.WPCentral%2Carticle_infinitescroll_haas&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x66%7C970x90%7C970x250%7C980x120%2C300x250%7C300x600%7C300x1050%2C1x1%7C728x90%7C970x90%2C1x1%2C970x250%7C728x90%7C970x66%7C970x90%7C980x120&ists=2&ppid=57721C6F064D4970AAA56BBBE96D3F6A&prev_scp=index_exchange_id%3Dtop-leaderboard%26adUnitName%3Dpre-top-leaderboard-980x250slot%26incremental%3Dno%26refresh%3Dno%26additional%3Dno%26lazyload%3Dno%26id%3D8e6a95ea-0f9b-11ec-8b7a-0634eb268b40%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%2C60%2C70%2C80%7Cindex_exchange_id%3Dtop-rectangle%26adUnitName%3Dpre-top-rectangle-300x1050slot%26incremental%3Dno%26refresh%3Dno%26additional%3Dno%26lazyload%3Dno%26id%3D8e6a95eb-0f9b-11ec-8b7a-0634eb268b40%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%2C60%7Cindex_exchange_id%3Danchored-leaderboard%26adUnitName%3Dpre-anchor-leaderboard-970x90slot%26incremental%3Dno%26refresh%3Dno%26additional%3Dno%26lazyload%3Dno%26id%3D8e6a95ec-0f9b-11ec-8b7a-0634eb268b40%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%2C60%7CadUnitName%3Dpre-NA-Skin-1x1slot%26incremental%3Dno%26refresh%3Dno%26additional%3Dno%26lazyload%3Dno%26id%3D8e6a95ed-0f9b-11ec-8b7a-0634eb268b40%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%2C60%7Cindex_exchange_id%3Dmiddle-leaderboard%26adUnitName%3Dpre-bottom-leaderboard-980x250slot%26incremental%3Dno%26refresh%3Dno%26additional%3Dno%26lazyload%3Dno%26id%3D8e6a95ee-0f9b-11ec-8b7a-0634eb268b40%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%2C60&eri=1&cust_params=site%3Dtmnp.WPCentral.com%26platform%3Dd%26section%3Ddefault%26site_contentid%3Dwp-87480%26category%3Dnews%252Cwindows%26pageid%3D87480%26content_id%3D87480%26tag%3Dwindows-11%26ctype%3DArticle%26stype%3DEdito%26url%3Dhttps%253A%252F%252Fwww.windowscentral.com%252Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data%26test%3DB%26screen%3Dlarge%26h_id%3D57721C6F064D4970AAA56BBBE96D3F6A%26requestSource%3DGPT%26partner%3Dy%26experiment%3D242%26kwvt%3Dwindows%252Cnews%252Cwindows_11%26vplid%3DhtDlTybq%26kw%3Dwindows%252Cnews%252Cwindows_11%252Cwp-87480%26bordeauxLayout%3Dnone%26bordeauxFormat%3Dnone%26_plc%3D4%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_1506123_PG%252CIAS_1785_KW%252CIAS_2560_KW%252CIAS_7426_KW%252CIAS_7834_KW&cookie_enabled=1&bc=31&abxe=1&lmt=1630992133&dt=1630992133947&dlt=1630992126604&idt=5754&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C1040%2C436%2C-12245933%2C315&adys=266%2C1216%2C1110%2C-12245933%2C4658&adks=3035696426%2C2345831650%2C57523502%2C222398562%2C3189708624&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x-1%7C300x-1%7C1600x-1%7C0x0%7C980x-1&msz=728x-1%7C300x-1%7C1600x-1%7C0x0%7C970x-1&ga_vid=707554222.1630992127&ga_sid=1630992134&ga_hid=2118906020&ga_fc=false&fws=644%2C644%2C644%2C132%2C644&ohw=1110%2C1600%2C1600%2C1600%2C1110&btvi=0%7C1%7C0%7C-1%7C2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

90b32146e0c29a4214c87cbe61e8ea5be51e86c876d97a53a7ba29b44618d700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22213
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.windowscentral.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c094ed766426ca937c17df73db7df9f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2173 6 KB
3 KB 47ms
15ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c094ed766426ca937c17df73db7df9f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: c094ed766426ca937c17df73db7df9f7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.windowscentral.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.windowscentral.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 07 Sep 2021 05:22:14 GMT
expires: Wed, 07 Sep 2022 05:22:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 c47701d555fd706bf758fdfd01d2e9e5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 23 KB
24 KB 38ms
36ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c47701d555fd706bf758fdfd01d2e9e5.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 607ebfe90abe2b797070c07e2d26a584f1796ed461e1311dd99faf114b1e6c56

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 07 Sep 2021 05:22:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1918065
edge-cache-tag: 618653503928357698387680537238211073707,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 635
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c47701d555fd706bf758fdfd01d2e9e5.jpg
content-length: 23628
x-request-id: 310a0e5fe99624107f17b6bcdc518a5b
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Sat, 17 Jul 2021 04:24:55 GMT
server: nginx
x-timer: S1630992134.005647,VS0,VE1
etag: "8ff8cedecbdeb042a7fef4ddb3e6b839"
x-served-by: cache-wdc5533-WDC, cache-dca17727-DCA, cache-fra19137-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 f8b662a4a3625528f3f1cef6e65489ba.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 180ms
179ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f8b662a4a3625528f3f1cef6e65489ba.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ffa727ea5bc2ce8796b8818ba14cc324b6d04bc955234effabe3605f366fdfe1

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 147
date: Tue, 07 Sep 2021 05:22:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 533819
edge-cache-tag: 596249787224431680185216532794916017386,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 35
expiration: expiry-date="Wed, 01 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f8b662a4a3625528f3f1cef6e65489ba.png
content-length: 5524
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Sun, 01 Aug 2021 01:03:06 GMT
server: nginx
x-timer: S1630992134.005961,VS0,VE147
etag: "57be15c5a74595277f2e295f63c9ae84"
x-served-by: cache-wdc5561-WDC, cache-dca17737-DCA, cache-fra19137-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0

GET
H2 200 SEC_cursed_hugo_1000x600_a0edeaea2261028a8a5cd8570dbbaaa8.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/ 9 KB
10 KB 37ms
36ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/SEC_cursed_hugo_1000x600_a0edeaea2261028a8a5cd8570dbbaaa8.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 41f0386dc0c34999673c53b78e06aeb0e7887c4d1fea55dfb26044c6179e4ee9

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 07 Sep 2021 05:22:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 427922
edge-cache-tag: 355187867231002135023718601255832474909,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 146
expiration: expiry-date="Sun, 03 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/SEC_cursed_hugo_1000x600_a0edeaea2261028a8a5cd8570dbbaaa8.png
content-length: 9416
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Thu, 02 Sep 2021 04:37:24 GMT
server: nginx
x-timer: S1630992134.005795,VS0,VE1
etag: "098a60344ee480dc91edcbb1c19b725d"
x-served-by: cache-wdc5582-WDC, cache-dca17725-DCA, cache-fra19137-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 952e1ede-ae6b-4f43-887a-cffed74d192e_1000x600_337336718df5ac45f47696fe4e11d302.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/ 13 KB
14 KB 35ms
34ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/952e1ede-ae6b-4f43-887a-cffed74d192e_1000x600_337336718df5ac45f47696fe4e11d302.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 908a88ac400478303f1485648d7144d1d953bdd25e387c07ae3af981ea1993d5

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 07 Sep 2021 05:22:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 945148
edge-cache-tag: 327428157711562684053937880364683999489,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 37
expiration: expiry-date="Mon, 06 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/952e1ede-ae6b-4f43-887a-cffed74d192e_1000x600_337336718df5ac45f47696fe4e11d302.png
content-length: 13440
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Fri, 06 Aug 2021 09:03:19 GMT
server: nginx
x-timer: S1630992134.005509,VS0,VE1
etag: "99dc28ecd1116ad7ef22f4d34facdd95"
x-served-by: cache-wdc5583-WDC, cache-dca17783-DCA, cache-fra19137-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 8e4dd95879be16c55f50e29c8b7071db.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 37ms
36ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7dbacd8208f06d94bb2b4926f5cb690d6787477a4c3cf2fbdbf03298ddb35553

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 07 Sep 2021 05:22:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 3453995
edge-cache-tag: 322089413535885002890087190934422546620,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 40
expiration: expiry-date="Thu, 29 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
content-length: 14134
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Mon, 28 Jun 2021 18:04:08 GMT
server: nginx
x-timer: S1630992134.006080,VS0,VE1
etag: "e400b1487d8ac6c17f5173f9033ecf12"
x-served-by: cache-wdc5549-WDC, cache-dca12922-DCA, cache-fra19137-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 48dd5d57-7667-4840-b082-4e7e3d657941.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//umtij.com/content/ 16 KB
17 KB 41ms
41ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//umtij.com/content/48dd5d57-7667-4840-b082-4e7e3d657941.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1d1effe53367972c0b312a0fe53f48088fd6cfc07e93c257203df594be0f51b1

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 07 Sep 2021 05:22:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 3427796
edge-cache-tag: 328317663229815960297089485874153839642,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 40
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//umtij.com/content/48dd5d57-7667-4840-b082-4e7e3d657941.png
content-length: 16546
x-request-id: 808d4e64f20017ea3e6c7c6497fcfd97
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Sat, 17 Jul 2021 05:37:32 GMT
server: nginx
x-timer: S1630992134.006275,VS0,VE1
etag: "39f8c2a2fd08be182f75e51f29abe6a4"
x-served-by: cache-wdc5527-WDC, cache-dca17737-DCA, cache-fra19137-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 7eb2f456d4506461099acf6e50872077.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
15 KB 122ms
121ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7eb2f456d4506461099acf6e50872077.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 738e080489f59d8ed5e6c3a4c5d25c28342718e28aa951af93cbae63d1b27c06

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Tue, 07 Sep 2021 05:22:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 762248
edge-cache-tag: 581280944553056503072155417993332408554,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 40
x-cache: HIT, HIT, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7eb2f456d4506461099acf6e50872077.png
content-length: 14870
x-request-id: 367315abc03dd2988f24d555aa438097
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Fri, 13 Aug 2021 21:09:08 GMT
server: nginx
x-timer: S1630992134.039842,VS0,VE89
etag: "9fb42b38d592c5044f24babbf63f7bad"
x-served-by: cache-wdc5545-WDC, cache-dca17749-DCA, cache-fra19137-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0

GET
H2 200 0a505db6265bc664c7ded05a564e0e79.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 19 KB
19 KB 34ms
34ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0a505db6265bc664c7ded05a564e0e79.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 71d38d14c093babae9f6e8238a70bce018d448dbaf296e488d59464aaf174387

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 07 Sep 2021 05:22:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 670586
edge-cache-tag: 617281411697590765781567036959710068509,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 363
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0a505db6265bc664c7ded05a564e0e79.png
content-length: 18962
x-request-id: b4d97df93783dbd12658b47cce8f4be8
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified: Tue, 10 Aug 2021 13:17:25 GMT
server: nginx
x-timer: S1630992134.042959,VS0,VE1
etag: "81d6267802c1a3fdc76f4f4d1b022b68"
x-served-by: cache-wdc5566-WDC, cache-dca17771-DCA, cache-fra19137-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 204 abtests
trc.taboola.com/mobilenations1-windowcentral/log/3/ 0
269 B 89ms
89ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/mobilenations1-windowcentral/log/3/abtests?route=AM:IL:V&lti=dup_place_2_ctrl&ri=0f3ec845a14926b5b8fcc178723a5aa1&sd=v2_66190014733a20fb77fe4c74cc27b69d_f22992e5-d77d-46dd-9097-35c4f8e52498-tuct8307c85_1630992133_1630992133_CNawjgYQ5I1DGLfa0_W7LyABKAEwOjj5twhAoIoQSImC2QNQxtkMWABgAGj9wYbU7pDul8cBcAA&ui=f22992e5-d77d-46dd-9097-35c4f8e52498-tuct8307c85&pi=/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data&wi=-8114623762405617188&pt=text&vi=1630992133431&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22CTA_Title_Not_Black%22%2C%22type%22%3A%22%22%2C%22eventTime%22%3A1630992133999%7D&tim=07%3A22%3A13.999&id=1355&llvl=1&cv=20210831-28-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 57
pragma: no-cache
date: Tue, 07 Sep 2021 05:22:14 GMT
via: 1.1 varnish
server: nginx
x-timer: S1630992134.025920,VS0,VE57
x-served-by: cache-fra19137-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 wc-logo-color.svg
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 5 KB
2 KB 19ms
19ms Image
image/svg+xml 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577c6dfe3ebcb5435b28de78f9112774f8910e67e889aad87895daf6cd1a9f44

Request headers

:path: /sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
pragma: no-cache
cookie: _dlt=1; h_id=57721C6F064D4970AAA56BBBE96D3F6A; trc_cookie_storage=mobilenations1-windowcentral%253Asession-data%3Dv2_66190014733a20fb77fe4c74cc27b69d_f22992e5-d77d-46dd-9097-35c4f8e52498-tuct8307c85_1630992133_1630992133_CNawjgYQ5I1DGLfa0_W7LyABKAEwOjj5twhAoIoQSImC2QNQxtkMWABgAGj9wYbU7pDul8cBcAA%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522mobilenations1-windowcentral%253Asession-data%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Auser-id%3Df22992e5-d77d-46dd-9097-35c4f8e52498-tuct8307c85
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.windowscentral.com
referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 17 Aug 2021 18:51:31 GMT
server: cloudflare
age: 1123491
etag: W/"611c0533-121f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 68ad7f859a432c56-FRA
expires: Sat, 25 Sep 2021 05:17:23 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c47701d555fd706bf758fdfd01d2e9e5.jpg
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 607ebfe90abe2b797070c07e2d26a584f1796ed461e1311dd99faf114b1e6c56

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 07 Sep 2021 05:22:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 1918065
edge-cache-tag: 618653503928357698387680537238211073707,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 635
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c47701d555fd706bf758fdfd01d2e9e5.jpg
content-length: 23628
x-request-id: 310a0e5fe99624107f17b6bcdc518a5b
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Sat, 17 Jul 2021 04:24:55 GMT
server: nginx
x-timer: S1630992134.047105,VS0,VE0
etag: "8ff8cedecbdeb042a7fef4ddb3e6b839"
x-served-by: cache-wdc5533-WDC, cache-dca17727-DCA, cache-fra19137-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/952e1ede-ae6b-4f43-887a-cffed74d192e_1000x600_337336718df5ac45f47696fe4e11d302.png
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 908a88ac400478303f1485648d7144d1d953bdd25e387c07ae3af981ea1993d5

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 07 Sep 2021 05:22:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 945148
edge-cache-tag: 327428157711562684053937880364683999489,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 37
expiration: expiry-date="Mon, 06 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/952e1ede-ae6b-4f43-887a-cffed74d192e_1000x600_337336718df5ac45f47696fe4e11d302.png
content-length: 13440
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Fri, 06 Aug 2021 09:03:19 GMT
server: nginx
x-timer: S1630992134.047228,VS0,VE0
etag: "99dc28ecd1116ad7ef22f4d34facdd95"
x-served-by: cache-wdc5583-WDC, cache-dca17783-DCA, cache-fra19137-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/SEC_cursed_hugo_1000x600_a0edeaea2261028a8a5cd8570dbbaaa8.png
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 41f0386dc0c34999673c53b78e06aeb0e7887c4d1fea55dfb26044c6179e4ee9

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 07 Sep 2021 05:22:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 427922
edge-cache-tag: 355187867231002135023718601255832474909,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 146
expiration: expiry-date="Sun, 03 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/SEC_cursed_hugo_1000x600_a0edeaea2261028a8a5cd8570dbbaaa8.png
content-length: 9416
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified: Thu, 02 Sep 2021 04:37:24 GMT
server: nginx
x-timer: S1630992134.052457,VS0,VE0
etag: "098a60344ee480dc91edcbb1c19b725d"
x-served-by: cache-wdc5582-WDC, cache-dca17725-DCA, cache-fra19137-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 8e4dd95879be16c55f50e29c8b7071db.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
14 KB 32ms
32ms Image
image/webp 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7dbacd8208f06d94bb2b4926f5cb690d6787477a4c3cf2fbdbf03298ddb35553

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 07 Sep 2021 05:22:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 3453995
edge-cache-tag: 322089413535885002890087190934422546620,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 40
expiration: expiry-date="Thu, 29 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8e4dd95879be16c55f50e29c8b7071db.jpg
content-length: 14134
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Mon, 28 Jun 2021 18:04:08 GMT
server: nginx
x-timer: S1630992134.077518,VS0,VE0
etag: "e400b1487d8ac6c17f5173f9033ecf12"
x-served-by: cache-wdc5549-WDC, cache-dca12922-DCA, cache-fra19137-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//umtij.com/content/48dd5d57-7667-4840-b082-4e7e3d657941.png
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1d1effe53367972c0b312a0fe53f48088fd6cfc07e93c257203df594be0f51b1

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 07 Sep 2021 05:22:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 3427796
edge-cache-tag: 328317663229815960297089485874153839642,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 40
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//umtij.com/content/48dd5d57-7667-4840-b082-4e7e3d657941.png
content-length: 16546
x-request-id: 808d4e64f20017ea3e6c7c6497fcfd97
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Sat, 17 Jul 2021 05:37:32 GMT
server: nginx
x-timer: S1630992134.081588,VS0,VE0
etag: "39f8c2a2fd08be182f75e51f29abe6a4"
x-served-by: cache-wdc5527-WDC, cache-dca17737-DCA, cache-fra19137-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0a505db6265bc664c7ded05a564e0e79.png
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 71d38d14c093babae9f6e8238a70bce018d448dbaf296e488d59464aaf174387

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 07 Sep 2021 05:22:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 670586
edge-cache-tag: 617281411697590765781567036959710068509,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 363
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0a505db6265bc664c7ded05a564e0e79.png
content-length: 18962
x-request-id: b4d97df93783dbd12658b47cce8f4be8
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified: Tue, 10 Aug 2021 13:17:25 GMT
server: nginx
x-timer: S1630992134.085405,VS0,VE0
etag: "81d6267802c1a3fdc76f4f4d1b022b68"
x-served-by: cache-wdc5566-WDC, cache-dca17771-DCA, cache-fra19137-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7eb2f456d4506461099acf6e50872077.png
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 738e080489f59d8ed5e6c3a4c5d25c28342718e28aa951af93cbae63d1b27c06

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 07 Sep 2021 05:22:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 762248
edge-cache-tag: 581280944553056503072155417993332408554,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 40
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7eb2f456d4506461099acf6e50872077.png
content-length: 14870
x-request-id: 367315abc03dd2988f24d555aa438097
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Fri, 13 Aug 2021 21:09:08 GMT
server: nginx
x-timer: S1630992134.167924,VS0,VE0
etag: "9fb42b38d592c5044f24babbf63f7bad"
x-served-by: cache-wdc5545-WDC, cache-dca17749-DCA, cache-fra19137-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f8b662a4a3625528f3f1cef6e65489ba.png
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ffa727ea5bc2ce8796b8818ba14cc324b6d04bc955234effabe3605f366fdfe1

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 07 Sep 2021 05:22:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 533819
edge-cache-tag: 596249787224431680185216532794916017386,458574902931770092503625703561724709750,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 35
expiration: expiry-date="Wed, 01 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_320%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f8b662a4a3625528f3f1cef6e65489ba.png
content-length: 5524
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Sun, 01 Aug 2021 01:03:06 GMT
server: nginx
x-timer: S1630992134.186492,VS0,VE0
etag: "57be15c5a74595277f2e295f63c9ae84"
x-served-by: cache-wdc5561-WDC, cache-dca17737-DCA, cache-fra19137-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012108170213000/ Frame 8C00 188 KB
55 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 88430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55333
x-xss-protection: 0
server: sffe
date: Mon, 06 Sep 2021 04:48:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "55ff93a1040e5c38"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Sep 2022 04:48:24 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 8C00 13 KB
5 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 462138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4999
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b551ff8c0a78d7e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 8C00 89 KB
28 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 462138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28538
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "523ca413d5eb4bb0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 8C00 4 KB
2 KB 40ms
19ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 462138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a4d9605fb26cf0ce"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 8C00 40 KB
13 KB 40ms
20ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 89239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12821
x-xss-protection: 0
server: sffe
date: Mon, 06 Sep 2021 04:34:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bd81b3ba02634f28"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Sep 2022 04:34:55 GMT

GET
DATA 200
OK truncated
/ Frame 8C00 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41ff43eba63e61c2d00c334c71b1aa231fd850361f746e83821d150f5cb4d326

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 653892557362904743
tpc.googlesyndication.com/simgad/ Frame 8C00 26 KB
26 KB 178ms
177ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/653892557362904743?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnV3MudE2Y1ooM06JaZ1aOWTo5bDw

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f195f71325f8d315c43e850c499588d279bb5a2a94c0f5ed51ada48add5842a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Aug 2021 16:56:53 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26474
x-xss-protection: 0
expires: Wed, 07 Sep 2022 05:22:15 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8C00 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Sep 2021 06:43:04 GMT
x-content-type-options: nosniff
server: cafe
age: 81550
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 07 Sep 2021 06:43:04 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8C00 295 B
399 B 7ms
6ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Sep 2021 20:55:42 GMT
x-content-type-options: nosniff
server: cafe
age: 30392
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 07 Sep 2021 20:55:42 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8C00 0
0 59ms
58ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CtkAhBvc2YZjPA4SH7gO_tpvwB9i09fhk2_aly54Oqcrf-5EOEAEg5-WiGGDRgbmC0AegAZmO2eoCyAECqQKWgVNRCO-zPuACAKgDAcgDCKoErAJP0Cixp2EsPzpXwANCHrjw0ZN6zhPoFOcjtCGHBqfIpmyWtzUA3XUMW-3mDw0PKgfd60c8qED_tg4wj4aa0f52GI-zyS8XsUx2RP2rPbfrJXD-fdy41a7D1Aveq9NQ_kNHpSwaUFV6gq_ge49RqqYqPSLMkl366NEvf-I8XMM9k0hzhZdtAkmE0xdx1KXWFD_5p0csb15wgmoBNIirwqalv_5M1V2-ksLJUMlnJnDYl4eWtU7T2axZe5HNBoDOVR8aRRqeHO_Bqsf-BGI-wt1zeCEaqP644bW85YrY6to_svB4eilo7hQClpVds92nXfgFCHO4pxIrvm92HYy8dtz6CkgPYEWaApAhO3ox7IH6TkfqzZllpd2ZJPltlg7KNnpJmb_4Y-64zUPs5-fABOfs_cjOA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfc_KaVAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwHyBwQQn8sP0ggJCIjhgHAQARgdgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTU3ODc1OTI0ODM3NjY3NjAYgccU&sigh=z1B4QmIT5es
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 chronos
ads.servebom.com/ 0
0 135ms
134ms Fetch
text/plain 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servebom.com/chronos?marks={%22e.bordeaux.config.server%22:5808.300003051758,%22e.bordeaux.ads.requested%22:5827.400001525879,%22auctionStarted%22:5834.800003051758,%22rampStarted%22:5834.800003051758,%22auctionEnded%22:7366.099998474121,%22firstAdsRendered%22:8264.5,%22browser%22:%22chrome%22,%22browserVersion%22:%2292.0.4515%22,%22dateTime%22:1630992134828,%22operatingSystem%22:%22Linux%20x86_64%22,%22connection%22:%224g%22}&l=%20%20%20%20https%3A%2F%2Fwww.windowscentral.com%2Fwindows-11-alpha-malware-attack-tried-trick-people-out-financial-data%3Fp%3D86965%26r%3D64646&ex=|0|
Requested by: Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://www.windowscentral.com
date: Tue, 07 Sep 2021 05:22:14 GMT
access-control-allow-credentials: true
content-length: 0
x-hw: 1630992134.cds164.fr8.hn,1630992134.cds102.fr8.sc,1630992134.cds102.fr8.p
content-type: text/plain

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012108170213000/ Frame BC7A 188 KB
54 KB 23ms
9ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 88430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55333
x-xss-protection: 0
server: sffe
date: Mon, 06 Sep 2021 04:48:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "55ff93a1040e5c38"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Sep 2022 04:48:24 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame BC7A 13 KB
5 KB 40ms
26ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 462138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4999
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b551ff8c0a78d7e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame BC7A 89 KB
28 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 462138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28538
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "523ca413d5eb4bb0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame BC7A 4 KB
2 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 462138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a4d9605fb26cf0ce"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame BC7A 40 KB
13 KB 40ms
27ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 89239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12821
x-xss-protection: 0
server: sffe
date: Mon, 06 Sep 2021 04:34:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bd81b3ba02634f28"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Sep 2022 04:34:55 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BC7A 2 KB
2 KB 15ms
14ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Sep 2021 14:19:22 GMT
x-content-type-options: nosniff
server: cafe
age: 54172
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 07 Sep 2021 14:19:22 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BC7A 295 B
319 B 16ms
15ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Sep 2021 14:31:09 GMT
x-content-type-options: nosniff
server: cafe
age: 53465
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 07 Sep 2021 14:31:09 GMT

GET
DATA 200
OK truncated
/ Frame BC7A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5a630095fce2f472d59c533e843fbaa86c64d87b22f051113d202094980a3b0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012108170213000/ Frame EB33 188 KB
54 KB 20ms
12ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 88430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55333
x-xss-protection: 0
server: sffe
date: Mon, 06 Sep 2021 04:48:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "55ff93a1040e5c38"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Sep 2022 04:48:24 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame EB33 13 KB
5 KB 34ms
26ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 462138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4999
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b551ff8c0a78d7e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame EB33 89 KB
28 KB 31ms
23ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 462138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28538
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "523ca413d5eb4bb0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame EB33 4 KB
2 KB 34ms
26ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 462138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a4d9605fb26cf0ce"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame EB33 40 KB
13 KB 32ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 89239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12821
x-xss-protection: 0
server: sffe
date: Mon, 06 Sep 2021 04:34:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bd81b3ba02634f28"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Sep 2022 04:34:55 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EB33 2 KB
2 KB 10ms
10ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Sep 2021 14:19:22 GMT
x-content-type-options: nosniff
server: cafe
age: 54172
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 07 Sep 2021 14:19:22 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EB33 295 B
319 B 12ms
12ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Sep 2021 14:31:09 GMT
x-content-type-options: nosniff
server: cafe
age: 53465
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 07 Sep 2021 14:31:09 GMT

GET
DATA 200
OK truncated
/ Frame EB33 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ea49a0d240eda65d857f3da885c3f2aba3c731c0070ec4e0ca3108b19d830c4

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012108170213000/ Frame EC5D 188 KB
54 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 88430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55333
x-xss-protection: 0
server: sffe
date: Mon, 06 Sep 2021 04:48:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "55ff93a1040e5c38"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Sep 2022 04:48:24 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame EC5D 13 KB
5 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 462138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4999
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b551ff8c0a78d7e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame EC5D 89 KB
28 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 462138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28538
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "523ca413d5eb4bb0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame EC5D 4 KB
2 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 462138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a4d9605fb26cf0ce"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame EC5D 40 KB
13 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 89239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12821
x-xss-protection: 0
server: sffe
date: Mon, 06 Sep 2021 04:34:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bd81b3ba02634f28"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Sep 2022 04:34:55 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EC5D 2 KB
2 KB 9ms
7ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Sep 2021 14:19:22 GMT
x-content-type-options: nosniff
server: cafe
age: 54172
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 07 Sep 2021 14:19:22 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EC5D 295 B
319 B 10ms
7ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Sep 2021 14:31:09 GMT
x-content-type-options: nosniff
server: cafe
age: 53465
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 07 Sep 2021 14:31:09 GMT

GET
DATA 200
OK truncated
/ Frame EC5D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6e7d3fc25e0bb73ae633a39bf6ae8c24b3d54455cb88879c03ee1391ad2a544

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2934662094959926717/ Frame BC7A 10 KB
10 KB 35ms
28ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2934662094959926717/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQnAEYASABLQAAAD8wqgI4nAFFAACAPw&rs=AOga4qk8Nu6lPvqxIsMjlpzf_zrW3LhUeQ

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68f309cb44f7562a78cb296adad3797356558caf29679fb6fd5b0574db96b9d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Jun 2021 10:10:45 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10420
x-xss-protection: 0
expires: Wed, 07 Sep 2022 05:22:14 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4487156462089110791/ Frame BC7A 22 KB
22 KB 19ms
13ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4487156462089110791/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qmKpXqUGAES8H0AeVqHVmGgzp30Eg

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a4493982890029bf09da90f31d3ae72b007bfcd3259098f7d93673331455a37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 07:34:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Jun 2021 10:10:42 GMT
server: sffe
age: 164877
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22967
x-xss-protection: 0
expires: Mon, 05 Sep 2022 07:34:17 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BC7A 0
0 62ms
56ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C7PruBvc2YZnPA4SH7gO_tpvwB6vOnNljwPitjKEOyPDN7qsJEAEg5-WiGGDRgbmC0AegAcrg2qYByAEGqQI99lFeRHKFPuACAKgDAcgDCqoEtQJP0K2IDmlakKjLM1bGh042h2kHxkpRQ6X3G87ozpUneqVxwRXtL02aZxCwHuy06CQL1F5qEymFNrc-cEXygH47z3yyFVCccMEbVGP8orhrV35nCDX9S4UyyXmtfQLhNvrCkXkSmOYldR4GPRO23jBDfurR6c7btVFS-z2KsyFuDDlvRVCsEqZRH-tG9nHpPYj-Ny_SedN1ulxZ8f-IVEUt2gKMfcx-4L2PuxUyjG3G9c_EwvsBOxERT5NIdHMReDXpMBCHjk8NBaz7p4hYBHnfiMGQlV1SvE53tB5EbpjQNCWTfsXH0ojyE2AiXAy_avA8zk4-7PhZ_aDeUIdnWNe69C5ZGxLPUAa10a5Of-2eqgKDdXLkwrEGm7LlSTjuO50kwtmWFtjE61LZvV5PYjtF_9YoNBvABMGD5JvXA-AEAaAGN4AHnp-l2QKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcB8gcEEOHsFdIICQiI4YBwEAEYHYAKA8gLAdgTA9AVAYAXAbIXHgocCAASFHB1Yi01Nzg3NTkyNDgzNzY2NzYwGIHHFA&sigh=Uag1DBwHxUM&template_id=492
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame BC7A 0
0 32ms
26ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJ5wE_n5Qi6PbNTOZ_V4fYifXfCQ3W8L1LyPkMP0r-e3RohB_5lSnLVUkdwkGjIcG5ddqV
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6064444420188501247/ Frame EB33 6 KB
6 KB 33ms
27ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6064444420188501247/downsize_200k_v1?sqp=4sqPyQSUAUKRAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhgIpgEQVxgBIAEtAAAAPzCoAThXRQAAgD8&rs=AOga4qlnxKavBy7qIpsu8INRUSuxn3mmng

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2398cf4c047a0adb27b53f7ed28de2dfcb6b93d8cd8caa30c8a891d17947a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:14 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Jun 2021 09:25:30 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5779
x-xss-protection: 0
expires: Wed, 07 Sep 2022 05:22:14 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9273827415398539453/ Frame EB33 17 KB
17 KB 21ms
14ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9273827415398539453/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qnTxS63LpFCsjsLYKJOYdUIYo1EuQ

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e757618946ae7ce63c64d0acaffbdc1904457a60ec68759f684d77a6bbac81f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:20:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Jun 2021 08:51:06 GMT
server: sffe
age: 50522
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17108
x-xss-protection: 0
expires: Tue, 06 Sep 2022 15:20:12 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EB33 0
0 62ms
55ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ChtJbBvc2YZrPA4SH7gO_tpvwB8fK7uNj06eXirQO2tkeEAEg5-WiGGDRgbmC0AegAcK-ws4DyAEG4AIAqAMByAMKqgSuAk_QeNk9SPQLxhR7w5BUMs4dfZp-phzik-i1nuCkbeF7fn1vrLmQ1rwXNKrCG1dDecQb93GvxUzTtIpgVHa8N0HjQ3vUB9Wk680ibx_u7ULvMXkrBaa4xs5z2vOuoF9xD10IRJbbVbRUodOuV17dqQ6VhSoA060w7utt2rw6n6G29iih-DLr2Fc_q9D7hPUXgLofLBgb_sbjFEo4jtvz8ZweVV8nRLWUtaIigpRfsV19iPwcL-RJy-ykR4czD4tYHWbYOrCY_u0yF5Xam1XEuMJWkWbdVzdQgeAqXPQ-PiUNdVFTTyvepUyt50M07ZxpVhgVHxoXv9YsjqXsj1--7gusmyUQbp4bVNnmRVTLPUlEojQsBaGNeiF8HWrIRiY6O1ob9n08f5Zb-rgpaawPwAT4s8nE2gPgBAGSBQQIBBgBkgUECAUYBKAGN4AHpsG9MagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwHyBwQQs9MK0ggJCIjhgHAQARgdgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTU3ODc1OTI0ODM3NjY3NjAYgccU&sigh=xpV3Pw3YpGc&template_id=492
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 17693647013845003099
tpc.googlesyndication.com/simgad/ Frame EC5D 32 KB
32 KB 13ms
7ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17693647013845003099?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnbimRwDb4FVBdAMslOTyNqmKA0Xw

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0f2951fdfddd44e9803e424843d9ab187f32651aa0b374e6fd99f791d15f68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 15:28:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 14 Apr 2020 12:38:16 GMT
server: sffe
age: 50015
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33153
x-xss-protection: 0
expires: Tue, 06 Sep 2022 15:28:39 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame EC5D 0
0 30ms
22ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQt9_cDkCqPCAjDXsozyGLylmQouUPuOhv-a9P-iZgUPUo_zgCoBT2XngPzLekrYth4SjGA
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EC5D 0
0 65ms
57ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYhjtBvc2YZzPA4SH7gO_tpvwB9Lq_PNk2KWHhPENpOfy7ZUCEAEg5-WiGGDRgbmC0AegAZOZ1pUDyAECqQKEa1U-iD23PuACAKgDAcgDCKoEsQJP0OY9loPTMBM42hVEu6oXVCWxUCTqA-c22SuPhCQYLy0-F4X1bkh-7I-xlsRn--g4hL9BQQGciMqfP_9Oe0pMU5WICFKsaFIcq7t0J2CFRly1FeciIBSmYhPC8TdYIxPiW5fNNieL3la-EvEQPkJ06pjQNFH2qI3Fct10YC_ofmcBZWenc1CVBtgSG6eLj0_XwXn9z8pmxNr7H-t6ftcNkdEDuKiD3MQ8tB3-hRMmXBIKQzaQylqIpS1-lAs6WWNcj5gDh9UPiba0uDY3mERDGMdoBNOYDViqo1iq-dSzXOK-UDVt2_4dJokAEyAWY9DRbwCXN3NYCKDqeHjcqCjsHOw8Dhx_udZc9yv4UccXUipe6lta41-rubc8myuv5_-KO-GsBE8Gxfgny3V44DiUEMAEnL2N19QD4AQBkgUECAQYAZIFBAgFGASgBgKAB9XmqWqoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcB8gcEENPFCNIICQiI4YBwEAEYHYAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi01Nzg3NTkyNDgzNzY2NzYwGIHHFA&sigh=9CcuT85bsxs
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 20ms
19ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021083101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc127a72140487ebb3b37e5eeddd020505bee8f0223ddb41c340c570c7b57bd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Sep 2021 05:22:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8578
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 07 Sep 2021 05:22:14 GMT

GET
H2 200 wc-logo-color.svg
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 5 KB
2 KB 17ms
17ms Image
image/svg+xml 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577c6dfe3ebcb5435b28de78f9112774f8910e67e889aad87895daf6cd1a9f44

Request headers

:path: /sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
pragma: no-cache
cookie: __gads=ID=65002ccdd67579ea-22dc6a63f8c800b5:T=1630992134:S=ALNI_MaHE_LrpDJfxmOv4ilUDzCAb7Ki4A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.windowscentral.com
referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 17 Aug 2021 18:51:31 GMT
server: cloudflare
age: 1123491
etag: W/"611c0533-121f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 68ad7f8b6ac72c56-FRA
expires: Sat, 25 Sep 2021 05:17:23 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 8C00
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date: Tue, 07 Sep 2021 05:22:14 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame BC7A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

22ms
21ms

Image
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date: Tue, 07 Sep 2021 05:22:14 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

POST
H2 204 bulk Show response
trc.taboola.com/mobilenations1-windowcentral/log/3/ 0
310 B 94ms
94ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/mobilenations1-windowcentral/log/3/bulk?route=AM%3AIL%3AV&lti=dup_place_2_ctrl&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210831-28-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 60
pragma: no-cache
date: Tue, 07 Sep 2021 05:22:15 GMT
via: 1.1 varnish
server: nginx
x-timer: S1630992135.001132,VS0,VE60
x-served-by: cache-fra19137-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.windowscentral.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame EB33
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date: Tue, 07 Sep 2021 05:22:15 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame EC5D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date: Tue, 07 Sep 2021 05:22:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
706 B 32ms
31ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 20652
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: AqVbMloMCfD0JPGPMtYh8HqWku+mU3LCOyBV3RWZDsbuxPPBhmPoCHF3dszT2/Ka3TN0CVxRa9I=
x-served-by: cache-fra19137-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1630992135.063823,VS0,VE0
date: Tue, 07 Sep 2021 05:22:15 GMT
x-amz-request-id: E8X2YXVA73E9K5Z9
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 55
x-cache-hits: 2689

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame D3B7 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.windowscentral.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.windowscentral.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 07 Sep 2021 04:32:53 GMT
expires: Wed, 07 Sep 2022 04:32:53 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2962
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9727 783 B
533 B 16ms
15ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

061705a6dc85aff2b36d9d943a2364a39ed73c537e9f04aeae30a3a226558985

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gTy9EIFohQyhf4oKHtdmgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.windowscentral.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.windowscentral.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 07 Sep 2021 05:22:15 GMT
date: Tue, 07 Sep 2021 05:22:15 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-gTy9EIFohQyhf4oKHtdmgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 wc-logo-color.svg
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 5 KB
2 KB 18ms
18ms Image
image/svg+xml 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577c6dfe3ebcb5435b28de78f9112774f8910e67e889aad87895daf6cd1a9f44

Request headers

:path: /sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
pragma: no-cache
cookie: __gads=ID=65002ccdd67579ea-22dc6a63f8c800b5:T=1630992134:S=ALNI_MaHE_LrpDJfxmOv4ilUDzCAb7Ki4A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.windowscentral.com
referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 17 Aug 2021 18:51:31 GMT
server: cloudflare
age: 1123492
etag: W/"611c0533-121f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 68ad7f8c3bde2c56-FRA
expires: Sat, 25 Sep 2021 05:17:23 GMT

GET
H3-29 200 4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js Show response
pagead2.googlesyndication.com/bg/ Frame D3B7 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 05:01:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 346850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13264
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Sep 2022 05:01:25 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
60ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021083101&jk=3894403494113683&bg=!OTqlOn7NAAYJpm41CaY7ACkAdvg8WkcwLLS6-ZbC2zTD53OebaaQxG2aF4ZYyhZjctPIbiFcEoLiSAIAAABlUgAAAAxoAQcKAEBSs5xgF5M3g816yUYW2v7dGXZXBT6lg2CNiEQwOa9P1VN39-gcRxaGaX1j00gtyupkOoEhT5rOE3n-WB2DXhb7mQKCGtW3mVmG0AP7lqDJhip3shgkXbhUFzvuHtuUCiofwrMiBFTS8yHWeqRai05DD5_A5rzE1LBOZhEMU_rx_pG4AoFizwMHXKzZqUqptz9gg2BIWRI53ir2i6ULkap2OFzsDJSD8Wvx-eNgA-VeVZ2tX5LEJfizod09x0pe6p3fp-Sy2P5rQa65xuA1uOLdOoH5AI4u3LB9WHeTsPDNpx9Gg6VZo6PgWtZs3nlLJZc5PEojgh8mjX6izxw3CJLnzTse5ySJaS1xZsbHe-LnRnC-w4rqDnzvdR3bHFCTWejvb7pa_AZQB9M3t-NSHQe2XI2Sky6VcOMiRJrAo6Ed8tHFvMmev9PJUHaaSTh_V60IB-TijBdBEIWbl7L3o_Uzn2cX-S4mzFtiUrBXWYqfVtJ_hvzdyJtCR87eMeebnzVFluMs3b_phOeBaOj3v8juEGzv2zOQMMSum-p4bJ3CqWL0X7lSMOtnrwqOx7aNT65nI4oRMhKDoLzYt8vHwdl0qNzVPLlzTcRt8_DZkPMHH4l-Q0jTFfK_ZQZ-e4Vsm99K_ePQm792obz1PN8BJsBx9uuHh5lvbK3Bs66JUECiyRADf6yMBAL20QYYn7_DlcO6XNQTtV3kes692RytJFgcvkzUAwBJK7z_Re7KdF1-lOrqIu0rF8KVrRPR2M2iqsyl5iSIOKJgjOC6jPlvcVfUT-8mxRPuuygpFq3uueNPTKIKjWn4Aa8YYRr2RTEc5nSU1E8tUtgtywOpe7wyeDOejNasmYcBSDV156Z1Mw9zvA7r-frDjP8SKxq756JdaEFrrlrVb-3ZfJdw9k6Y9474UmMjOIDCC3dRPD6Qky_oxAQ78MM8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 wc-logo-color.svg
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 5 KB
2 KB 16ms
16ms Image
image/svg+xml 2606:4700::6812:bc37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bc37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577c6dfe3ebcb5435b28de78f9112774f8910e67e889aad87895daf6cd1a9f44

Request headers

:path: /sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
pragma: no-cache
cookie: __gads=ID=65002ccdd67579ea-22dc6a63f8c800b5:T=1630992134:S=ALNI_MaHE_LrpDJfxmOv4ilUDzCAb7Ki4A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.windowscentral.com
referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 05:22:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 17 Aug 2021 18:51:31 GMT
server: cloudflare
age: 1123492
etag: W/"611c0533-121f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 68ad7f8dae042c56-FRA
expires: Sat, 25 Sep 2021 05:17:23 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8C00 42 B
176 B 16ms
16ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstE855ygg6Cba7NNgwC1OJlHYvSWY-Vlp-oM8uc8nh_pDjw-f-uUTVlh-xlT9F3G90XO1GPChkVP8BToZ6b35t8Q-jI7zGOYD4e5CTCCy4KbWEdxIWA3jt-_B3hXQ&sai=AMfl-YTlqRkFvafLmkGgIjFyB9-zjoQ13p34XWt1tCXTSMBQ4cTNO8_9UlQ1--_I21Z9Qr-J_qzDsH_uK_7QRGbdPM8eS-TwekMzZwbPOXeCzbhSGaCycACWgUT_Hn91FaWC4FGW3XQK4wJCI9AXvPN90aE&sig=Cg0ArKJSzFkHkP08DQc8EAE&cid=CAASPeRoaODfdaE7igMCiLmAHfMealRio9v_z9p2aJiFVa_QUE8ALrJTGutqUiN8DxPznW3mA4tkGiIkQvwyEZs&id=ampim&o=315,174&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=172&tls=1172&g=100&h=100&tt=1172&r=v&avms=ampa&adk=3035696426

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Sep 2021 05:22:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame EB33 42 B
64 B 29ms
29ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuoyB2qAEr3JxC2QXdZ7X6qt6jBYej-h1-PD0yxGAD6IrqSLiefP9EAEe2sPHbG-dIHXfcKX8FQyHhJ6aS9MKRZFhLsDa9gcBA9yXQjAzNYTO2uDakztntFTqST-w&sai=AMfl-YSS0cubJ1F09UbQsULhWlOwqcTcBRKOEf9CvnymoyrujdMjRA0KjdbGSuk7fBwOTL_lYYurwIwDQ6lRWXY70B_pmxr6EBKeEAeyIfMfcKcIT4IiXirGo53yGPrMWGDO6TeMm8Fm66iho9_FhIuWXJ8&sig=Cg0ArKJSzDHiBnehN0idEAE&cid=CAASPeRoQ0l9sBbUszKv1TbEc__0ubtI8XJFs94hAQcfW_Xf52AGYWMAkPTGvfUUdYcLmjJQwtoECE_w4dYgQds&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=160&tls=1160&g=100&h=100&tt=1160&r=v&avms=ampa&adk=57523502

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Sep 2021 05:22:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pixel.tapad.com
URL: https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F2%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

242 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.windowscentral.com/	1970-01-19 21:03:13	Name: _tb_sess_r Value:
.windowscentral.com/	1970-01-20 06:32:36	Name: _parsely_visitor Value: {%22id%22:%22pid=0a5e678f4caa40df4d271032709c9f0f%22%2C%22session_count%22:1%2C%22last_session_ts%22:1630992127076}
.windowscentral.com/	1970-01-19 21:03:12	Name: _gat_global Value: 1
www.windowscentral.com/	1970-01-19 21:03:13	Name: _tb_t_ppg Value: https%3A//www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
.windowscentral.com/	1970-01-19 21:03:12	Name: _gat Value: 1
.windowscentral.com/	1970-01-19 21:03:13	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data%22%2C%22sref%22:%22%22%2C%22sts%22:1630992127076%2C%22slts%22:0}
.windowscentral.com/	1970-01-19 21:04:38	Name: _gid Value: GA1.2.104715719.1630992127
.windowscentral.com/	1969-12-31 23:59:59	Name: _dlt Value: 1
.windowscentral.com/	1970-01-20 14:34:24	Name: _ga Value: GA1.2.707554222.1630992127
www.windowscentral.com/	1969-12-31 23:59:59	Name: has_js Value: 1

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://quantcast.mgr.consensu.org/tcfv2/28/cmp2.js?referer=www.windowscentral.com(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://bordeaux.futurecdn.net/bordeaux.js(Line 1) Message: %c BORDEAUX background: #800020; color: #ffffff Error ignored because of sample rate
console-api	error	URL: https://bordeaux.futurecdn.net/bordeaux.js(Line 1) Message: %c BORDEAUX background: #800020; color: #ffffff Error: CMP __tcfapi timeout after 5000ms
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461(Line 6) Message: Exception in queued GPT command TypeError: Cannot read property 'mapping1' of undefined
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461(Line 6) Message: [GPT] Exception in googletag.cmd function: TypeError: Cannot read property 'mapping1' of undefined.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461(Line 6) Message: Exception in queued GPT command TypeError: Cannot read property 'mapping2' of undefined
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461(Line 6) Message: [GPT] Exception in googletag.cmd function: TypeError: Cannot read property 'mapping2' of undefined.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021083101.js?31062461(Line 6) Message: [GPT] Invalid arguments: PubAdsService.refresh([]).
console-api	info	URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2108170213000 https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
console-api	info	URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2108170213000 https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
console-api	info	URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2108170213000 https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data
console-api	info	URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2108170213000 https://www.windowscentral.com/windows-11-alpha-malware-attack-tried-trick-people-out-financial-data

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.servebom.com
adservice.google.com
adservice.google.dk
bcp.crwdcntrl.net
bordeaux.futurecdn.net
btloader.com
c094ed766426ca937c17df73db7df9f7.safeframe.googlesyndication.com
c2.taboola.com
cdn.adsafeprotected.com
cdn.ampproject.org
cdn.parsely.com
cdn.taboola.com
cm.g.doubleclick.net
connect.facebook.net
d.turn.com
d1z2jf7jlzjs58.cloudfront.net
dpm.demdex.net
futureplc-com.videoplayerhub.com
g2.gumgum.com
googleads.g.doubleclick.net
id5-sync.com
il-trc-events.taboola.com
images.taboola.com
js.gumgum.com
match.adsrvr.org
ml314.com
p.cpx.to
p1.parsely.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.tapad.com
quantcast.mgr.consensu.org
rules.quantcount.com
sb.scorecardresearch.com
search-api.fie.futurecdn.net
secure.quantserve.com
securepubads.g.doubleclick.net
sommelier.futurehybrid.tech
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
tags.bluekai.com
tags.crwdcntrl.net
tpc.googlesyndication.com
trc.taboola.com
uk-script.dotmetrics.net
unpkg.com
use.typekit.net
widget.perfectmarket.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.windowscentral.com
pixel.tapad.com
104.111.215.191
13.226.155.79
13.226.155.92
13.226.155.99
13.32.121.72
142.250.74.194
151.101.13.181
151.101.13.44
151.101.14.49
151.101.194.114
151.139.128.11
172.217.18.98
18.203.163.22
18.66.100.58
18.66.112.8
18.66.92.94
185.106.33.48
185.29.132.241
2001:678:cb4:bbbb::13
2600:9000:2182:3200:9:46dc:4700:93a1
2600:9000:223c:7800:6:44e3:f8c0:93a1
2606:4700:20::681a:78b
2606:4700:3039::6815:c076
2606:4700::6810:7aaf
2606:4700::6812:bc37
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:811::2001
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c08::9b
2a02:26f0:6c00::210:ba0a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.194.161.83
34.247.104.176
34.251.173.19
52.19.214.88
52.209.129.133
52.210.129.48
54.36.109.46
63.32.159.255
76.223.111.131
91.228.74.134
004baae7fe756e4777406e6492096e7304762dfbae57611af2f754004dbbe942
00f51b719a573dfa2938413394e4b37664f52cb517a443b422d3bb2d4b2c7586
061705a6dc85aff2b36d9d943a2364a39ed73c537e9f04aeae30a3a226558985
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21db3ee5cbd8888a36b551b69e6396fe2273800685b97b747670e8b32e879a
109367238429c8fc53a824c10ea641b995d4d126422b626019ded05a3fc5a854
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12b6fd7add250b3e434d5a9c18270214db91b8c87ad8550eb77aff2780fdd5ff
146efe90cd5a3bcee5cb557ff9606487035ba967150c77b59285570b0bf21609
1b4c22fb31bd965bc428138e49e4771d006b018b88237f9900ab3d35b2b5ad6b
1d1effe53367972c0b312a0fe53f48088fd6cfc07e93c257203df594be0f51b1
1e8477252f95be484cb4870fa2a388257fc02f488bf5da024f6229a261af4b42
29507fd3a172d0d54a23c53defa95fe78dbf477c5577b7b789abc2946c8a40d8
298b1806d3ad5fab73f204849b99705f9603b9cf8c72aedb465ace41dbf2017f
2abf1d709b47d09b963e37eba1a35516972c4208157636616ea86c6aa4c112e3
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2f03b278147f8f0bbfd56ebe73d183470ec71d18512c2d24bea55212bbe724e1
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3a4493982890029bf09da90f31d3ae72b007bfcd3259098f7d93673331455a37
41f0386dc0c34999673c53b78e06aeb0e7887c4d1fea55dfb26044c6179e4ee9
41ff43eba63e61c2d00c334c71b1aa231fd850361f746e83821d150f5cb4d326
45b6640b10629fe0dcec64d3031726d9841d5504280f8be01f2d5ca2f31f5cdd
46bcbe8294372d8156a636383c3c18815d16604ba26c516ec54fa608af072f52
47ee7c770102f566fd1b43746cb510d4beeac6838428d8e73c108ad34a942e62
48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5193e47e28655d2fc5b3dfc953deb76a214496204d95866998ddcd24f1700544
577c6dfe3ebcb5435b28de78f9112774f8910e67e889aad87895daf6cd1a9f44
5d51c2d2d99d5c71f61c1efd7842744538b05035ff8b302a390be25a675fc225
607ebfe90abe2b797070c07e2d26a584f1796ed461e1311dd99faf114b1e6c56
61cbfd2458df8acc437630b09ce25338e1932e62e2b9b9521e9edcb95dd97897
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
68f309cb44f7562a78cb296adad3797356558caf29679fb6fd5b0574db96b9d7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c805697ad6f0dd589a50e0d0b1f418182dad8e63c725e4f4425099257d2fd9a
6ea49a0d240eda65d857f3da885c3f2aba3c731c0070ec4e0ca3108b19d830c4
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
71d38d14c093babae9f6e8238a70bce018d448dbaf296e488d59464aaf174387
738e080489f59d8ed5e6c3a4c5d25c28342718e28aa951af93cbae63d1b27c06
7dbacd8208f06d94bb2b4926f5cb690d6787477a4c3cf2fbdbf03298ddb35553
7e7bf11e67a5f6c2f014ee23b4641b0d744ee5f810e57059ae70914ceac36766
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8036e893559287b0a9982f4476fc16208c7b98a0b0b73622085a1d7a35a62270
821bdc4f69b0d71c8ee65e9e97c232e0a127004991b92133da9019dbe8f90047
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
862701d910657705bbcd1389ac37bf20c5c8ab442d523ed74ecc0c9fe09afaee
86d463797a8c78b68c4618ed44cd03547ae3de7f2e829c58d5fbf238817b167a
8adc61c995ad23e9aaf8ef8d53876416dce35695ac81c7fd96eb44969de564ef
8c9f7955140dd85450788bfefe25d37024c6053118b2a32f34da1f056ece46c8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e4f5f3bc3d6c472382dc6ae414a1d2558fc9fd1fe4ec4c7ae7d3adc8957d438
908a88ac400478303f1485648d7144d1d953bdd25e387c07ae3af981ea1993d5
90b32146e0c29a4214c87cbe61e8ea5be51e86c876d97a53a7ba29b44618d700
9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94fe2acdde59c996a475902afadf127e555e25fb6aae6f8f93914b318de3e19d
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cc179995cc5c8bfe5b358466cfd5a871821bc1d4e64723ccf16da6f3edd387
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ad1cd9c9fd8f0eb0c9e41a7683654a834d6da5e3ba132f70096b7929e79eb298
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b110fd3d5570e27a9bc9d1258cdc1a5e4a06446705a0decea050096a4524ffe1
b1371d0f926a79debf9bb4be641ae6600ad41e6b27b6cc007f9ec30257160ed0
b2ae56b1a6ca3e19dfe524fe5342627b179685a6fd231851d0fc41ea0b50bf68
b67b8d53ea5dfecb7b2c1cf5949fe4616d1924a75dfa49c35bf186bea939b747
bdd869f6a879f7d0910bb077f5c54d165a50a5371170917e6d5b8f5a375c0da3
c0f2951fdfddd44e9803e424843d9ab187f32651aa0b374e6fd99f791d15f68a
c6e7d3fc25e0bb73ae633a39bf6ae8c24b3d54455cb88879c03ee1391ad2a544
c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f
c84a5b9e09825082ba7b583fddf8abca5efbdd05eb7beb7d9e2abdfcebda332c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc3ccc08cee3c5f01aad5ee24e233bf8102a71429bfba20c034bce6bd994db2c
cd1dd3418dafb945dd763359592bc9b22ea7fdf98493544426cd1b1d1d018714
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2398cf4c047a0adb27b53f7ed28de2dfcb6b93d8cd8caa30c8a891d17947a02
d2f14c14f8b1cc9659e849b3db6b22410b5641152120e50e5a1292d78016016c
d5a630095fce2f472d59c533e843fbaa86c64d87b22f051113d202094980a3b0
da04dec0e58764cce0b002e6242ff5a6c91e06b1bf6a1b361e15a321479b057a
da6e97e612ecd118b3aa6a8f0d73dd574c4c64c9d073c84321536cc9a41d5069
dd23f77e0f2633a6eb7eab764d98ab21a0ae46fe92d169262b52ffefd1dcf16c
dedf0005af46ab90d7b42e76026288fc5a2ba67ce8ffae805f22e971f358c55b
e048256aeff711c2ac9e3f00ce50fc47da3274019af3d150460e97684b9eb8cc
e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182
e213b53477c260dcbf4d7b3589bd28678f1df9acbca53f712e1b3884af32c5b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d6a2a6117e7951f736672bcdf62eaee4d7de1a1aadcb80df2aaee4be9c2cdc
e4285b2f44b7d0ef6c15a67f3c51c3633807e8708fc90f0043ac5863e3dad690
e66d93bb563a106e7b4f14a4b2720d56be32aa46d2164919768c099a2d6ae153
e757618946ae7ce63c64d0acaffbdc1904457a60ec68759f684d77a6bbac81f9
e8d6a813d5b6618c59922a3165fb0102918b7ca7f8e892f78abdb4afd6af55b4
ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4
ed2e3a62be83ddda79eb1312d3da002272b51c438c3e41db9590d8040f213bc0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f195f71325f8d315c43e850c499588d279bb5a2a94c0f5ed51ada48add5842a7
f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3
f55d6329951a0fc9abde82911fca744e59159c18a0173e2df2a8a8449d0ce1f1
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6e3bc7d17b69308c0be06ad1f9ae2e807151ebbd062a5518440acf2814e339e
fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61
fc127a72140487ebb3b37e5eeddd020505bee8f0223ddb41c340c570c7b57bd7
fc286ad100c4e5e3675e79a3635c1e67622443530e7ae358aecb7c72c86cab2e
fdbd254cd82af2c162090853c566be73bdcf67820ecce9eab5af763a4deb35e7
fe002bfd96db43e429278542c81094406f1a9ace230fe9cd6e39ed103314e945
ffa727ea5bc2ce8796b8818ba14cc324b6d04bc955234effabe3605f366fdfe1

www.windowscentral.com Open in urlscan Pro 2606:4700::6812:bc37 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

170 Requests

99 %HTTPS

46 %IPv6

39 Domains

55 Subdomains

46 IPs

7 Countries

2114 kBTransfer

6266 kBSize

10 Cookies

48 Outgoing links

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.windowscentral.com Open in urlscan Pro
2606:4700::6812:bc37 Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

99 %
HTTPS

46 %
IPv6

39
Domains

55
Subdomains

46
IPs

7
Countries

2114 kB
Transfer

6266 kB
Size

10
Cookies

170 HTTP transactions
4 data transactions