Submitted URL: http://www.pcworld.com/article/162240/th.._gh0st_rat_in_the_machine.html
Effective URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Submission: On April 23 via api from US

Summary

This website contacted 72 IPs in 7 countries across 51 domains to perform 250 HTTP transactions. The main IP is 151.101.114.165, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.pcworld.com.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on April 19th 2020. Valid for: a year.
This is the only time www.pcworld.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 76 151.101.114.165 54113 (FASTLY)
1 2600:9000:20e... 16509 (AMAZON-02)
1 13.225.73.32 16509 (AMAZON-02)
5 23.213.165.44 16625 (AKAMAI-AS)
5 95.100.67.47 16625 (AKAMAI-AS)
1 23.213.165.125 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
5 52.58.47.46 16509 (AMAZON-02)
5 172.217.21.194 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.19.150.54 13335 (CLOUDFLAR...)
2 18.194.103.60 16509 (AMAZON-02)
10 23.213.165.149 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.204.232.56 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 93.184.220.66 15133 (EDGECAST)
2 151.101.12.157 54113 (FASTLY)
1 13.225.73.44 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
10 23.213.170.21 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.101.14.110 54113 (FASTLY)
7 52.201.97.1 14618 (AMAZON-AES)
1 13.225.73.2 16509 (AMAZON-02)
1 64.202.112.95 22075 (AS-OUTBRAIN)
8 34.234.137.236 14618 (AMAZON-AES)
1 151.139.128.11 20446 (HIGHWINDS3)
3 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
1 2 35.190.59.101 15169 (GOOGLE)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
1 54.229.6.20 16509 (AMAZON-02)
1 35.190.40.172 15169 (GOOGLE)
2 13.225.73.125 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.114.2 54113 (FASTLY)
2 13.225.73.59 16509 (AMAZON-02)
3 64.74.236.95 22075 (AS-OUTBRAIN)
1 151.101.14.2 54113 (FASTLY)
3 70.42.32.95 22075 (AS-OUTBRAIN)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 69.16.175.10 20446 (HIGHWINDS3)
1 54.225.177.131 14618 (AMAZON-AES)
1 4 52.57.10.175 16509 (AMAZON-02)
1 3.125.56.182 16509 (AMAZON-02)
2 2 185.94.180.128 35220 (SPOTX-AMS)
2 23.213.164.117 16625 (AKAMAI-AS)
2 159.180.84.2 33047 (INSTART)
1 2 185.94.180.126 35220 (SPOTX-AMS)
4 185.94.180.124 35220 (SPOTX-AMS)
1 54.85.243.28 14618 (AMAZON-AES)
5 34.95.120.147 15169 (GOOGLE)
2 2a02:26f0:310... 20940 (AKAMAI-ASN1)
2 34.201.75.104 14618 (AMAZON-AES)
1 54.86.154.26 14618 (AMAZON-AES)
1 2 2600:1f18:612... 14618 (AMAZON-AES)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2 2600:1f18:612... 14618 (AMAZON-AES)
1 23.213.164.238 16625 (AKAMAI-AS)
5 23.213.169.115 16625 (AKAMAI-AS)
2 4 23.5.97.37 16625 (AKAMAI-AS)
1 23.210.248.12 16625 (AKAMAI-AS)
8 151.101.14.217 54113 (FASTLY)
1 54.81.183.211 14618 (AMAZON-AES)
3 52.6.68.76 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
250 72
Apex Domain
Subdomains
Transfer
57 pcworld.com
www.pcworld.com
cmp.pcworld.com
502 KB
18 outbrain.com
widgets.outbrain.com
odb.outbrain.com
mcdp-chidc2.outbrain.com
libs.outbrain.com
mv.outbrain.com
videoclientsservicescalls.outbrain.com
eventlog.outbrain.com
250 KB
13 idgesg.net
alt.idgesg.net
images.idgesg.net
112 KB
12 connatix.com
cdn.connatix.com
cdns.connatix.com
ck.connatix.com
core.connatix.com
i.connatix.com
v.connatix.com
trk.connatix.com
376 KB
11 outbrainimg.com
tcheck.outbrainimg.com
log.outbrainimg.com
images.outbrainimg.com
116 KB
11 staticworld.net
idge.staticworld.net
csmb.staticworld.net
22 KB
9 vidazoo.com
static.vidazoo.com
server4.vidazoo.com
inventory.vidazoo.com
bis.vidazoo.com
273 KB
9 intellitxt.com
k.intellitxt.com
images.intellitxt.com
216 KB
8 skimresources.com
s.skimresources.com
t.skimresources.com
p.skimresources.com
r.skimresources.com
18 KB
8 postrelease.com
jadserve.postrelease.com
5 KB
7 3lift.com
ib.3lift.com
eb2.3lift.com
tlx.3lift.com
71 KB
6 teads.tv
a.teads.tv
t.teads.tv
sync.teads.tv
143 KB
6 spotxchange.com
sync.search.spotxchange.com
search.spotxchange.com
6 KB
5 aniview.com
player.aniview.com
track1.aniview.com
observe.aniview.com
107 KB
5 openx.net
outbrain-d.openx.net
u.openx.net
1 KB
5 googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
11 KB
5 doubleclick.net
securepubads.g.doubleclick.net
165 KB
5 typekit.net
use.typekit.net
p.typekit.net
54 KB
4 googleapis.com
imasdk.googleapis.com
90 KB
4 scorecardresearch.com
sb.scorecardresearch.com
3 KB
4 tremorhub.com
q017o-wfv89.ads.tremorhub.com
q017o-ootbn.ads.tremorhub.com
3 KB
4 google.com
www.google.com
adservice.google.com
ampcid.google.com
1 KB
3 casalemedia.com
as-sec.casalemedia.com
3 KB
3 google-analytics.com
www.google-analytics.com
19 KB
3 consensu.org
sourcepoint.mgr.consensu.org
api.skimlinks.mgr.consensu.org
3 KB
2 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
116 B
2 digitru.st
cdn.digitru.st
14 KB
2 spotxcdn.com
aka.spotxcdn.com
311 KB
2 spotx.tv
js.spotx.tv
1 KB
2 dwin2.com
www.dwin2.com
111 KB
2 google.de
ampcid.google.de
adservice.google.de
290 B
2 ads-twitter.com
static.ads-twitter.com
4 KB
2 googletagmanager.com
www.googletagmanager.com
81 KB
2 indexww.com
js-sec.indexww.com
37 KB
2 sp-prod.net
ccpa.sp-prod.net
ccpa-service.sp-prod.net
20 KB
1 2mdn.net
s0.2mdn.net
11 KB
1 googletagservices.com
www.googletagservices.com
14 KB
1 adsrvr.org
match.adsrvr.org
542 B
1 criteo.net
static.criteo.net
30 KB
1 webflow.com
uploads-ssl.webflow.com
1 KB
1 soundcloud.com
w.soundcloud.com
3 KB
1 twitter.com
platform.twitter.com
321 B
1 google.nl
adservice.google.nl
839 B
1 gstatic.com
www.gstatic.com
121 KB
1 permutive.com
cdn.permutive.com
143 KB
1 subscribers.com
cdn.subscribers.com
11 KB
1 ntv.io
s.ntv.io
90 KB
1 cloudfront.net
d2zv5rkii46miq.cloudfront.net
2 KB
0 advertising.com Failed
ads.adaptv.advertising.com Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
0 adsafeprotected.com Failed
cdn.adsafeprotected.com Failed
250 51
Domain Requested by
52 www.pcworld.com 3 redirects www.pcworld.com
11 images.idgesg.net www.pcworld.com
9 images.outbrainimg.com www.pcworld.com
9 widgets.outbrain.com www.pcworld.com
widgets.outbrain.com
libs.outbrain.com
8 jadserve.postrelease.com s.ntv.io
www.pcworld.com
7 k.intellitxt.com www.googletagmanager.com
www.pcworld.com
k.intellitxt.com
images.intellitxt.com
6 static.vidazoo.com libs.outbrain.com
static.vidazoo.com
www.pcworld.com
6 idge.staticworld.net www.pcworld.com
5 csmb.staticworld.net www.pcworld.com
5 securepubads.g.doubleclick.net www.pcworld.com
securepubads.g.doubleclick.net
www.googletagservices.com
5 cmp.pcworld.com www.pcworld.com
ccpa.sp-prod.net
4 imasdk.googleapis.com cdns.connatix.com
imasdk.googleapis.com
4 v.connatix.com
4 sb.scorecardresearch.com 2 redirects www.pcworld.com
4 search.spotxchange.com aka.spotxcdn.com
player.aniview.com
4 eb2.3lift.com 1 redirects www.pcworld.com
ib.3lift.com
4 use.typekit.net www.pcworld.com
3 trk.connatix.com
3 a.teads.tv libs.outbrain.com
a.teads.tv
3 outbrain-d.openx.net static.vidazoo.com
player.aniview.com
3 as-sec.casalemedia.com static.vidazoo.com
player.aniview.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 mcdp-chidc2.outbrain.com widgets.outbrain.com
3 t.skimresources.com www.pcworld.com
s.skimresources.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.pcworld.com
2 t.teads.tv www.pcworld.com
2 q017o-ootbn.ads.tremorhub.com 1 redirects www.pcworld.com
2 q017o-wfv89.ads.tremorhub.com 1 redirects www.pcworld.com
2 track1.aniview.com www.pcworld.com
2 player.aniview.com libs.outbrain.com
player.aniview.com
2 u.openx.net static.vidazoo.com
player.aniview.com
2 sync.search.spotxchange.com 1 redirects www.pcworld.com
2 cdn.digitru.st aka.spotxcdn.com
cdn.digitru.st
2 aka.spotxcdn.com www.pcworld.com
2 js.spotx.tv 2 redirects
2 eventlog.outbrain.com widgets.outbrain.com
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.pcworld.com
2 images.intellitxt.com k.intellitxt.com
images.intellitxt.com
2 ib.3lift.com www.pcworld.com
ib.3lift.com
2 r.skimresources.com 1 redirects www.pcworld.com
2 p.skimresources.com www.pcworld.com
2 www.dwin2.com www.googletagmanager.com
www.dwin2.com
2 static.ads-twitter.com www.pcworld.com
2 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
2 sourcepoint.mgr.consensu.org www.pcworld.com
2 www.googletagmanager.com www.pcworld.com
www.googletagmanager.com
2 alt.idgesg.net www.pcworld.com
2 js-sec.indexww.com www.pcworld.com
static.vidazoo.com
1 s0.2mdn.net imasdk.googleapis.com
1 i.connatix.com
1 core.connatix.com cdns.connatix.com
1 ck.connatix.com cdns.connatix.com
1 cdns.connatix.com cdn.connatix.com
1 cdn.connatix.com www.pcworld.com
1 sync.teads.tv a.teads.tv
1 ads.pubmatic.com player.aniview.com
1 hbopenbid.pubmatic.com player.aniview.com
1 observe.aniview.com player.aniview.com
1 bis.vidazoo.com static.vidazoo.com
1 inventory.vidazoo.com www.pcworld.com
1 tlx.3lift.com ib.3lift.com
1 server4.vidazoo.com static.vidazoo.com
1 videoclientsservicescalls.outbrain.com libs.outbrain.com
1 mv.outbrain.com widgets.outbrain.com
1 libs.outbrain.com widgets.outbrain.com
1 odb.outbrain.com widgets.outbrain.com
1 adservice.google.de www.googletagservices.com
1 www.googletagservices.com www.pcworld.com
1 api.skimlinks.mgr.consensu.org s.skimresources.com
1 match.adsrvr.org js-sec.indexww.com
1 static.criteo.net js-sec.indexww.com
1 s.skimresources.com www.googletagmanager.com
1 log.outbrainimg.com widgets.outbrain.com
1 uploads-ssl.webflow.com www.pcworld.com
1 ampcid.google.de www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 w.soundcloud.com www.googletagmanager.com
1 platform.twitter.com 1 redirects
1 adservice.google.nl securepubads.g.doubleclick.net
1 ccpa-service.sp-prod.net ccpa.sp-prod.net
1 www.gstatic.com www.google.com
1 cdn.permutive.com www.pcworld.com
1 p.typekit.net www.pcworld.com
1 cdn.subscribers.com www.pcworld.com
1 www.google.com www.pcworld.com
1 s.ntv.io www.pcworld.com
1 ccpa.sp-prod.net www.pcworld.com
1 d2zv5rkii46miq.cloudfront.net www.pcworld.com
0 ads.adaptv.advertising.com Failed static.vidazoo.com
0 api.rlcdn.com Failed js-sec.indexww.com
0 cdn.adsafeprotected.com Failed www.pcworld.com
250 92
Subject Issuer Validity Valid
idg.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-04-19 -
2021-04-20
a year crt.sh
*.cloudfront.net
DigiCert Global CA G2
2019-07-17 -
2020-07-05
a year crt.sh
*.sp-prod.net
Let's Encrypt Authority X3
2020-02-22 -
2020-05-22
3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2020-03-02 -
2021-04-01
a year crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA
2019-12-06 -
2021-12-10
2 years crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA
2019-11-18 -
2021-02-16
a year crt.sh
www.google.com
GTS CA 1O1
2020-04-07 -
2020-06-30
3 months crt.sh
*.subscribers.com
Go Daddy Secure Certificate Authority - G2
2018-09-04 -
2020-06-26
2 years crt.sh
cmp.idg.tv
Let's Encrypt Authority X3
2020-02-26 -
2020-05-26
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-04-07 -
2020-06-30
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-04-01 -
2020-06-24
3 months crt.sh
ssl974613.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2020-01-29 -
2020-08-06
6 months crt.sh
sourcepoint.mgr.consensu.org
DigiCert SHA2 Secure Server CA
2020-03-30 -
2021-06-03
a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA
2020-03-09 -
2021-06-08
a year crt.sh
*.gstatic.com
GTS CA 1O1
2020-04-07 -
2020-06-30
3 months crt.sh
*.google.nl
GTS CA 1O1
2020-04-01 -
2020-06-24
3 months crt.sh
*.google.com
GTS CA 1O1
2020-04-01 -
2020-06-24
3 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA
2019-08-14 -
2020-08-18
a year crt.sh
*.soundcloud.com
GlobalSign Domain Validation CA - SHA256 - G2
2018-04-12 -
2020-06-08
2 years crt.sh
*.outbrainimg.com
DigiCert Secure Site ECC CA-1
2020-03-26 -
2021-06-25
a year crt.sh
*.google.de
GTS CA 1O1
2020-04-07 -
2020-06-30
3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-04-23 -
2021-03-18
a year crt.sh
*.intellitxt.com
SSL.com DV CA
2018-11-06 -
2020-11-05
2 years crt.sh
uploads-ssl.webflow.com
Amazon
2019-11-24 -
2020-12-24
a year crt.sh
*.postrelease.com
Amazon
2020-02-28 -
2021-03-28
a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA
2018-09-13 -
2020-10-07
2 years crt.sh
*.criteo.net
DigiCert ECC Secure Server CA
2020-03-30 -
2020-06-28
3 months crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1
2019-03-07 -
2021-04-19
2 years crt.sh
api.skimlinks.mgr.consensu.org
DigiCert SHA2 Secure Server CA
2019-10-04 -
2021-10-07
2 years crt.sh
*.3lift.com
Amazon
2019-07-10 -
2020-08-10
a year crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-04-22 -
2021-04-23
a year crt.sh
images.intellitxt.com
Amazon
2019-12-06 -
2021-01-06
a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-04-01 -
2020-06-24
3 months crt.sh
*.vidazoo.com
Sectigo RSA Domain Validation Secure Server CA
2019-03-20 -
2021-04-03
2 years crt.sh
cdn.spotxcdn.com
GeoTrust RSA CA 2018
2019-04-24 -
2020-05-23
a year crt.sh
cdn.digitru.st
Sectigo RSA Organization Validation Secure Server CA
2019-05-09 -
2021-05-08
2 years crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018
2019-03-20 -
2021-04-21
2 years crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018
2019-03-18 -
2021-03-17
2 years crt.sh
vidazoo-bi-bidder.vidazoo.com
Let's Encrypt Authority X3
2020-03-17 -
2020-06-15
3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2018-01-04 -
2020-07-09
3 years crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA
2020-01-22 -
2021-04-22
a year crt.sh
*.tremorhub.com
Amazon
2019-08-22 -
2020-09-22
a year crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA
2019-02-22 -
2021-02-21
2 years crt.sh
teads.tv
Let's Encrypt Authority X3
2020-04-15 -
2020-07-14
3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA
2019-12-16 -
2020-12-25
a year crt.sh
j3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-04-23 -
2021-04-20
a year crt.sh
*.connatix.com
Amazon
2019-10-19 -
2020-11-19
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-04-07 -
2020-06-30
3 months crt.sh
*.doubleclick.net
GTS CA 1O1
2020-04-07 -
2020-06-30
3 months crt.sh

This page contains 20 frames:

Primary Page: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Frame ID: 249E3EAAF5643C313CC187C14F7A8AD2
Requests: 205 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Frame ID: 807EE615AB630D51BC2029E29912340A
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.08063051724409576
Frame ID: 6DBAD0248B0E513CA56FD922A3DBF553
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: B3E5949CB721B654789E9BAAC25333F3
Requests: 9 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: F743F2BC752A45068600D867284309D3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 5F6D1A4C60ECD5C6D1A9C5CBE69A7B51
Requests: 1 HTTP requests in this frame

Frame: https://tlx.3lift.com/web/auction?inv_code=tan_PCWorld_MOAP&referrer=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&rev=ace1b2d&fe=0&ft=0&cb=8751539860
Frame ID: D159FCD912561D7AB8D904CBEE346F18
Requests: 1 HTTP requests in this frame

Frame: https://static.vidazoo.com/basev/1.0.367/prebid/prebid.js
Frame ID: 089DF6EBE80E3636721AE0EEB7154D53
Requests: 4 HTTP requests in this frame

Frame: https://cdn.digitru.st/prod/1.5.41/dt.html
Frame ID: 1D80AD3B9351220D3BE53248DF8E648B
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Frame ID: 7DE03612049AEA6885FB30434DA53245
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4C5379CFA71E66EA5EA801D94F7BFBC8
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Frame ID: DB0CD52D9FCB1A06ED8B9F71C6D73ACD
Requests: 13 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 527A20FD8A8693B9D8953641FC76AFBD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D5DF0C9971437AEDA7538378038B4F17
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=118265&gdprIab={%22status%22:23,%22consent%22:%22%22,%22reason%22:231}&fromFormat=true&env=js-web&vid=270d4c2c-4bc6-4414-a0f9-b3c9212ba8e8&1587679469030
Frame ID: B2E1984E011E4CCE2BB4E1C1DA0ED879
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=51695&ld=1
Frame ID: 0C2F54F9DA8AF3AF8587954D1948222E
Requests: 1 HTTP requests in this frame

Frame: https://cdns.connatix.com/p/1944/min/connatix.renderer.infeed.min_dc.js
Frame ID: 6D069EC2C39CFE38DF02A26B70C5E4BB
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.382.1_en.html
Frame ID: 3E13F3576CFF42E0003A91EA19F71BA6
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.382.1_en.html
Frame ID: C794992C0B50414B5E888DA0716F66DF
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.382.1_en.html
Frame ID: 0EB298A9A0F7CD133E927BE10AEA8FB0
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.pcworld.com/article/162240/th.._gh0st_rat_in_the_machine.html HTTP 301
    https://www.pcworld.com/article/162240/th.._gh0st_rat_in_the_machine.html HTTP 301
    https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^Apache-Coyote(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Overall confidence: 100%
Detected patterns
  • headers server /^Apache-Coyote(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

250
Requests

98 %
HTTPS

27 %
IPv6

51
Domains

92
Subdomains

72
IPs

7
Countries

3570 kB
Transfer

13009 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.pcworld.com/article/162240/th.._gh0st_rat_in_the_machine.html HTTP 301
    https://www.pcworld.com/article/162240/th.._gh0st_rat_in_the_machine.html HTTP 301
    https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95
  • https://platform.twitter.com/oct.js HTTP 301
  • https://static.ads-twitter.com/oct.js
Request Chain 109
  • https://www.pcworld.com/article/162240/ HTTP 301
  • https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Request Chain 121
  • https://r.skimresources.com/api/ HTTP 307
  • https://r.skimresources.com/api/?xguid=01E6MH3FXFYMAZ2YXBG7WVC40Q&persistence=1&checksum=b96270991b70c744f6e448488710ab73c28e28fec1c5106312797cc27bbd8555
Request Chain 191
  • https://js.spotx.tv/directsdk/v1/265228.js HTTP 307
  • https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Request Chain 192
  • https://js.spotx.tv/directsdk/v1/263588.js HTTP 307
  • https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Request Chain 196
  • https://sync.search.spotxchange.com/partner?source=dados HTTP 302
  • https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=5a61ac91-85ae-11ea-8253-1860f0711c06
Request Chain 215
  • https://q017o-wfv89.ads.tremorhub.com/ad/tag?adCode=q017o-k87q1&playerWidth=639&playerHeight=292&srcPageUrl=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&custom=AR_1&c2=28405&c3=154215&c4=10330-0&gdpr=1&gdpr_consent=2&schain=1.0,1!outbrain.com,00754848a7392526f220d8aadd28083864,1,,,&cbb=7679467632 HTTP 302
  • https://q017o-wfv89.ads.tremorhub.com/ad/tag?adCode=q017o-k87q1&playerWidth=639&playerHeight=292&srcPageUrl=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&custom=AR_1&c2=28405&c3=154215&c4=10330-0&gdpr=1&gdpr_consent=2&schain=1.0,1!outbrain.com,00754848a7392526f220d8aadd28083864,1,,,&cbb=7679467632&_tur=T
Request Chain 220
  • https://q017o-ootbn.ads.tremorhub.com/ad/tag?adCode=q017o-d6orw&playerWidth=639&playerHeight=292&srcPageUrl=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&custom=AR_1&c2=28405&c3=154215&c4=10330-0&gdpr=1&gdpr_consent=2&schain=1.0,1!outbrain.com,00754848a7392526f220d8aadd28083864,1,,,&cbb=7679467636 HTTP 302
  • https://q017o-ootbn.ads.tremorhub.com/ad/tag?adCode=q017o-d6orw&playerWidth=639&playerHeight=292&srcPageUrl=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&custom=AR_1&c2=28405&c3=154215&c4=10330-0&gdpr=1&gdpr_consent=2&schain=1.0,1!outbrain.com,00754848a7392526f220d8aadd28083864,1,,,&cbb=7679467636&_tur=T
Request Chain 232
  • https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1587679468931&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=60763124&cs_ucfr= HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1587679468931&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=60763124&cs_ucfr=
Request Chain 234
  • https://eb2.3lift.com/sync?max=10&cb=51695 HTTP 302
  • https://eb2.3lift.com/sync?max=10&cb=51695&ld=1
Request Chain 251
  • https://sb.scorecardresearch.com/p?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1587679475606&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=3886000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_1111894&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1587679475607&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=1&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=AMD%20B550%20motherboards%20and%203rd-gen%20Ryzen%203%20CPUs%2C%20finding%20old%20PC%20hardware%20%7C%20The%20Full%20Nerd%20ep.%20136&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&c8=&c9=&cs_ucfr=0 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1587679475606&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=3886000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_1111894&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1587679475607&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=1&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=AMD%20B550%20motherboards%20and%203rd-gen%20Ryzen%203%20CPUs%2C%20finding%20old%20PC%20hardware%20%7C%20The%20Full%20Nerd%20ep.%20136&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&c8=&c9=&cs_ucfr=0

250 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request the_gh0st_rat_in_the_machine.html
www.pcworld.com/article/162240/
Redirect Chain
  • http://www.pcworld.com/article/162240/th.._gh0st_rat_in_the_machine.html
  • https://www.pcworld.com/article/162240/th.._gh0st_rat_in_the_machine.html
  • https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
119 KB
33 KB
Document
General
Full URL
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
4e160895472e0f3fe95c9910034eb6a67fc96c6ce3b612a92232e4194b425074

Request headers

:method
GET
:authority
www.pcworld.com
:scheme
https
:path
/article/162240/the_gh0st_rat_in_the_machine.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
Apache-Coyote/1.1
content-type
text/html;charset=UTF-8
content-encoding
gzip
via
1.1 varnish 1.1 varnish
accept-ranges
bytes
date
Thu, 23 Apr 2020 22:04:03 GMT
age
74
x-served-by
cache-sjc10025-SJC, cache-hhn4059-HHN
x-cache
MISS, HIT
x-cache-hits
0, 1
x-timer
S1587679444.907348,VS0,VE1
vary
Accept-Encoding,Cookie
x-via-fastly
Verdad
content-length
33887

Redirect headers

status
301
server
Apache-Coyote/1.1
location
/article/162240/the_gh0st_rat_in_the_machine.html
content-encoding
gzip
content-type
text/html; charset=UTF-8
via
1.1 varnish 1.1 varnish
accept-ranges
bytes
date
Thu, 23 Apr 2020 22:04:03 GMT
age
76
x-served-by
cache-sjc10031-SJC, cache-hhn4059-HHN
x-cache
MISS, HIT
x-cache-hits
0, 1
x-timer
S1587679444.877219,VS0,VE1
vary
Accept-Encoding,Cookie
x-via-fastly
Verdad
content-length
25
jquery-1.10.2.min.js
www.pcworld.com/www/js/jquery/
91 KB
32 KB
Script
General
Full URL
https://www.pcworld.com/www/js/jquery/jquery-1.10.2.min.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
b52e06f854795718703ef9723b47a9a23edcbe2ae53ff261926d8d6059056cfe

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:03 GMT
content-encoding
gzip
age
470330
x-cache
HIT, HIT
status
200
x-cache-hits
242, 12
content-length
32794
x-via-fastly
Verdad
x-served-by
cache-sjc10051-SJC, cache-hhn4059-HHN
last-modified
Thu, 16 Apr 2020 18:47:30 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.951148,VS0,VE0
etag
W/"93639-1587062850000-gzip"
vary
Accept-Encoding,Cookie
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 24 Apr 2020 21:25:05 GMT
jquery_cookie.js
www.pcworld.com/www/js/jquery/
2 KB
1 KB
Script
General
Full URL
https://www.pcworld.com/www/js/jquery/jquery_cookie.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
02d2940a00290f3a9e4955de7821626688c0cacde8c97c762838e6b40ab22926

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:03 GMT
content-encoding
gzip
age
101946
x-cache
HIT, HIT
status
200
x-cache-hits
57, 13
content-length
908
x-via-fastly
Verdad
x-served-by
cache-sjc10030-SJC, cache-hhn4059-HHN
last-modified
Tue, 21 Apr 2020 18:29:50 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.977792,VS0,VE0
etag
W/"1946-1587493790000-gzip"
vary
Accept-Encoding,Cookie
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Wed, 29 Apr 2020 03:44:55 GMT
apollo-locales.js
www.pcworld.com/www/js/
4 KB
2 KB
Script
General
Full URL
https://www.pcworld.com/www/js/apollo-locales.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
8d8685788fb9f068527bb37b61f70a685dc17e3f86475c35f8b6719e068db491

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:03 GMT
content-encoding
gzip
age
67476
x-cache
HIT, HIT
status
200
x-cache-hits
87, 11
content-length
1430
x-via-fastly
Verdad
x-served-by
cache-sjc10049-SJC, cache-hhn4059-HHN
last-modified
Tue, 21 Apr 2020 18:29:38 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.977708,VS0,VE0
etag
W/"3919-1587493778000-gzip"
vary
Accept-Encoding,Cookie
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 03:19:28 GMT
cmp_shim.js
d2zv5rkii46miq.cloudfront.net/0/latest/
4 KB
2 KB
Script
General
Full URL
https://d2zv5rkii46miq.cloudfront.net/0/latest/cmp_shim.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:3600:17:5578:e080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
120fb2279d5061dd4a428f935fdf10c09e95c1f2ec0346f7aaf6c8b7f382cf49

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 21:49:08 GMT
content-encoding
gzip
last-modified
Wed, 27 Nov 2019 22:52:51 GMT
server
AmazonS3
age
1162
etag
"1de86d90311bcd5ee000f2f732b294a9"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
1698
via
1.1 3df1d6f6e1999cb29078ddff1a62bd1d.cloudfront.net (CloudFront)
x-amz-cf-id
U7imNLe9Pc2xxgg6eVPTAeYlsfIQzqBTOBi7CE6k1F7YDtgbkEDcvg==
messaging.js
www.pcworld.com/www/js/
321 KB
69 KB
Script
General
Full URL
https://www.pcworld.com/www/js/messaging.js?v=dec2019update
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e54f6a66c7e17b593d4bb6ec76157a4b1aa638cb4b25411dcd336dbe69a4f72f

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:03 GMT
content-encoding
gzip
age
527191
x-cache
HIT, HIT
status
200
x-cache-hits
148, 11
content-length
70831
x-via-fastly
Verdad
x-served-by
cache-sjc10051-SJC, cache-hhn4059-HHN
last-modified
Thu, 16 Apr 2020 18:47:36 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.977700,VS0,VE0
etag
W/"329065-1587062856000-gzip"
vary
Accept-Encoding,Cookie
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 24 Apr 2020 05:37:30 GMT
ccpa.js
ccpa.sp-prod.net/
50 KB
17 KB
Script
General
Full URL
https://ccpa.sp-prod.net/ccpa.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.32 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-32.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cc04c56dfa36de6a55397e43b6df5b30b1db863d59c2b1feee9f903559e63f9

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:02:23 GMT
content-encoding
gzip
last-modified
Thu, 23 Apr 2020 14:53:51 GMT
server
AmazonS3
age
102
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
yedQAd8rcB0A_0snD7eYOijqpv40ps0ZnNqt0Dnd68xsTNTJw38ckw==
via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
init_device.js
www.pcworld.com/www/js/
585 B
567 B
Script
General
Full URL
https://www.pcworld.com/www/js/init_device.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
4f4ed0e81c2f0016d06ae816dd872edc04e97612c9d36f2f3f4475f2954e7fcc

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:03 GMT
content-encoding
gzip
age
520655
x-cache
HIT, HIT
status
200
x-cache-hits
175, 11
content-length
304
x-via-fastly
Verdad
x-served-by
cache-sjc10021-SJC, cache-hhn4059-HHN
last-modified
Thu, 16 Apr 2020 18:47:28 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.977693,VS0,VE0
etag
W/"585-1587062848000-gzip"
vary
Accept-Encoding,Cookie
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 24 Apr 2020 07:26:27 GMT
iasPET.1.js
cdn.adsafeprotected.com/
0
0

183980-214854100715128.js
js-sec.indexww.com/ht/p/
128 KB
37 KB
Script
General
Full URL
https://js-sec.indexww.com/ht/p/183980-214854100715128.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.44 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
529406b62faebc10b88ac3556e600efa3318b85aba083bdc453c5521907b73e0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 23 Apr 2020 22:04:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Apr 2020 22:00:18 GMT
Server
Apache
ETag
"904662-1ffd0-5a3fc5fcff7ca"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
37761
Expires
Thu, 23 Apr 2020 23:04:04 GMT
gpt_includes.js
www.pcworld.com/www/js/ads/
18 KB
5 KB
Script
General
Full URL
https://www.pcworld.com/www/js/ads/gpt_includes.js?v=20200423125416
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
c71b723f8b3ffd2865e43fd72f9cf7cb9665b6aedca5dc88c8d328814be023da

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:03 GMT
content-encoding
gzip
age
7267
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
content-length
5153
x-via-fastly
Verdad
x-served-by
cache-sjc10032-SJC, cache-hhn4059-HHN
last-modified
Thu, 23 Apr 2020 19:53:20 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.977771,VS0,VE0
etag
W/"18643-1587671600000-gzip"
vary
Accept-Encoding,Cookie
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 20:02:56 GMT
thm_pre.js
www.pcworld.com/www.idgcsmb/js/
29 KB
5 KB
Script
General
Full URL
https://www.pcworld.com/www.idgcsmb/js/thm_pre.js?v=20200423125416
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a15f05f190041cbc96dd8ce19c1b343b6c53c2de0d746c3f9577b18944d4b200

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:03 GMT
content-encoding
gzip
age
7388
x-cache
HIT, HIT
status
200
x-cache-hits
2, 2
content-length
5158
x-via-fastly
Verdad
x-served-by
cache-sjc10024-SJC, cache-hhn4059-HHN
last-modified
Thu, 23 Apr 2020 19:48:34 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.977657,VS0,VE0
etag
W/"29258-1587671314000-gzip"
vary
Accept-Encoding,Cookie
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 20:00:56 GMT
gpt_starter.js
www.pcworld.com/www/js/ads/
330 B
411 B
Script
General
Full URL
https://www.pcworld.com/www/js/ads/gpt_starter.js?1234
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
ad20d2d42fcbd58ad9c50a6e53db21bf4425be6f8237a41f109c2717c30b4067

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:03 GMT
content-encoding
gzip
age
99857
x-cache
HIT, HIT
status
200
x-cache-hits
30, 7
content-length
238
x-via-fastly
Verdad
x-served-by
cache-sjc10031-SJC, cache-hhn4059-HHN
last-modified
Tue, 21 Apr 2020 18:29:28 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.977591,VS0,VE0
etag
W/"330-1587493768000-gzip"
vary
Accept-Encoding,Cookie
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Wed, 29 Apr 2020 04:19:43 GMT
ias_gpt_launcher.js
www.pcworld.com/www/js/ads/
1 KB
869 B
Script
General
Full URL
https://www.pcworld.com/www/js/ads/ias_gpt_launcher.js?v=20200423125416
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
ab54e63098ff1a191073bf312d7fc5cf09ff09f96d5c9b2b9372cb9dfbd632f1

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:03 GMT
content-encoding
gzip
age
7388
x-cache
HIT, HIT
status
200
x-cache-hits
2, 2
content-length
610
x-via-fastly
Verdad
x-served-by
cache-sjc10020-SJC, cache-hhn4059-HHN
last-modified
Thu, 23 Apr 2020 19:53:22 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.977572,VS0,VE0
etag
W/"1363-1587671602000-gzip"
vary
Accept-Encoding,Cookie
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 20:00:56 GMT
ehr0jod.css
use.typekit.net/
3 KB
928 B
Stylesheet
General
Full URL
https://use.typekit.net/ehr0jod.css
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b91ab9dfda75da71ef2d179b7f3e2898803f9dacbc913675c762e10128d4d979
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
status
200
date
Thu, 23 Apr 2020 22:04:04 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
728
inline-header-mobile.css
www.pcworld.com/www.idgcsmb/css/
36 KB
8 KB
Stylesheet
General
Full URL
https://www.pcworld.com/www.idgcsmb/css/inline-header-mobile.css?v=20200423125416
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
994275551d8a3b66aa3ec609f99d7cb2b7edaf393e125748c7f8ddf064ae115a

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:03 GMT
content-encoding
gzip
age
7268
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
content-length
8134
x-via-fastly
Verdad
x-served-by
cache-sjc10048-SJC, cache-hhn4059-HHN
last-modified
Thu, 23 Apr 2020 19:49:00 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.950988,VS0,VE0
etag
W/"36877-1587671340000-gzip"
vary
Accept-Encoding,Cookie
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 20:02:56 GMT
inline-header.css
www.pcworld.com/www.idgcsmb.pcw/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://www.pcworld.com/www.idgcsmb.pcw/css/inline-header.css?v=20200423125416
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
6bca657f0f40273c51e479f6d8b775b466c5c7f7db8a35ff3deef165dbbacabf

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:03 GMT
content-encoding
gzip
age
7268
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
content-length
1612
x-via-fastly
Verdad
x-served-by
cache-sjc10051-SJC, cache-hhn4059-HHN
last-modified
Thu, 23 Apr 2020 19:48:48 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.951003,VS0,VE0
etag
W/"8338-1587671328000-gzip"
vary
Accept-Encoding,Cookie
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 20:02:56 GMT
colorbox.css
www.pcworld.com/www.idgcsmb/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.pcworld.com/www.idgcsmb/css/colorbox.css
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
352a6ff912307bde526ad72be4d0df4f331352cbae0fb9cf842e99cf72a88895

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:03 GMT
content-encoding
gzip
age
521137
x-cache
HIT, HIT
status
200
x-cache-hits
212, 12
content-length
1002
x-via-fastly
Verdad
x-served-by
cache-sjc10030-SJC, cache-hhn4059-HHN
last-modified
Thu, 16 Apr 2020 18:42:48 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.951179,VS0,VE0
etag
W/"3839-1587062568000-gzip"
vary
Accept-Encoding,Cookie
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 24 Apr 2020 07:18:05 GMT
global-layout.css
www.pcworld.com/www.idgcsmb/css/
152 KB
27 KB
Stylesheet
General
Full URL
https://www.pcworld.com/www.idgcsmb/css/global-layout.css?v=20200423125416
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
94a12c39ffced5acc0455cf0932bb6f191bb52fa7bf929cecdc23238080a9df0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:03 GMT
content-encoding
gzip
age
7267
x-cache
HIT, HIT
status
200
x-cache-hits
2, 2
content-length
27797
x-via-fastly
Verdad
x-served-by
cache-sjc10024-SJC, cache-hhn4059-HHN
last-modified
Thu, 23 Apr 2020 19:48:58 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.951181,VS0,VE0
etag
W/"156030-1587671338000-gzip"
vary
Accept-Encoding,Cookie
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 20:02:56 GMT
global-layout.css
www.pcworld.com/www.idgcsmb.pcw/css/
10 KB
2 KB
Stylesheet
General
Full URL
https://www.pcworld.com/www.idgcsmb.pcw/css/global-layout.css?v=20200423125416
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
df19d8c2376b5e16d9ffcc02c844b361823b8ac98e74b4edc056275f81c7df21

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:03 GMT
content-encoding
gzip
age
7388
x-cache
HIT, HIT
status
200
x-cache-hits
2, 2
content-length
2095
x-via-fastly
Verdad
x-served-by
cache-sjc10041-SJC, cache-hhn4059-HHN
last-modified
Thu, 23 Apr 2020 19:48:46 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.951348,VS0,VE0
etag
W/"10286-1587671326000-gzip"
vary
Accept-Encoding,Cookie
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 20:00:56 GMT
global-colors.css
www.pcworld.com/www.idgcsmb/css/
15 KB
3 KB
Stylesheet
General
Full URL
https://www.pcworld.com/www.idgcsmb/css/global-colors.css?v=20200423125416
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
2cee233aacdc8334419da29513183ca776a588e8b533b19bc7f7430ca704e526

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:03 GMT
content-encoding
gzip
age
7388
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
content-length
2700
x-via-fastly
Verdad
x-served-by
cache-sjc10032-SJC, cache-hhn4059-HHN
last-modified
Thu, 23 Apr 2020 19:48:58 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.951341,VS0,VE0
etag
W/"15385-1587671338000-gzip"
vary
Accept-Encoding,Cookie
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 20:00:56 GMT
global-colors.css
www.pcworld.com/www.idgcsmb.pcw/css/
2 KB
805 B
Stylesheet
General
Full URL
https://www.pcworld.com/www.idgcsmb.pcw/css/global-colors.css?v=20200423125416
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
f54c116d5b5cb7af0fd2221ed7fa0d09f80e4bfdcda62c3f56cea772b730e648

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:03 GMT
content-encoding
gzip
age
7267
x-cache
HIT, HIT
status
200
x-cache-hits
2, 2
content-length
657
x-via-fastly
Verdad
x-served-by
cache-sjc10020-SJC, cache-hhn4059-HHN
last-modified
Thu, 23 Apr 2020 19:48:46 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.951327,VS0,VE0
etag
W/"2168-1587671326000-gzip"
vary
Accept-Encoding,Cookie
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 20:02:56 GMT
global-typography.css
www.pcworld.com/www.idgcsmb/css/
26 KB
6 KB
Stylesheet
General
Full URL
https://www.pcworld.com/www.idgcsmb/css/global-typography.css?v=20200423125416
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5e91451bafe3d79b6875643fec5b6b198b4e4b9a0e38fe8ea02dd8e0f3b51cf8

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:03 GMT
content-encoding
gzip
age
7388
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
content-length
5802
x-via-fastly
Verdad
x-served-by
cache-sjc10029-SJC, cache-hhn4059-HHN
last-modified
Thu, 23 Apr 2020 19:48:58 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.952557,VS0,VE0
etag
W/"26328-1587671338000-gzip"
vary
Accept-Encoding,Cookie
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 20:00:56 GMT
global-typography.css
www.pcworld.com/www.idgcsmb.pcw/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://www.pcworld.com/www.idgcsmb.pcw/css/global-typography.css?v=20200423125416
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e2d685ea9d70a27737acb497a3411485a89eb2cde0a9d0b1139e0ce8f7b9dbd8

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:03 GMT
content-encoding
gzip
age
7265
x-cache
HIT, HIT
status
200
x-cache-hits
3, 2
content-length
1971
x-via-fastly
Verdad
x-served-by
cache-sjc10032-SJC, cache-hhn4059-HHN
last-modified
Thu, 23 Apr 2020 19:48:46 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.952547,VS0,VE0
etag
W/"9243-1587671326000-gzip"
vary
Accept-Encoding,Cookie
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 20:02:58 GMT
article.css
www.pcworld.com/www/css/
231 KB
34 KB
Stylesheet
General
Full URL
https://www.pcworld.com/www/css/article.css?v=20200423125416
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a8df0678076b92038596e4a3b1c8a9d230275e4dbe72ae9ccd4ed99eed08ade0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:03 GMT
content-encoding
gzip
age
7388
x-cache
HIT, HIT
status
200
x-cache-hits
2, 1
content-length
34197
x-via-fastly
Verdad
x-served-by
cache-sjc10035-SJC, cache-hhn4059-HHN
last-modified
Thu, 23 Apr 2020 19:51:10 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.977806,VS0,VE1
etag
W/"236520-1587671470000-gzip"
vary
Accept-Encoding,Cookie
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 20:00:56 GMT
article.css
www.pcworld.com/www.idgcsmb.pcw/css/
24 KB
4 KB
Stylesheet
General
Full URL
https://www.pcworld.com/www.idgcsmb.pcw/css/article.css?v=20200423125416
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
522e2ab4cfe5b160a1c90ee0d581f0d26abaad30a17e1f2bdc79255052838000

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:03 GMT
content-encoding
gzip
age
7267
x-cache
HIT, HIT
status
200
x-cache-hits
3, 1
content-length
4249
x-via-fastly
Verdad
x-served-by
cache-sjc10020-SJC, cache-hhn4059-HHN
last-modified
Thu, 23 Apr 2020 19:48:46 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.977786,VS0,VE1
etag
W/"24907-1587671326000-gzip"
vary
Accept-Encoding,Cookie
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 20:02:56 GMT
video.player.css
www.pcworld.com/www.idgcsmb/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://www.pcworld.com/www.idgcsmb/css/video.player.css?v=20200423125416
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
4e67d8c11d78864f56c57e41f8d64bdf0238b881625f19022132fa2d35a1ef81

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:03 GMT
content-encoding
gzip
age
7268
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
content-length
1745
x-via-fastly
Verdad
x-served-by
cache-sjc10020-SJC, cache-hhn4059-HHN
last-modified
Thu, 23 Apr 2020 19:49:04 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.977815,VS0,VE0
etag
W/"6610-1587671344000-gzip"
vary
Accept-Encoding,Cookie
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 20:02:56 GMT
helpers.css
www.pcworld.com/www.idgcsmb/css/
1 KB
847 B
Stylesheet
General
Full URL
https://www.pcworld.com/www.idgcsmb/css/helpers.css
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
564e924253c465a9722ebbad7fc25124530009d191a17ea1c224d3dba7268add

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:03 GMT
content-encoding
gzip
age
319770
x-cache
HIT, HIT
status
200
x-cache-hits
332, 12
content-length
575
x-via-fastly
Verdad
x-served-by
cache-sjc10045-SJC, cache-hhn4059-HHN
last-modified
Thu, 16 Apr 2020 18:42:52 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.977823,VS0,VE0
etag
W/"1232-1587062572000-gzip"
vary
Accept-Encoding,Cookie
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Sun, 26 Apr 2020 15:14:29 GMT
ad.js
www.pcworld.com/www/js/ads/
19 B
243 B
Script
General
Full URL
https://www.pcworld.com/www/js/ads/ad.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
6a0f6cf6b4648c192d81b5fc7b70cb2f6819ef4a799e421e8626cae9697aa85a

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:03 GMT
content-encoding
gzip
age
23668
x-cache
HIT, HIT
status
200
x-cache-hits
2, 10
content-length
39
x-via-fastly
Verdad
x-served-by
cache-sjc10038-SJC, cache-hhn4059-HHN
last-modified
Tue, 21 Apr 2020 18:29:26 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.977557,VS0,VE0
etag
W/"19-1587493766000"
vary
Cookie, Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 15:29:35 GMT
load.js
s.ntv.io/serve/
305 KB
90 KB
Script
General
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.125 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-125.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d3c27508b822c29325cf36b9652384f7719a580df35733a9d146f45289c95dc

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 23 Apr 2020 22:04:04 GMT
Content-Encoding
gzip
x-amz-request-id
637D68985D629EE6
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
X20T7SHpNrZzwV1okMRwJrPtu/DGH900ujSx/qsehhBYHSEBkgMEyLA7qWkVJk55vz5JSY/6JZc=
Last-Modified
Mon, 13 Apr 2020 21:34:03 GMT
Server
AmazonS3
ETag
"d529d1bf80b60546cc0441ae6f1ad9a2"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
api.js
www.google.com/recaptcha/
674 B
546 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eff1e369cf0b3ccaf06a247ad118d31ddb4dee8c19ae178d2f7bd6f4043a2d6c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
445
x-xss-protection
1; mode=block
expires
Thu, 23 Apr 2020 22:04:04 GMT
footer-subscribe-mag-pcw.png
alt.idgesg.net/images/furniture/pcworld/
27 KB
28 KB
Image
General
Full URL
https://alt.idgesg.net/images/furniture/pcworld/footer-subscribe-mag-pcw.png
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87bffeae13a5cc3b427d1b837fe42ce466905791de34c137c92a3d71d848a99f

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
ibvTehqXw8I812.G4Y3y6YBA.hRH7f9K
via
1.1 varnish, 1.1 varnish
etag
"052e6e3e8fb330591dd673a131576b4a"
age
2122029
x-cache
HIT, HIT
status
200
content-length
28148
x-amz-id-2
xW+eWnyTVL6XfqzZEjby/ga6QtYCha8/fq3b+1LykRD/g2ZDl0TLhfdAP1B9av+BjcKZVKTfAM8=
x-served-by
cache-jfk8151-JFK, cache-hhn4059-HHN
last-modified
Wed, 23 Oct 2019 22:45:19 GMT
server
AmazonS3
x-timer
S1587679444.275877,VS0,VS0,VE0
date
Thu, 23 Apr 2020 22:04:04 GMT
x-amz-request-id
A36105127DCB8EEB
cache-control
public, max-age=2592000
accept-ranges
bytes
content-type
image/png
x-cache-hits
2, 9
date-time-moments.js
www.pcworld.com/www/js/
121 KB
32 KB
Script
General
Full URL
https://www.pcworld.com/www/js/date-time-moments.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5156e9286b87b1e03f6151c2bb29ad54d2b9da4df874a23c742a0693bdc209a1

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
age
66825
x-cache
HIT, HIT
status
200
x-cache-hits
26, 12
content-length
32323
x-via-fastly
Verdad
x-served-by
cache-sjc10020-SJC, cache-hhn4059-HHN
last-modified
Tue, 21 Apr 2020 18:29:40 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.069018,VS0,VE0
etag
W/"123832-1587493780000-gzip"
vary
Accept-Encoding,Cookie
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 03:30:19 GMT
facebook.svg
idge.staticworld.net/images/
817 B
1 KB
Image
General
Full URL
https://idge.staticworld.net/images/facebook.svg
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
676aa6d4090a54ea6893484095f55c80659fb8538db100cdb8ce1dc82bab42b8

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
z0fEqr9qBUOYVzkAEhE7W.44xxx.2BcQ
via
1.1 varnish, 1.1 varnish, 1.1 varnish
etag
"e54119fb283fa31d7980c946d19e701f"
age
4663
x-cache
HIT, HIT, HIT
status
200
content-length
817
x-amz-id-2
U1Mae+oKmDAUwdcq2XoUBLuYYsbR53IgfWTh3gqF7O0NyCxEem/dkEq93NoRL6t3omVCINS1ycM=
x-served-by
cache-jfk8122-JFK, cache-lga21982-LGA, cache-hhn4059-HHN
last-modified
Tue, 27 Mar 2018 00:10:09 GMT
server
AmazonS3
x-timer
S1587679446.757602,VS0,VS0,VE0
date
Thu, 23 Apr 2020 22:04:05 GMT
x-amz-request-id
EE0F0BBCB7A282E3
accept-ranges
bytes
content-type
image/svg+xml
x-cache-hits
1, 3, 6
twitter.svg
idge.staticworld.net/images/
1 KB
1 KB
Image
General
Full URL
https://idge.staticworld.net/images/twitter.svg
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
464e7cde418a559c5035942d1ab154d5d906f378f256a0dd39848d197df6180d

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
mIV1aQJqOkkgyHLgPXYdWBvfLAAcgw1y
via
1.1 varnish, 1.1 varnish, 1.1 varnish
etag
"5c2cee17abf8296b156fa142e69516df"
age
4079
x-cache
HIT, HIT, HIT
status
200
content-length
1128
x-amz-id-2
uTtmsMYfc1Q1n6eWr6+b9PTmJDyo6u2yBUQEibby6l2FrwZb/hGkeizd6kz2cjLhrF6d4w9J04U=
x-served-by
cache-jfk8140-JFK, cache-lga21937-LGA, cache-hhn4059-HHN
last-modified
Tue, 27 Mar 2018 00:10:11 GMT
server
AmazonS3
x-timer
S1587679446.757619,VS0,VS0,VE0
date
Thu, 23 Apr 2020 22:04:05 GMT
x-amz-request-id
BFAC1F86FFF6F28E
accept-ranges
bytes
content-type
image/svg+xml
x-cache-hits
4, 23, 6
linkedin.svg
idge.staticworld.net/images/
786 B
1 KB
Image
General
Full URL
https://idge.staticworld.net/images/linkedin.svg
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03643efcf63e8fbfe6571cd0f1a4ce49f8575a7bee74f2e9fd7fab344e474e48

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
dIfJAJb7rR9o.DnrV3iep_mz2NuSUCHZ
via
1.1 varnish, 1.1 varnish
etag
"b828f13d2d6015e831f675f1ca0c1908"
age
2566
x-cache
HIT, HIT
status
200
content-length
786
x-amz-id-2
oy9rYpowmTmYi2aAXwdD3pCtBfr+ZpBTfatrEKKP1YnAWQJcJiqGMa9SKadVHCNbaBEK7VqlrCQ=
x-served-by
cache-jfk8150-JFK, cache-hhn4059-HHN
last-modified
Tue, 27 Mar 2018 00:10:10 GMT
server
AmazonS3
x-timer
S1587679446.757643,VS0,VS0,VE0
date
Thu, 23 Apr 2020 22:04:05 GMT
x-amz-request-id
698EBF3214F3DF7F
accept-ranges
bytes
content-type
image/svg+xml
x-cache-hits
8, 5
reddit.svg
idge.staticworld.net/images/
2 KB
2 KB
Image
General
Full URL
https://idge.staticworld.net/images/reddit.svg
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47c749c888c850505d68f2745651928d8aec9a6802d6a8b20869fa114af92277

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
X1o6g.mfoioyv5Lswf3F9n.2ID0CCWF9
via
1.1 varnish, 1.1 varnish, 1.1 varnish
etag
"8159d85ae759a8d251edb65b4dcd285d"
age
2032
x-cache
HIT, HIT, HIT
status
200
content-length
1556
x-amz-id-2
DGsKZrrnALU3z5jwOlnClRd3XNZbzn0aaesXxau92bgkhepB1HvzbLFdvXsIH0ADTPpvzUw10pY=
x-served-by
cache-jfk8151-JFK, cache-lga21936-LGA, cache-hhn4059-HHN
last-modified
Tue, 27 Mar 2018 00:10:10 GMT
server
AmazonS3
x-timer
S1587679446.757539,VS0,VS0,VE0
date
Thu, 23 Apr 2020 22:04:05 GMT
x-amz-request-id
7BD513E1C3D27790
accept-ranges
bytes
content-type
image/svg+xml
x-cache-hits
5, 1, 9
mail.svg
idge.staticworld.net/images/
631 B
900 B
Image
General
Full URL
https://idge.staticworld.net/images/mail.svg
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83d86c9e7359ed844c0e7682abcd5cdb65222d421c61156f17791ac6c2650274

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
W1fLolU3CaghgVscFveqAiphPY036Sqp
via
1.1 varnish, 1.1 varnish, 1.1 varnish
etag
"c8fc97e05e008a042825f64ee7d414d1"
age
2832
x-cache
HIT, HIT, HIT
status
200
content-length
631
x-amz-id-2
IQEEeTQ3GSNKfcMtcJXUat7iKcJIHvSItm5pe8PgHV5ZVx9nJ6tG229TqCUYf+MtVPyUkX8XCGU=
x-served-by
cache-jfk8139-JFK, cache-lga21959-LGA, cache-hhn4059-HHN
last-modified
Tue, 27 Mar 2018 00:10:10 GMT
server
AmazonS3
x-timer
S1587679446.757648,VS0,VS0,VE0
date
Thu, 23 Apr 2020 22:04:05 GMT
x-amz-request-id
D2C94640A17A6D7A
accept-ranges
bytes
content-type
image/svg+xml
x-cache-hits
2, 7, 6
print.svg
idge.staticworld.net/images/
782 B
1 KB
Image
General
Full URL
https://idge.staticworld.net/images/print.svg
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b197985c0bef8bc365381bd16e15dccf184eb33d0abf0afdb4f567da2000fb2

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
.7Gmo7QCRJqJTxCocIfBynAqOGj25mL.
via
1.1 varnish, 1.1 varnish
etag
"a9f65e3b5eddc5c537118a146a3333c7"
age
3191
x-cache
HIT, HIT
status
200
content-length
782
x-amz-id-2
iYV0wAMIr5IsYiKZMyPs6yIB4seyBqwLf6/xpXo4whpqk+5h+kJEJq/t/7fP0BKj/T1vkvg+sHQ=
x-served-by
cache-lga21930-LGA, cache-hhn4059-HHN
last-modified
Tue, 27 Mar 2018 00:10:10 GMT
server
AmazonS3
x-timer
S1587679446.757517,VS0,VS0,VE0
date
Thu, 23 Apr 2020 22:04:05 GMT
x-amz-request-id
4A23D1E22B5F53D7
accept-ranges
bytes
content-type
image/svg+xml
x-cache-hits
9, 5
deal-modules.js
www.pcworld.com/www/js/
783 B
519 B
Script
General
Full URL
https://www.pcworld.com/www/js/deal-modules.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
cdf2700459ab474c9e19ccf7a3b9c6044a6cf2f2ff7bb0e1ab7bde2304409c87

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
age
368905
x-cache
HIT, HIT
status
200
x-cache-hits
47, 10
content-length
345
x-via-fastly
Verdad
x-served-by
cache-sjc10027-SJC, cache-hhn4059-HHN
last-modified
Thu, 16 Apr 2020 18:47:26 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.070509,VS0,VE0
etag
W/"783-1587062846000-gzip"
vary
Accept-Encoding,Cookie
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Sun, 26 Apr 2020 01:35:27 GMT
embedder-jwp.js
www.pcworld.com/www/js/video/
2 KB
839 B
Script
General
Full URL
https://www.pcworld.com/www/js/video/embedder-jwp.js?v=20200423125416
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
f0b97fc49950832323730d508911fa12bd098eca0670ccb3a18ada5af3a34699

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
age
7267
x-cache
HIT, HIT
status
200
x-cache-hits
17, 1
content-length
640
x-via-fastly
Verdad
x-served-by
cache-sjc10049-SJC, cache-hhn4059-HHN
last-modified
Thu, 23 Apr 2020 19:53:58 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.096395,VS0,VE1
etag
W/"1760-1587671638000-gzip"
vary
Accept-Encoding,Cookie
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 20:02:56 GMT
jquery.lazyload-ad.js
www.pcworld.com/www/js/ads/
10 KB
3 KB
Script
General
Full URL
https://www.pcworld.com/www/js/ads/jquery.lazyload-ad.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
4e6b5fc328bac95eec2e30afa8a58224c9accc6d70daf0e864d75c4c6d07fe94

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
age
470211
x-cache
HIT, HIT
status
200
x-cache-hits
27, 10
content-length
3088
x-via-fastly
Verdad
x-served-by
cache-sjc10041-SJC, cache-hhn4059-HHN
last-modified
Thu, 16 Apr 2020 18:47:16 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.116062,VS0,VE0
etag
W/"9912-1587062836000-gzip"
vary
Accept-Encoding,Cookie
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 24 Apr 2020 21:27:08 GMT
tso-links.css
www.pcworld.com/www.idgcsmb/css/
991 B
622 B
Stylesheet
General
Full URL
https://www.pcworld.com/www.idgcsmb/css/tso-links.css?v=20200423125416
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
b42412a0e2fd452601f89dc9119e8dc4c563d204e6a54ba2f91e7c046f9de3a4

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
age
7388
x-cache
HIT, HIT
status
200
x-cache-hits
3, 2
content-length
473
x-via-fastly
Verdad
x-served-by
cache-sjc10038-SJC, cache-hhn4059-HHN
last-modified
Thu, 23 Apr 2020 19:49:04 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.134409,VS0,VE0
etag
W/"991-1587671344000-gzip"
vary
Accept-Encoding,Cookie
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 20:00:56 GMT
footer.css
www.pcworld.com/www.idgcsmb/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://www.pcworld.com/www.idgcsmb/css/footer.css?v=20200423125416
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
21b3d2dc8e0d9e70821e7647ace3fb0a50fd046fb92d48873c5dbab4a30e6826

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
age
7267
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
content-length
1954
x-via-fastly
Verdad
x-served-by
cache-sjc10049-SJC, cache-hhn4059-HHN
last-modified
Thu, 23 Apr 2020 19:48:56 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.136214,VS0,VE0
etag
W/"7573-1587671336000-gzip"
vary
Accept-Encoding,Cookie
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 20:02:56 GMT
footer.css
www.pcworld.com/www.idgcsmb.pcw/css/
501 B
487 B
Stylesheet
General
Full URL
https://www.pcworld.com/www.idgcsmb.pcw/css/footer.css?v=20200423125416
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
0dd04ee5d897a00eb69286a8c9cf09aab8fe27343108ac530d61e0a0821f268d

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
age
7388
x-cache
HIT, HIT
status
200
x-cache-hits
1, 2
content-length
309
x-via-fastly
Verdad
x-served-by
cache-sjc10039-SJC, cache-hhn4059-HHN
last-modified
Thu, 23 Apr 2020 19:48:46 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.136209,VS0,VE0
etag
W/"501-1587671326000-gzip"
vary
Accept-Encoding,Cookie
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 20:00:56 GMT
logo-footer-white.png
alt.idgesg.net/images/logos/
2 KB
3 KB
Image
General
Full URL
https://alt.idgesg.net/images/logos/logo-footer-white.png
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
537d7a2ee55484fcb24cea45dd4593d1f478d83545b0399616af969a69c88c41

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
edGv5yqk7j95QLH6YobDRVsDJWVAgek8
via
1.1 varnish, 1.1 varnish
etag
"503ef0c72f7205129e4048cf0aea6fe9"
age
503575
x-amz-meta-origin-date-iso8601
2018-07-16T13:16:57.000Z
x-cache
HIT, HIT
status
200
content-length
2259
x-amz-id-2
mV2nRmEY4tpr/o/Afjy/yxOAPou6XvMFfe0MpvMJ+s1fjQEEL09M2uwAT/uyf2z4M6BCuRMX1Yc=
x-served-by
cache-jfk8132-JFK, cache-hhn4059-HHN
last-modified
Mon, 16 Jul 2018 13:17:37 GMT
server
AmazonS3
x-timer
S1587679444.275884,VS0,VS0,VE0
date
Thu, 23 Apr 2020 22:04:04 GMT
x-amz-request-id
7889FB8FB472D52C
cache-control
public, max-age=2592000
accept-ranges
bytes
content-type
image/png
x-cache-hits
2, 12
stickyLb.js
www.pcworld.com/www/js/ads/
4 KB
1 KB
Script
General
Full URL
https://www.pcworld.com/www/js/ads/stickyLb.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
f6bbd3540733be952a2921b2e4716d3b5190d5897510efcf9baa09649a1eaedf

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
age
468966
x-cache
HIT, HIT
status
200
x-cache-hits
48, 9
content-length
1257
x-via-fastly
Verdad
x-served-by
cache-sjc10051-SJC, cache-hhn4059-HHN
last-modified
Thu, 16 Apr 2020 18:47:18 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.136186,VS0,VE0
etag
W/"3657-1587062838000-gzip"
vary
Accept-Encoding,Cookie
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 24 Apr 2020 21:47:54 GMT
jquery-ui-tools.js
www.pcworld.com/www.idgcsmb/js/jquery/
298 KB
72 KB
Script
General
Full URL
https://www.pcworld.com/www.idgcsmb/js/jquery/jquery-ui-tools.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
3f6aa3b9a86115f8ce87c94ef4a28d3b3a535701a4d32571a121a37125ebd75a

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
age
394582
x-cache
HIT, HIT
status
200
x-cache-hits
46, 11
content-length
73118
x-via-fastly
Verdad
x-served-by
cache-sjc10025-SJC, cache-hhn4059-HHN
last-modified
Thu, 16 Apr 2020 18:45:42 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.136175,VS0,VE0
etag
W/"305323-1587062742000-gzip"
vary
Accept-Encoding,Cookie
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Sat, 25 Apr 2020 18:27:40 GMT
thm_post.js
www.pcworld.com/www.idgcsmb/js/
3 KB
1 KB
Script
General
Full URL
https://www.pcworld.com/www.idgcsmb/js/thm_post.js?v=20200423125416
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
99b522b7529c433012cf38d770feaeb70851d71133384bd71ea3cdb27d51dade

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
age
7267
x-cache
HIT, HIT
status
200
x-cache-hits
4, 2
content-length
1250
x-via-fastly
Verdad
x-served-by
cache-sjc10038-SJC, cache-hhn4059-HHN
last-modified
Thu, 23 Apr 2020 19:52:04 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.136172,VS0,VE0
etag
W/"3401-1587671524000-gzip"
vary
Accept-Encoding,Cookie
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 20:02:57 GMT
jquery.md5.js
www.pcworld.com/www.idgcsmb/js/jquery/plug-ins/
5 KB
2 KB
Script
General
Full URL
https://www.pcworld.com/www.idgcsmb/js/jquery/plug-ins/jquery.md5.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
6ca3d81747291dea42fd556588fd0c18003ffaf042bce2fe9f4683f91164f201

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
age
470712
x-cache
HIT, HIT
status
200
x-cache-hits
147, 11
content-length
1902
x-via-fastly
Verdad
x-served-by
cache-sjc10043-SJC, cache-hhn4059-HHN
last-modified
Thu, 16 Apr 2020 18:45:44 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.136160,VS0,VE0
etag
W/"5564-1587062744000-gzip"
vary
Accept-Encoding,Cookie
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 24 Apr 2020 21:18:28 GMT
jquery.colorbox-min.js
www.pcworld.com/www.idgcsmb/js/jquery/plug-ins/
11 KB
5 KB
Script
General
Full URL
https://www.pcworld.com/www.idgcsmb/js/jquery/plug-ins/jquery.colorbox-min.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
2e9b6db91ede2a0ffae7dcaeb2bd77945a104a95e32a44cc80caee919fe1cd20

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
age
117297
x-cache
HIT, HIT
status
200
x-cache-hits
34, 10
content-length
4633
x-via-fastly
Verdad
x-served-by
cache-sjc10047-SJC, cache-hhn4059-HHN
last-modified
Tue, 21 Apr 2020 18:27:54 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.136139,VS0,VE0
etag
W/"11081-1587493674000-gzip"
vary
Accept-Encoding,Cookie
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Tue, 28 Apr 2020 23:28:49 GMT
autocomplete.js
www.pcworld.com/www.idgcsmb/js/
986 B
652 B
Script
General
Full URL
https://www.pcworld.com/www.idgcsmb/js/autocomplete.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
fb35f8c9675722c4d1f3f0b65e6c324723e0f4e9c1d8d6b4f825f9c1d15b59a3

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
age
65673
x-cache
HIT, HIT
status
200
x-cache-hits
60, 11
content-length
478
x-via-fastly
Verdad
x-served-by
cache-sjc10044-SJC, cache-hhn4059-HHN
last-modified
Tue, 21 Apr 2020 18:27:42 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.136137,VS0,VE0
etag
W/"986-1587493662000-gzip"
vary
Accept-Encoding,Cookie
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Wed, 29 Apr 2020 13:49:26 GMT
jquery.tablesorter.min.js
www.pcworld.com/www.idge/js/jquery/
16 KB
5 KB
Script
General
Full URL
https://www.pcworld.com/www.idge/js/jquery/jquery.tablesorter.min.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
55e8d16bb1a291b0524928dd3bd20c191a14d8a947e4b141271f9c595c7bb451

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
age
18504
x-cache
HIT, HIT
status
200
x-cache-hits
27, 10
content-length
4792
x-via-fastly
Verdad
x-served-by
cache-sjc10050-SJC, cache-hhn4059-HHN
last-modified
Tue, 21 Apr 2020 18:28:52 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.136105,VS0,VE0
etag
W/"16373-1587493732000-gzip"
vary
Accept-Encoding,Cookie
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 16:55:39 GMT
liveRamp.js
www.pcworld.com/www/js/utils/
913 B
661 B
Script
General
Full URL
https://www.pcworld.com/www/js/utils/liveRamp.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
7cffadca178c2346f349b255fe288be601a4890e3bde39f23a60d1f33c5386fe

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
age
468028
x-cache
HIT, HIT
status
200
x-cache-hits
227, 11
content-length
469
x-via-fastly
Verdad
x-served-by
cache-sjc10047-SJC, cache-hhn4059-HHN
last-modified
Thu, 16 Apr 2020 18:47:46 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.136092,VS0,VE0
etag
W/"913-1587062866000-gzip"
vary
Accept-Encoding,Cookie
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Fri, 24 Apr 2020 22:03:09 GMT
subscribers.js
cdn.subscribers.com/assets/
37 KB
11 KB
Script
General
Full URL
https://cdn.subscribers.com/assets/subscribers.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:6800:2:d151:aac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc1ee6100bce11eef9cc1f7dc9cdcae914fa7c5c125f0becff2c6f84bf594414

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 17:07:04 GMT
content-encoding
gzip
last-modified
Tue, 21 Apr 2020 17:01:15 GMT
server
AmazonS3
age
17838
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
veyNGbd0itt_tDq3ER2pCpk3S_V6ZdfzQEu9mwGTS7LG_lS-AoHnkg==
via
1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
get_site_data
cmp.pcworld.com/
19 B
251 B
XHR
General
Full URL
https://cmp.pcworld.com/get_site_data?account_id=146&href=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&requestUUID=5d124b55-ce62-4ba0-887d-1598eae629ac-1587679444043
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/www/js/messaging.js?v=dec2019update
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.47.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-47-46.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.2.v20170220) /
Resource Hash
0be4e687e8b026eca636a2e41e9c11fdefcec1e1696d2f3553c0bad72bd6ed5d

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
x-sp-mms-node
mms-aka.node.fra.consul
server
Jetty(9.4.2.v20170220)
status
200
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.pcworld.com
cache-control
max-age=2592000
access-control-allow-credentials
true
get_site_data
cmp.pcworld.com/
19 B
251 B
XHR
General
Full URL
https://cmp.pcworld.com/get_site_data?requestUUID=e22ec3a9-cbda-416d-b016-0dfcbe7bd74e&account_id=146&href=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html
Requested by
Host: ccpa.sp-prod.net
URL: https://ccpa.sp-prod.net/ccpa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.47.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-47-46.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.2.v20170220) /
Resource Hash
0be4e687e8b026eca636a2e41e9c11fdefcec1e1696d2f3553c0bad72bd6ed5d

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
x-sp-mms-node
mms-akv.node.fra.consul
server
Jetty(9.4.2.v20170220)
status
200
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.pcworld.com
cache-control
max-age=2592000
access-control-allow-credentials
true
gpt.js
securepubads.g.doubleclick.net/tag/js/
42 KB
14 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/www/js/ads/gpt_starter.js?1234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
sffe /
Resource Hash
d67513f0b036a0c8afc20ce34ac8fac82f40f9a6d196ba24b69a2ae70b0f051d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"495 / 768 of 1000 / last-modified: 1587667613"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14371
x-xss-protection
0
expires
Thu, 23 Apr 2020 22:04:04 GMT
p.css
p.typekit.net/
5 B
168 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=ehr0jod&ht=tk&f=24351.24352.24354.24355&a=25545821&app=typekit&e=css
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
last-modified
Thu, 07 Feb 2019 19:28:12 GMT
server
nginx
etag
"5c5c86cc-5"
status
200
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
5
expires
Thu, 12 Sep 2019 08:25:52 GMT
inline-header.css
www.pcworld.com/www.idgcsmb/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://www.pcworld.com/www.idgcsmb/css/inline-header.css?v=20200423125416
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5037cd418ca2bff00f8215d2104c389074f932b1474e9925c916c57bc4b75a6e

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
age
7387
x-cache
HIT, HIT
status
200
x-cache-hits
12, 2
content-length
1378
x-via-fastly
Verdad
x-served-by
cache-sjc10033-SJC, cache-hhn4059-HHN
last-modified
Thu, 23 Apr 2020 19:49:00 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.117272,VS0,VE0
etag
W/"5634-1587671340000-gzip"
vary
Accept-Encoding,Cookie
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 30 Apr 2020 20:00:56 GMT
print.css
www.pcworld.com/www.idgcsmb/css/
212 B
367 B
Stylesheet
General
Full URL
https://www.pcworld.com/www.idgcsmb/css/print.css
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
f274e373901cfedb5598343e280e971b80b7a6b7cf5ce64da2647fa08b46c870

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
age
370202
x-cache
HIT, HIT
status
200
x-cache-hits
114, 10
content-length
169
x-via-fastly
Verdad
x-served-by
cache-sjc10026-SJC, cache-hhn4059-HHN
last-modified
Thu, 16 Apr 2020 18:42:54 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.136073,VS0,VE0
etag
W/"212-1587062574000-gzip"
vary
Accept-Encoding,Cookie
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
max-age=604800
accept-ranges
bytes
expires
Sun, 26 Apr 2020 01:13:59 GMT
gtm.js
www.googletagmanager.com/
181 KB
47 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WR6LD2P
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9c170785d0d0709612d3f7ce4c0509a4466433819c02d7c95a91ac4c25dec2d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
47895
x-xss-protection
0
expires
Thu, 23 Apr 2020 22:04:04 GMT
f5b3be27-f789-4ef1-8867-37c67da5b361-web.js
cdn.permutive.com/
976 KB
143 KB
Script
General
Full URL
https://cdn.permutive.com/f5b3be27-f789-4ef1-8867-37c67da5b361-web.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/www/js/jquery/jquery-1.10.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9a7da85e66b39ae1fc22786b9d3663f8b0b36cbd69882779ea385981ebfe43f

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
br
cf-cache-status
HIT
age
31
x-guploader-uploadid
AAANsUmJo1MtTU9yNn_rHuMTiMexn0HR1ktGJ4ZVq3RajsOssXfOAao2ZI-unIk3rE78utAOsdpw9rbuQ2wFwjT48PqeSMdKaw
x-goog-storage-class
REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-type
application/javascript
cf-request-id
024aaad5080000d4b4023a9200000001
last-modified
Thu, 23 Apr 2020 15:28:38 GMT
server
cloudflare
etag
W/"4aa50da03731b6bc690b5b821d978991"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=/V149g==, md5=SqUNoDcxtrxpC1uCHZeJkQ==
x-goog-generation
1587655718648679
cache-control
public, max-age=300
x-goog-stored-content-length
184295
cf-ray
588ae0ce7ecfd4b4-BRU
expires
Thu, 23 Apr 2020 22:09:04 GMT
pcworld_logo-final.svg
csmb.staticworld.net/images/furniture/pcworld/
3 KB
3 KB
Image
General
Full URL
https://csmb.staticworld.net/images/furniture/pcworld/pcworld_logo-final.svg
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e100e3cfe5199ae8b8daff8362685fd1ac424b7f4325f57200a0fbc2eecec6ee

Request headers

Referer
https://www.pcworld.com/www.idgcsmb.pcw/css/inline-header.css?v=20200423125416
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
qzqYV1kgZLrqz08O5b..aWqiBLs5jeb1
via
1.1 varnish, 1.1 varnish
etag
"fffe421e2c31b1920c2e9d7a625f3c14"
age
3087
x-cache
HIT, HIT
status
200
content-length
2918
x-amz-id-2
IItOzeTP4bGxvDSrTm5ovULt34XG8w44HHPPkhdsv2gwFyva3RNLLEdRKCFJz0yh5mFnwLbgzsw=
x-served-by
cache-lga21954-LGA, cache-hhn4059-HHN
last-modified
Tue, 27 Mar 2018 00:01:15 GMT
server
AmazonS3
x-timer
S1587679444.144178,VS0,VS0,VE0
date
Thu, 23 Apr 2020 22:04:04 GMT
x-amz-request-id
9CA03821D70798BA
accept-ranges
bytes
content-type
image/svg+xml
x-cache-hits
2, 5
ss-standard.woff
www.pcworld.com/www.idgcsmb/webfonts/
26 KB
27 KB
Font
General
Full URL
https://www.pcworld.com/www.idgcsmb/webfonts/ss-standard.woff
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
d2aae940b6d023c99cbd656bbd0868f51bcf4a93455efef42cc95d8a4c7bceca

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.pcworld.com/www.idgcsmb/css/inline-header-mobile.css?v=20200423125416
Origin
https://www.pcworld.com

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
age
14196
x-cache
HIT, HIT
status
200
content-length
27058
x-via-fastly
Verdad
x-served-by
cache-sjc10023-SJC, cache-hhn4059-HHN
last-modified
Tue, 21 Apr 2020 18:24:38 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.140840,VS0,VE0
etag
W/"27096-1587493478000-gzip"
vary
Accept-Encoding,Cookie
content-type
font/woff
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache-hits
2, 9
top-shops
www.pcworld.com/saving-united/
5 KB
1 KB
Fetch
General
Full URL
https://www.pcworld.com/saving-united/top-shops
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
52a65f202bea1f6a3a6160fc21534d0fd0141c262c7d0b100f96e8d0f976de0b

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
vary
Accept-Encoding,Cookie
age
3537
x-cache
HIT, HIT
status
200
content-length
1098
x-via-fastly
Verdad
x-served-by
cache-sjc10050-SJC, cache-hhn4059-HHN
server
Apache-Coyote/1.1
x-timer
S1587679444.145569,VS0,VE0
x-fastly-ttl
14400.000
content-type
text/html;charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
max-age=14400
accept-ranges
bytes
x-fastly-stale
432000.000
x-cache-hits
11, 6
gdpr-status
sourcepoint.mgr.consensu.org/consent/v2/
43 B
319 B
XHR
General
Full URL
https://sourcepoint.mgr.consensu.org/consent/v2/gdpr-status?siteId=3934
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/www/js/messaging.js?v=dec2019update
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.103.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-103-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1e8e9b90a66e1741a5300ee65d6fab837aab5c3f0a32a523d85002ae53154c9c

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
status
200
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.pcworld.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43
get_loaders
cmp.pcworld.com/mms/
546 B
780 B
XHR
General
Full URL
https://cmp.pcworld.com/mms/get_loaders?href=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&account_id=146&requestUUID=5d124b55-ce62-4ba0-887d-1598eae629ac-1587679444043
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/www/js/messaging.js?v=dec2019update
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.47.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-47-46.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.2.v20170220) /
Resource Hash
373e1b5b20dc644f44a4c3184d392d9e7eb64845c3e9f3433a31ff6424675253

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
x-sp-mms-node
mms-b2f.node.fra.consul
server
Jetty(9.4.2.v20170220)
status
200
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://www.pcworld.com
cache-control
max-age=10800
access-control-allow-credentials
true
l
use.typekit.net/af/ef2129/00000000000000003b9b387c/27/
18 KB
18 KB
Font
General
Full URL
https://use.typekit.net/af/ef2129/00000000000000003b9b387c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6d670e22647964b1b3663c0b34b6531a12a6f7d36dc232570af7d84b9458df0b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://use.typekit.net/ehr0jod.css
Origin
https://www.pcworld.com

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
server
nginx
etag
"e120da2743159d9bd5b6acbf951b869a1a6b1a4e"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
18068
l
use.typekit.net/af/403911/00000000000000003b9b3880/27/
18 KB
18 KB
Font
General
Full URL
https://use.typekit.net/af/403911/00000000000000003b9b3880/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
44ecdeeb04d9cb6de9d76ebc9f8ab716a7f6b2f08a01f179a462e008debfcb07

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://use.typekit.net/ehr0jod.css
Origin
https://www.pcworld.com

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
server
nginx
etag
"112e33239582b68be657159b85f4e16e5ce72672"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
18000
l
use.typekit.net/af/7557c8/00000000000000003b9b3878/27/
17 KB
17 KB
Font
General
Full URL
https://use.typekit.net/af/7557c8/00000000000000003b9b3878/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n2&v=3
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
85277adb60d0772c6a0f026ad88974c96cad412f065585082a02b41dbc956eec

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://use.typekit.net/ehr0jod.css
Origin
https://www.pcworld.com

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
server
nginx
etag
"ddcb07b098fbef019f85ea346c0eb55f93447289"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
17020
ss-social-circle.woff
www.pcworld.com/www.idgcsmb/webfonts/
14 KB
15 KB
Font
General
Full URL
https://www.pcworld.com/www.idgcsmb/webfonts/ss-social-circle.woff
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
b402bc64327a0461e1a09527c7f0401d29d808278d9fc65554628a2830956203

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.pcworld.com/www.idgcsmb/css/inline-header-mobile.css?v=20200423125416
Origin
https://www.pcworld.com

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
age
8222
x-cache
HIT, HIT
status
200
content-length
14782
x-via-fastly
Verdad
x-served-by
cache-sjc10048-SJC, cache-hhn4059-HHN
last-modified
Tue, 21 Apr 2020 18:24:38 GMT
server
Apache-Coyote/1.1
x-timer
S1587679444.165729,VS0,VE0
etag
W/"14796-1587493478000-gzip"
vary
Accept-Encoding,Cookie
content-type
font/woff
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
x-cache-hits
11, 8
message_url
cmp.pcworld.com/mms/v2/
0
889 B
XHR
General
Full URL
https://cmp.pcworld.com/mms/v2/message_url?requestUUID=e22ec3a9-cbda-416d-b016-0dfcbe7bd74e&account_id=146&abp=false&href=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&consentUUID=null&loadedData=%5B%7B%22id%22%3A%22CONSENT%3Aendpoint%3Ahttps%3A%2F%2Fccpa-service.sp-prod.net%3A3934%22%2C%22result%22%3A%22%7B%5C%22hasConsentData%5C%22%3Afalse%2C%5C%22consentedToAny%5C%22%3Afalse%2C%5C%22rejectedAny%5C%22%3Afalse%2C%5C%22consentedToAll%5C%22%3Afalse%7D%22%7D%5D&stage_campaign=false&cookie=%5B%5D
Requested by
Host: ccpa.sp-prod.net
URL: https://ccpa.sp-prod.net/ccpa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.47.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-47-46.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.2.v20170220) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 22:04:04 GMT
x-sp-mms-node
mms-av6.node.fra.consul
server
Jetty(9.4.2.v20170220)
status
200
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://www.pcworld.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-sp-mms-env
1
content-length
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
outbrain.js
widgets.outbrain.com/
131 KB
44 KB
Script
General
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8c28f89ce6de3bdbb63e6e18f11fd7fa811d498688fe29f932bb8ecbe6e87053

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
last-modified
Thu, 23 Apr 2020 07:53:16 GMT
status
200
etag
W/"20d51-7Lr15sRHVxHqQ0fVlqMaR4QgRF0"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
timing-allow-origin
*
content-length
44643
expires
Fri, 24 Apr 2020 02:04:04 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/
299 KB
121 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3f949c5fa5809887926e9351f3d35a72b6c9b542bcbfffbc41e0fd87424ae71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 16:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Apr 2020 04:05:48 GMT
server
sffe
age
277505
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
124243
x-xss-protection
0
expires
Tue, 20 Apr 2021 16:58:59 GMT
nav-elements_sprite.png
csmb.staticworld.net/images/furniture/techhive/
4 KB
4 KB
Image
General
Full URL
https://csmb.staticworld.net/images/furniture/techhive/nav-elements_sprite.png
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/www/js/jquery/jquery-1.10.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1dc3b33190a6b7e747940c7f383e80038cd4bea05b1e8e0e6b4258bcf94ed5cd

Request headers

Referer
https://www.pcworld.com/www.idgcsmb/css/global-layout.css?v=20200423125416
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
aCvRWF9oirmFRhpl_HavfOPum5NSu6D8
via
1.1 varnish, 1.1 varnish
etag
"34e855577712465697e730cf4b27ddb3"
age
1698244
x-cache
HIT, HIT
status
200
content-length
3663
x-amz-id-2
VcPq9JdEKoZkYZ6juLzOmrMvHpw51/z/QCa58RKTEAp1zY2kZi3EU+wedtNYGmVftx33SvRzhHM=
x-served-by
cache-jfk8127-JFK, cache-hhn4059-HHN
last-modified
Tue, 27 Mar 2018 00:01:19 GMT
server
AmazonS3
x-timer
S1587679444.286463,VS0,VS0,VE0
date
Thu, 23 Apr 2020 22:04:04 GMT
x-amz-request-id
57FA8A1F03D0E154
cache-control
public, max-age=2592000
accept-ranges
bytes
content-type
image/png
x-cache-hits
2, 71
tso
www.pcworld.com/ads/
229 B
445 B
XHR
General
Full URL
https://www.pcworld.com/ads/tso?localeId=0
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/www/js/jquery/jquery-1.10.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e69e091f9f1171b2379dd92aeff8a226352b27e7a76ff1e8db7056770f30a531

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
vary
Accept-Encoding,Cookie
age
11333
x-cache
HIT, HIT
status
200
content-length
220
x-via-fastly
Verdad
x-served-by
cache-sjc10037-SJC, cache-hhn4059-HHN
server
Apache-Coyote/1.1
x-timer
S1587679444.302845,VS0,VE0
x-fastly-ttl
14400.000
content-type
application/json;charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
max-age=14400
accept-ranges
bytes
x-fastly-stale
432000.000
x-cache-hits
4, 5
tile
www.pcworld.com/napi/
3 KB
874 B
XHR
General
Full URL
https://www.pcworld.com/napi/tile?def=listItemList&genericIfCategoryEmpty=true&includeArticles=true&pageSize=4&queryKey=BestTechDeals&typeId=16&wrapperElement=ul&itemTemplate=%2Fwww.idge%2F_shared%2Fcomponents%2Fmodules%2Fitem%2Frelated-articles.jsp
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/www/js/jquery/jquery-1.10.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
39ad44c226bb05409a2d07bce0632db9df7d808becd6bba7a438b5a6dc0d6c62

Request headers

Accept
*/*
Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
age
5892
x-served-by
cache-sjc10049-SJC, cache-hhn4059-HHN
vary
Accept-Encoding,Cookie
x-cache
HIT, HIT
content-type
text/html;charset=UTF-8
status
200
accept-ranges
bytes
x-timer
S1587679444.312882,VS0,VE0
content-length
755
via
1.1 varnish, 1.1 varnish
x-via-fastly
Verdad
x-cache-hits
22, 8
tile
www.pcworld.com/napi/
3 KB
742 B
XHR
General
Full URL
https://www.pcworld.com/napi/tile?def=listItemList&genericIfCategoryEmpty=true&includeArticles=true&pageSize=4&queryKey=TechconnectDeals&brandOwnerOnly=true&brandOwner=4194304&wrapperElement=ul&itemTemplate=%2Fwww.idge%2F_shared%2Fcomponents%2Fmodules%2Fitem%2Frelated-articles.jsp
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/www/js/jquery/jquery-1.10.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
538d417f7a723df17237e4a83e532b7f86d4411282693983f614f20085f0e0c5

Request headers

Accept
*/*
Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
age
2730
x-served-by
cache-sjc10027-SJC, cache-hhn4059-HHN
vary
Accept-Encoding,Cookie
x-cache
HIT, HIT
content-type
text/html;charset=UTF-8
status
200
accept-ranges
bytes
x-timer
S1587679444.312933,VS0,VE0
content-length
628
via
1.1 varnish, 1.1 varnish
x-via-fastly
Verdad
x-cache-hits
6, 6
network
www.pcworld.com/
1 KB
625 B
XHR
General
Full URL
https://www.pcworld.com/network
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/www/js/jquery/jquery-1.10.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e5574325672fa8c35bad6d935af2c906a120a2a177ad835302c76c72d063e969

Request headers

Accept
text/html, */*; q=0.01
Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
vary
Accept-Encoding,Cookie
age
16362
x-cache
HIT, HIT
status
200
content-length
521
x-via-fastly
Verdad
x-served-by
cache-sjc10024-SJC, cache-hhn4059-HHN
server
Apache-Coyote/1.1
x-timer
S1587679444.318800,VS0,VE0
x-fastly-ttl
14400.000
content-type
text/html;charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
max-age=14400
accept-ranges
bytes
x-fastly-stale
432000.000
x-cache-hits
33, 6
overlay.png
csmb.staticworld.net/images/furniture/colorbox/
182 B
582 B
Image
General
Full URL
https://csmb.staticworld.net/images/furniture/colorbox/overlay.png
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/www/js/jquery/jquery-1.10.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab2ef76dffeae79cf8924b6e69368c855af10f35510888e098143971b3a62ed1

Request headers

Referer
https://www.pcworld.com/www.idgcsmb/css/colorbox.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
TT_5UbbDpH2omSAZT1PV6VFVXEHsFcjm
via
1.1 varnish, 1.1 varnish, 1.1 varnish
etag
"790376e15a036959e358a19d4a7ea437"
age
510683
x-cache
HIT, HIT, HIT
status
200
content-length
182
x-amz-id-2
OFNHmExz6yJa2PP8jLBPY5q2os70k1ticvCRMjGYWERB0WHXnu1Ra7sWjpoTEpTQxHh4WWRkxok=
x-served-by
cache-jfk8148-JFK, cache-lga21978-LGA, cache-hhn4059-HHN
last-modified
Tue, 27 Mar 2018 00:01:13 GMT
server
AmazonS3
x-timer
S1587679444.321276,VS0,VS0,VE0
date
Thu, 23 Apr 2020 22:04:04 GMT
x-amz-request-id
5E71F6BD57BDACE8
cache-control
public, max-age=2592000
accept-ranges
bytes
content-type
image/png
x-cache-hits
3, 18, 1
logic
sourcepoint.mgr.consensu.org/consent/v2/3934/
1 KB
2 KB
XHR
General
Full URL
https://sourcepoint.mgr.consensu.org/consent/v2/3934/logic?withSiteActions=true&consentUUID=[CONSENT_UUID]&euconsent=[EUCONSENT]&mmsDomain=cmp.pcworld.com&hasConsentData&consentedToAny&consentedToAll&shortCircuitDetection&requestUUID=5d124b55-ce62-4ba0-887d-1598eae629ac-1587679444043
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/www/js/messaging.js?v=dec2019update
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.103.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-103-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de71752b9da39752192f15c8153ca0c81a2f327c4afc65161709731eda8571c3

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
status
200
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.pcworld.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
1458
display-dns
ccpa-service.sp-prod.net/ccpa/consent/3934/
2 KB
3 KB
XHR
General
Full URL
https://ccpa-service.sp-prod.net/ccpa/consent/3934/display-dns?requestUUID=e22ec3a9-cbda-416d-b016-0dfcbe7bd74e
Requested by
Host: ccpa.sp-prod.net
URL: https://ccpa.sp-prod.net/ccpa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.232.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-232-56.compute-1.amazonaws.com
Software
/
Resource Hash
cd97b51977edf7d5651d3fd14e85d8be5a6417323a5fd3de658f42df2d0a6106

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
status
200
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.pcworld.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
2477
integrator.js
adservice.google.nl/adsid/
109 B
839 B
Script
General
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=www.pcworld.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.pcworld.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2020042001.js
securepubads.g.doubleclick.net/gpt/
171 KB
63 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
sffe /
Resource Hash
0b810c6b83f3d55da4c3e345113ad863901ff3e382e04170817b853f761dd9f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Apr 2020 20:16:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
64174
x-xss-protection
0
expires
Thu, 23 Apr 2020 22:04:04 GMT
iphone-xs-max-iphone-8-plus-100775541-small.3x2.jpg
images.idgesg.net/images/article/2018/10/
6 KB
6 KB
Image
General
Full URL
https://images.idgesg.net/images/article/2018/10/iphone-xs-max-iphone-8-plus-100775541-small.3x2.jpg
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12f049028f53201e403ee1f8d8f57a243f752a68d22f5f09f026c6ed373c2447

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
dn7DVeY_QUi_BBDMv8qPVvKBVyAH9ZDZ
via
1.1 varnish, 1.1 varnish
etag
"7d3a7241b0b53b9d44b277c7709fa01e"
age
18730
x-cache
HIT, HIT
status
200
content-length
5767
x-amz-id-2
FifxsF7MUgW8SfcdzAv5vS6fxIhq00MsnwcISYUZwLwfpMU46rGrFeZ+tdvvk1f3BYiciw4WEKQ=
x-served-by
cache-lga21965-LGA, cache-hhn4059-HHN
last-modified
Thu, 04 Oct 2018 22:36:54 GMT
server
AmazonS3
x-timer
S1587679444.396090,VS0,VS0,VE0
date
Thu, 23 Apr 2020 22:04:04 GMT
x-amz-request-id
96F4A60D88DE5A9A
cache-control
public, max-age=2592000
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 6
seagate-backup-plus-2tb-100839556-small.3x2.jpg
images.idgesg.net/images/article/2020/04/
1 KB
2 KB
Image
General
Full URL
https://images.idgesg.net/images/article/2020/04/seagate-backup-plus-2tb-100839556-small.3x2.jpg
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
289892281b48ca17404d864d2dbb41a4ee40eb6743ca429371b90ba5c357597a

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
BLtpmXGb7OHXCXunHUt6.ZOqNZEuuRw1
via
1.1 varnish, 1.1 varnish
etag
"8c106a1fc541d279dacfe887963c7b5a"
age
18730
x-cache
HIT, HIT
status
200
content-length
1263
x-amz-id-2
nOAFRLIzXjIyQ02ltt2F98q/XCILdRcg6MzWMHRul8q05StT0YmlA0mHI6zdsk8bJSWnOf4NcgM=
x-served-by
cache-lga21938-LGA, cache-hhn4059-HHN
last-modified
Thu, 23 Apr 2020 15:50:27 GMT
server
AmazonS3
x-timer
S1587679444.396156,VS0,VS0,VE0
date
Thu, 23 Apr 2020 22:04:04 GMT
x-amz-request-id
0DBC5C105D3E6A98
cache-control
public, max-age=2592000
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 6
ipadpro-100839545-small.3x2.jpg
images.idgesg.net/images/article/2020/04/
4 KB
4 KB
Image
General
Full URL
https://images.idgesg.net/images/article/2020/04/ipadpro-100839545-small.3x2.jpg
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f268d5ee7df294c975d8e6825c32be94978c451dfb3ae01b05bf132e65e9c93f

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
FMhQKxxCd_Irb2LNb3Sp_gqIdKiQS3Vi
via
1.1 varnish, 1.1 varnish
etag
"7b651b8527b739e225e1f35661502fae"
age
21127
x-cache
HIT, HIT
status
200
content-length
3941
x-amz-id-2
foCwUGPOAu+KkkULXdpUs/4GnokKH44V10HgJgLnmG7l/S6XpimNSRzrBusKnKoIzXkiAhuPFzE=
x-served-by
cache-lga21921-LGA, cache-hhn4059-HHN
last-modified
Thu, 23 Apr 2020 14:11:28 GMT
server
AmazonS3
x-timer
S1587679444.396183,VS0,VS0,VE0
date
Thu, 23 Apr 2020 22:04:04 GMT
x-amz-request-id
CCF7EA1B602BB7CB
cache-control
public, max-age=2592000
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
3, 6
g402hyperionfury-100815558-small.3x2.jpg
images.idgesg.net/images/article/2019/10/
3 KB
3 KB
Image
General
Full URL
https://images.idgesg.net/images/article/2019/10/g402hyperionfury-100815558-small.3x2.jpg
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2270d902c0076b7e4cb64998828f77298b5dad9b2eba1505cff01d4902c33a26

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
PxQcUtrDDotMN3lCZkrMtODj.0g4JtK7
via
1.1 varnish, 1.1 varnish
etag
"b0adfc88e7f1d8ecec5857d0a16489f8"
age
22902
x-cache
HIT, HIT
status
200
content-length
2736
x-amz-id-2
KLXhn3sIMNGuj7PPfU87VbkU1i7gUVNc+22MokVLQfpuyXgXh0byWFaQ4EImgv5Ppin3KgAJYbw=
x-served-by
cache-lga21951-LGA, cache-hhn4059-HHN
last-modified
Fri, 25 Oct 2019 13:52:05 GMT
server
AmazonS3
x-timer
S1587679444.396118,VS0,VS0,VE0
date
Thu, 23 Apr 2020 22:04:04 GMT
x-amz-request-id
288FDEB16C1AC197
cache-control
public, max-age=2592000
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
2, 3
sale_27578_primary_image_wide-100839434-small.3x2.jpg
images.idgesg.net/images/article/2020/04/
9 KB
9 KB
Image
General
Full URL
https://images.idgesg.net/images/article/2020/04/sale_27578_primary_image_wide-100839434-small.3x2.jpg
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
abf6a1c57f968570bebfe1913e419589d42f899b40799bc5d8509b773c89d569

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
jf.FySA6Q1MaAZ5vm7w0U0g8NveHyKtH
via
1.1 varnish, 1.1 varnish
etag
"5f066e555cae2b7feb7c56835d0ecd2b"
age
20923
x-cache
HIT, HIT
status
200
content-length
9249
x-amz-id-2
pgOw9qZw4Clkcuv5c3MLmyidURF2RhwTtH1RyZg4I700eXyjWx9UZ71511neAXW9gDHQ0pivvRs=
x-served-by
cache-lga21977-LGA, cache-hhn4059-HHN
last-modified
Wed, 22 Apr 2020 13:43:35 GMT
server
AmazonS3
x-timer
S1587679444.396151,VS0,VS0,VE0
date
Thu, 23 Apr 2020 22:04:04 GMT
x-amz-request-id
C05212C56889B225
cache-control
public, max-age=2592000
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 26
sale_26133_primary_image_wide-1-100839432-small.3x2.jpg
images.idgesg.net/images/article/2020/04/
7 KB
7 KB
Image
General
Full URL
https://images.idgesg.net/images/article/2020/04/sale_26133_primary_image_wide-1-100839432-small.3x2.jpg
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc272f580cca5b696c2f47222e52f0423140e05140f88c213cb1e51972a5c9fb

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
1d4JgfewOhbpFIWmUjn317hv3RSsVUb6
via
1.1 varnish, 1.1 varnish
etag
"7c3e16cbdf1081d4b923d971f4e95b13"
age
24325
x-cache
HIT, HIT
status
200
content-length
7088
x-amz-id-2
5Fk/pNswd6sOUfFHkbF5W7utXj2Z4OXN2LY9WQFAiu7SHNxNJV8Zd7fl95tqFW8WoRBAFfR+pY0=
x-served-by
cache-lga21943-LGA, cache-hhn4059-HHN
last-modified
Wed, 22 Apr 2020 13:31:57 GMT
server
AmazonS3
x-timer
S1587679444.396140,VS0,VS0,VE0
date
Thu, 23 Apr 2020 22:04:04 GMT
x-amz-request-id
4FE44717344CED1F
cache-control
public, max-age=2592000
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 27
sale_22404_primary_image_wide-100839426-small.3x2.jpg
images.idgesg.net/images/article/2020/04/
7 KB
7 KB
Image
General
Full URL
https://images.idgesg.net/images/article/2020/04/sale_22404_primary_image_wide-100839426-small.3x2.jpg
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
202190afcb483c57aaf053be5b197ce0a0b9543c468037154dd4fade151f13c7

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
xyMe8QOVKiE5oEGeOKIQDGBJBK2a6CqJ
via
1.1 varnish, 1.1 varnish
etag
"7dba03410d0a1e1b2bc904f7a2ed095c"
age
22528
x-cache
HIT, HIT
status
200
content-length
6882
x-amz-id-2
ZiipVXLeNg+MBviAnUf9SK64hpl82tX5xq//VdLyXLaJeh+UDPUoV5pn9miIXjWht6JCBMJg1dk=
x-served-by
cache-lga21972-LGA, cache-hhn4059-HHN
last-modified
Wed, 22 Apr 2020 12:57:48 GMT
server
AmazonS3
x-timer
S1587679444.402866,VS0,VS0,VE0
date
Thu, 23 Apr 2020 22:04:04 GMT
x-amz-request-id
058059FD29386930
cache-control
public, max-age=2592000
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 27
gearlight-100838866-small.3x2.jpg
images.idgesg.net/images/article/2020/04/
3 KB
4 KB
Image
General
Full URL
https://images.idgesg.net/images/article/2020/04/gearlight-100838866-small.3x2.jpg
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d8759af37bfd3ec562b123ddd2d1e04d063eaf8d9cf18f6ee395ee1beaa59c5

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
AB0E5r3h0ErQYO3dPxGNoZibCm2A68JR
via
1.1 varnish, 1.1 varnish
etag
"53ab3fdc61caf8d6c10dc35ff8ef9c74"
age
621693
x-cache
HIT, HIT
status
200
content-length
3558
x-amz-id-2
s6bH1mgpBXlBuBw1CVPF079nQlL/ZEeyPo59c3nglM19Now/yZ3wOiS5KaGysGX3dOUQXA+fQHU=
x-served-by
cache-lga21980-LGA, cache-hhn4059-HHN
last-modified
Thu, 16 Apr 2020 16:21:59 GMT
server
AmazonS3
x-timer
S1587679444.426638,VS0,VS0,VE0
date
Thu, 23 Apr 2020 22:04:04 GMT
x-amz-request-id
D378811B36515760
cache-control
public, max-age=2592000
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 3
apple-tv-plus-hero-100792081-medium.3x2.jpg
images.idgesg.net/images/article/2019/03/
5 KB
6 KB
Image
General
Full URL
https://images.idgesg.net/images/article/2019/03/apple-tv-plus-hero-100792081-medium.3x2.jpg
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b57be03e4acc549fb6df3904fee027141b6964ea20e021bce329483a79492f0d

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
O5JS_FuUXZvszR62ynZhM2yZmll2axz0
via
1.1 varnish, 1.1 varnish
etag
"98a17d2e44e08e3e41a18abc1eb79702"
age
2445531
x-cache
HIT, HIT
status
200
content-length
5464
x-amz-id-2
gO5e7OWGF3z8ABjv2Dh/qlrWXK8t72SBcPLppYDyGFBiaocVcqYqpvPbw/BHJq0NdSpXz2oi6DI=
x-served-by
cache-jfk8146-JFK, cache-hhn4059-HHN
last-modified
Wed, 27 Mar 2019 17:15:23 GMT
server
AmazonS3
x-timer
S1587679444.426662,VS0,VS0,VE0
date
Thu, 23 Apr 2020 22:04:04 GMT
x-amz-request-id
5F61ECE980B461C9
cache-control
public, max-age=2592000
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 3
gettyimages-91745410-100771856-medium.3x2.jpg
images.idgesg.net/images/article/2018/09/
9 KB
10 KB
Image
General
Full URL
https://images.idgesg.net/images/article/2018/09/gettyimages-91745410-100771856-medium.3x2.jpg
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df0894bd40dae58dae94ead8d27bd0da42b346bdb000030142a620089f43f52f

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
UH61_Fe452Y.iKVtVBjmEk9_IiBC6EH6
via
1.1 varnish, 1.1 varnish
etag
"d21cd5a9fae6ea560aee5b487255e0de"
age
120234
x-cache
HIT, HIT
status
200
content-length
9469
x-amz-id-2
+MuBgMoqN+gUJzgmQF8SyYxUvuQd/J88b5SYy9Iv7x2iW7RuV5Iqn40giG64fO1t1B5Z6r8yuQA=
x-served-by
cache-lga21965-LGA, cache-hhn4059-HHN
last-modified
Wed, 12 Sep 2018 22:47:26 GMT
server
AmazonS3
x-timer
S1587679444.426624,VS0,VS0,VE0
date
Thu, 23 Apr 2020 22:04:04 GMT
x-amz-request-id
76B32DA4E95414ED
cache-control
public, max-age=2592000
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 7
oct.js
static.ads-twitter.com/
Redirect Chain
  • https://platform.twitter.com/oct.js
  • https://static.ads-twitter.com/oct.js
5 KB
2 KB
Script
General
Full URL
https://static.ads-twitter.com/oct.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
age
85067
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-fra19183-FRA
last-modified
Tue, 23 Jan 2018 20:09:00 GMT
x-timer
S1587679445.714643,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes

Redirect headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Apr 2020 22:04:04 GMT
Server
ECS (fcn/418C)
Content-Length
0
Location
https://static.ads-twitter.com/oct.js
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
gtm.js
www.googletagmanager.com/
113 KB
34 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K7239P&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WR6LD2P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec76008643303d55f290bc235136d8c86e9c492ef6e17c291c538c9c6398f06f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
34907
x-xss-protection
0
last-modified
Thu, 23 Apr 2020 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 Apr 2020 22:04:04 GMT
api.js
w.soundcloud.com/player/
5 KB
3 KB
Script
General
Full URL
https://w.soundcloud.com/player/api.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WR6LD2P
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.44 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-44.fra2.r.cloudfront.net
Software
am/2 /
Resource Hash
78d83d68ccf7a24aca085486bfc291760424279b6f5308092af4fe600b9d1e19
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 23 Apr 2020 22:00:15 GMT
Via
sssr, 1.1 e5b747ffd1713cb17ddd7d55234a3301.cloudfront.net (CloudFront)
Vary
Accept-Encoding
Age
229
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
P3P
policyref="https://w.soundcloud.com/player/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV TAI PSAo PSDo OUR STP CNT"
Connection
keep-alive
Content-Encoding
gzip
Last-Modified
Thu, 16 Apr 2020 09:40:13 GMT
Server
am/2
ETag
W/"1298-350155148"
Strict-Transport-Security
max-age=63072000
Content-Type
application/javascript
Cache-Control
public, max-age=300
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
X-Amz-Cf-Id
obo0LZ-coy5ZaMpgAu31M5X0r0fPuRH6ZiM75OjFPfe_a8yrpFD97w==
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WR6LD2P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
1530
date
Thu, 23 Apr 2020 21:38:34 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Thu, 23 Apr 2020 23:38:34 GMT
macworld-csmb-footer.png
csmb.staticworld.net/images/furniture/macworld/
3 KB
3 KB
Image
General
Full URL
https://csmb.staticworld.net/images/furniture/macworld/macworld-csmb-footer.png
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/www/js/jquery/jquery-1.10.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aef82825aeae31cac3837ddc620f97cfd5458f9ebaa70dfa71b3a07ab1050474

Request headers

Referer
https://www.pcworld.com/www.idgcsmb/css/footer.css?v=20200423125416
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
1pBjwTGWGoXxHg_AL9qZA_ljh3dG.hs9
via
1.1 varnish, 1.1 varnish, 1.1 varnish
etag
"ae5badd64ae92d85c9f8969bc06c2789"
age
1782439
x-cache
HIT, HIT, HIT
status
200
content-length
2857
x-amz-id-2
LR5vybfqFhDto/S2X+xcxEAkkelxa9RKtdSETBjWSUsWV0jxyBSGDbw7oefZNCIzOIe1cWCd7Jc=
x-served-by
cache-jfk8130-JFK, cache-lga21949-LGA, cache-hhn4059-HHN
last-modified
Tue, 27 Mar 2018 00:01:13 GMT
server
AmazonS3
x-timer
S1587679445.555199,VS0,VS0,VE0
date
Thu, 23 Apr 2020 22:04:04 GMT
x-amz-request-id
26EBECE73E3BE3C3
cache-control
public, max-age=2592000
accept-ranges
bytes
content-type
image/png
x-cache-hits
2, 5, 3
techhive-csmb-footer.png
csmb.staticworld.net/images/furniture/techhive/
3 KB
4 KB
Image
General
Full URL
https://csmb.staticworld.net/images/furniture/techhive/techhive-csmb-footer.png
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/www/js/jquery/jquery-1.10.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
382bfda3859c621547c8d56bd7eebe93afc88df5fd876d356ac090bb95543123

Request headers

Referer
https://www.pcworld.com/www.idgcsmb/css/footer.css?v=20200423125416
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
MRtNdsxGw3Ofwy3QSXJkNCOT4owwIB0k
via
1.1 varnish, 1.1 varnish
etag
"7499015bd9071bc3b820207936cc096d"
age
500570
x-cache
HIT, HIT
status
200
content-length
3319
x-amz-id-2
NVNv6p6JEgjvDC1odOkM1i2ybdkYBZFcr39q/PkinCWd/S+pRPNVkU1jO/vB15ZMk3AebfI6CU0=
x-served-by
cache-jfk8133-JFK, cache-hhn4059-HHN
last-modified
Tue, 27 Mar 2018 00:01:20 GMT
server
AmazonS3
x-timer
S1587679445.555278,VS0,VS0,VE0
date
Thu, 23 Apr 2020 22:04:04 GMT
x-amz-request-id
AAF5529C772108EB
cache-control
public, max-age=2592000
accept-ranges
bytes
content-type
image/png
x-cache-hits
5, 7
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 807E
0
0
Document
General
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/put.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html

Response headers

status
200
accept-ranges
bytes
content-type
text/html
etag
"c0311cf15c21ddda054005e92fad3f9e:1587476499.350133"
last-modified
Tue, 21 Apr 2020 13:14:32 GMT
server
AkamaiNetStorage
content-length
416
cache-control
max-age=345600
date
Thu, 23 Apr 2020 22:04:04 GMT
timing-allow-origin
*
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1587679444~rv=100~id=236ed8ce2b4d60a950ae660b82a485b1; path=/; Expires=Thu, 23 Apr 2020 22:04:04 GMT; Secure; SameSite=None
d3d3LnBjd29ybGQuY29t
tcheck.outbrainimg.com/tcheck/check/
16 B
477 B
XHR
General
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LnBjd29ybGQuY29t
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.170.21 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-170-21.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=35843
Date
Thu, 23 Apr 2020 22:04:04 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
false
Content-Length
16
Expires
Fri, 24 Apr 2020 08:01:27 GMT
adcZVUsWVdmUWVbZldRXGUxaC8jdlNVVWFnYGZRW1YvIyYodlNUYi9YU15lV3ZkV1hXZGRXZC92ZVdlZVthYFFkV1hXZGRXZC92ZVdlZVthYFFfV2VlU1lXUVVhZ2BmLyJ2XGgvJH4ifiMjKyh2VVZVL2lbYFZhaX5RZWJRfl9lWX5RW2BmV2RgU15-VVZVI3ZaZF...
cmp.pcworld.com/
17 KB
18 KB
Script
General
Full URL
https://cmp.pcworld.com/adcZVUsWVdmUWVbZldRXGUxaC8jdlNVVWFnYGZRW1YvIyYodlNUYi9YU15lV3ZkV1hXZGRXZC92ZVdlZVthYFFkV1hXZGRXZC92ZVdlZVthYFFfV2VlU1lXUVVhZ2BmLyJ2XGgvJH4ifiMjKyh2VVZVL2lbYFZhaX5RZWJRfl9lWX5RW2BmV2RgU15-VVZVI3ZaZFdYL1pmZmJldSUzdSQ4dSQ4aWlpfmJVaWFkXlZ-VWFfdSQ4U2RmW1VeV3UkOCMoJCQmInUkOGZaV1FZWiJlZlFkU2ZRW2BRZlpXUV9TVVpbYFd-WmZfXnZVYWBlV2BmR0c7Ni8jVyQlV1hTI31XKyoofSYqJVR9VCopIn0pJlQlKilYJSImJ1d2ZFdjZ1dlZkdHOzYvJ1YjJCZUJyd9VVcoJH0mVFMifSoqKVZ9IycrKldTVygkK1NVfSMnKikoKSsmJiYiJiV2VWFhXVtXL3UnNHUkJFFlYlFXYFNUXldRVlhiUWJXZGVhYFNeW2xXVlFTVmV1JTZYU15lV3UlNHUkJHUnNnZeYVNWV1Y2U2ZTL3UnNHUpNHUkJFtWdSQkdSUzdSQkNUFARTdARnUlM1dgVmJhW2BmdSUzWmZmYmV1JTN1JDh1JDhlYWdkVVdiYVtgZn5fWWR-VWFgZVdgZWd-YWRZdSUzJSslJnUkJHUkNXUkJGRXZWdeZnUkJHUlM3UkJHUpNHUnNXUkJFpTZTVhYGVXYGY2U2ZTdSc1dSQkdSUzWFNeZVd1JDV1JzV1JCRVYWBlV2BmV1ZGYTNga3UnNXUkJHUlM2BnXl51JDV1JzV1JCRVYWBlV2BmV1ZGYTNeXnUnNXUkJHUlM2BnXl51JDV1JzV1JCRlWmFkZjVbZFVnW2Y2V2ZXVWZbYWB1JzV1JCR1JTNYU15lV3UkNXUnNXUkJFVhYGVXYGZHRzs2dSc1dSQkdSUzdSc1dSQkI1ckJVdYUyN9VysqKH0mKiVUfVQqKSJ9KSZUJSopWCUiJidXdSc1dSQkdSk2dSQkdSk2dSc2
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/www/js/messaging.js?v=dec2019update
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.47.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-47-46.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.2.v20170220) /
Resource Hash
34c78154ac348b702e1cde8e5d432668b6afa3f93f639aa15856a05d527f3458

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 22:04:04 GMT
x-sp-mms-node
mms-aka.node.fra.consul
server
Jetty(9.4.2.v20170220)
access-control-allow-methods
GET
content-type
application/javascript
status
200
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-sp-mms-env
1
expires
Sat, 15 Nov 2008 16:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
934 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 21:34:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1745
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Thu, 23 Apr 2020 22:34:59 GMT
publisher:getClientId
ampcid.google.com/v1/
74 B
183 B
XHR
General
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.pcworld.com
access-control-expose-headers
content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
publisher:getClientId
ampcid.google.de/v1/
3 B
112 B
XHR
General
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.pcworld.com
access-control-expose-headers
content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
pub.531979.min.js
www.dwin2.com/
290 KB
108 KB
Script
General
Full URL
https://www.dwin2.com/pub.531979.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7239P&l=dataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
950701e4650043f514b6e59c2499415eea44888d8ccce9a96c08be8349e8a430

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
age
3503
x-cache
HIT, HIT
status
200
x-cache-hits
14, 3
content-length
110501
x-served-by
cache-lcy19236-LCY, cache-fra19128-FRA
last-modified
Thu, 23 Apr 2020 18:45:30 GMT
server
nginx
x-timer
S1587679445.767448,VS0,VE0
etag
"5ea1e24a-487d7"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=3600
accept-ranges
bytes
expires
Thu, 23 Apr 2020 22:05:40 GMT
front.asp
k.intellitxt.com/intellitxt/
2 KB
1 KB
Script
General
Full URL
https://k.intellitxt.com/intellitxt/front.asp?ipid=88677
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7239P&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.97.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-97-1.compute-1.amazonaws.com
Software
nginx / Kormorant
Resource Hash
42280bb8f1c1e9bdcde431402ff2fc3dd2494b0f5ba7b118cb4709d62a398f9e

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Apr 2020 22:08:11 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
Kormorant
Vary
Accept-Encoding, *
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 08 Jan 2016 00:00:00 GMT
the_gh0st_rat_in_the_machine.html
www.pcworld.com/article/162240/
Redirect Chain
  • https://www.pcworld.com/article/162240/
  • https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
64 KB
64 KB
Image
General
Full URL
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
age
75
x-served-by
cache-sjc10025-SJC, cache-hhn4059-HHN
vary
Accept-Encoding,Cookie
x-cache
MISS, HIT
content-type
text/html;charset=UTF-8
status
200
accept-ranges
bytes
x-timer
S1587679445.732587,VS0,VE0
content-length
33887
via
1.1 varnish, 1.1 varnish
x-via-fastly
Verdad
x-cache-hits
0, 2

Redirect headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
age
74
status
301
x-served-by
cache-sjc10049-SJC, cache-hhn4059-HHN
vary
Accept-Encoding,Cookie
x-cache
MISS, HIT
location
/article/162240/the_gh0st_rat_in_the_machine.html
accept-ranges
bytes
x-timer
S1587679445.708797,VS0,VE1
content-length
25
via
1.1 varnish, 1.1 varnish
x-via-fastly
Verdad
x-cache-hits
0, 1
5ba5e406e33cb603e01b1be0_close-icon.svg
uploads-ssl.webflow.com/57d30b6aa1924bb30d7ae290/
2 KB
1 KB
Image
General
Full URL
https://uploads-ssl.webflow.com/57d30b6aa1924bb30d7ae290/5ba5e406e33cb603e01b1be0_close-icon.svg
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/www/js/messaging.js?v=dec2019update
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-2.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ab172d1a6dab39d0b8efd61404468129ea0c23eaee414669b69276064dd3c11

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 09 Apr 2020 23:07:13 GMT
content-encoding
gzip
last-modified
Sat, 22 Sep 2018 06:41:11 GMT
server
AmazonS3
age
1205812
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
YCr6y.ejPXZjFF6Y_IHXAbhJqsw3Y8no
status
200
cache-control
max-age=31536000, must-revalidate
x-amz-cf-pop
FRA2-C2
content-type
image/svg+xml
x-amz-cf-id
8g40dKaY4cx70_WI5dyEI4sNkDjoVHnQVNfPLIKjCWjlaFP73vk5MA==
via
1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
pcworld-black-100800501-orig.jpg
images.idgesg.net/images/article/2019/06/
25 KB
25 KB
Image
General
Full URL
https://images.idgesg.net/images/article/2019/06/pcworld-black-100800501-orig.jpg
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.165 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16b202847dca025983e3ad10c7281b3079b4ce12217fe3a67f6468582653fba6

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
82J6vFCIytgvXjSmJqKTlcIN7pcqficA
via
1.1 varnish, 1.1 varnish, 1.1 varnish
etag
"547eb0ff9bbcecfdb43a3c70c6ab961b"
age
143386
x-cache
HIT, HIT, HIT
status
200
content-length
25222
x-amz-id-2
kLPImKY2kUjes/4WR7mKG16uD7w1a7jbeKMHpxYMcNkJOJip2lHxBv0GGukbfhVBhqiNmAkLICk=
x-served-by
cache-jfk8147-JFK, cache-lga21926-LGA, cache-hhn4059-HHN
last-modified
Thu, 27 Jun 2019 15:50:58 GMT
server
AmazonS3
x-timer
S1587679445.713324,VS0,VS0,VE1
date
Thu, 23 Apr 2020 22:04:04 GMT
x-amz-request-id
0EC2897F4519FB75
cache-control
public, max-age=2592000
accept-ranges
bytes
content-type
image/jpeg
x-cache-hits
1, 1, 1
dwce_cheq_events
log.outbrainimg.com/loggerServices/
4 B
325 B
XHR
General
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1587679444705&sessionId=923fa8fb-5eed-0c01-9fde-15106e9d64a7&url=www.pcworld.com&cheqSource=1&cheqEvent=0&exitReason=2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Apr 2020 22:04:05 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
be6f5bfb8474186d47b253bf567e8e5b
Content-Length
4
Expires
0
collect
www.google-analytics.com/r/
35 B
111 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=367074771&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&ul=en-us&de=UTF-8&dt=The%20Gh0st%20RAT%20in%20the%20Machine%20%7C%20PCWorld&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAjAAQC~&jid=71858707&gjid=604223339&cid=1781066029.1587679445&uid=&tid=UA-739745-1&_gid=370079147.1587679445&_r=1&gtm=2wg4f0WR6LD2P&cg1=web%20applications&cg2=news&cg3=Robert%20X.%20Cringely&cg4=article&cg5=us&cd1=false&cd2=&cd3=&cd4=&cd5=Thu%2C%2023%20Apr%202020%2022%3A04%3A04%20GMT&cd6=Thu%2C%2023%20Apr%202020%2022%3A04%3A04%20GMT&cd7=0&cd8=1&cd9=production&cd10=pcworld&cd11=US&cd12=consumer&cd13=&cd14=&cd15=Web&cd16=&cd17=web%20applications&cd18=3959&cd19=web%20applications%2C%20security%2C%20hacking&cd20=3959%2C2206%2C3858&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=news&cd27=162240&cd28=article&cd29=Robert%20X.%20Cringely&cd30=infoworld&cd31=false&cd32=&cd33=&cd34=&cd35=&cd36=&cd37=false&cd38=1&cd39=&cd40=&cd41=4042&cd42=4042&cd43=&cd44=false&cd45=&cd46=false&cd47=&cd48=&cd49=&cd50=&cd51=&cd52=&cd53=1059&cd54=1059%2C%20941%2C%20951&cd55=&cd56=&cd58=&cd59=&cd60=&cd79=us&cd80=&cd81=false&cd82=false&cd84=&cd104=false&z=2062739438
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 22:04:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
jadserve.postrelease.com/
5 KB
2 KB
Script
General
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.137.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-137-236.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
02b017b9b37161fe4442f83ec94c59c34fa3a0108a8ebfee7871c3a7bc458674

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 22:04:05 GMT
content-encoding
gzip
server
nginx/1.12.1
status
200
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
1315
expires
Mon, 1 Jan 1990 12:00:00 GMT
111346X1569483.skimlinks.js
s.skimresources.com/js/
42 KB
16 KB
Script
General
Full URL
https://s.skimresources.com/js/111346X1569483.skimlinks.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WR6LD2P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b65dde4c9354b696887b7ec8d52c2a723491c0327a34d4b6c922e15619dbcca2

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
last-modified
Tue, 07 Apr 2020 10:26:56 GMT
server
AmazonS3
x-amz-request-id
B8E86F77D0603C3A
etag
"c2dff960535bbe24981ebd82a2764c02"
x-hw
1587679444.cds151.am5.hn,1587679444.cds085.am5.c
content-type
application/octet-stream
status
200
cache-control
max-age=3600
accept-ranges
bytes
content-length
15960
x-amz-id-2
nZ2ucXr4y8roQq5kK1IPIkW9HZrs3sPJUQT/TzWYkRnnLjDf+EFknmTGC88WwnOxWjPko90IpKM=
robots.txt
t.skimresources.com/api/v2/ Frame 6DBA
0
105 B
Image
General
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.08063051724409576
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
206
date
Thu, 23 Apr 2020 22:04:04 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
clear
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/
43 B
247 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=1.4581476380119387
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status
200
content-type
image/gif
alt-svc
clear
content-length
43
px.gif
p.skimresources.com/
43 B
105 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=1.4581476380119387
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status
200
content-type
image/gif
alt-svc
clear
content-length
43
uwt.js
static.ads-twitter.com/
5 KB
2 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
age
85068
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-fra19183-FRA
last-modified
Tue, 23 Jan 2018 20:09:00 GMT
x-timer
S1587679445.844358,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
front.asp
k.intellitxt.com/intellitxt/
2 KB
1 KB
Script
General
Full URL
https://k.intellitxt.com/intellitxt/front.asp?ipid=93398
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.97.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-97-1.compute-1.amazonaws.com
Software
nginx / Kormorant
Resource Hash
5b515ef46ed7043e31bcc5bbfdee7ad82c3e3e794b5c01ee8810f850a9649665

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Apr 2020 22:08:11 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
Kormorant
Vary
Accept-Encoding, *
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 08 Jan 2016 00:00:00 GMT
/
r.skimresources.com/api/
Redirect Chain
  • https://r.skimresources.com/api/
  • https://r.skimresources.com/api/?xguid=01E6MH3FXFYMAZ2YXBG7WVC40Q&persistence=1&checksum=b96270991b70c744f6e448488710ab73c28e28fec1c5106312797cc27bbd8555
179 B
514 B
XHR
General
Full URL
https://r.skimresources.com/api/?xguid=01E6MH3FXFYMAZ2YXBG7WVC40Q&persistence=1&checksum=b96270991b70c744f6e448488710ab73c28e28fec1c5106312797cc27bbd8555
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
6f1e5a59314dbb7c2c0dc22b03f7f2bae75ea8f2c918e0e147388ce6c95881fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
status
200
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.pcworld.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-type
application/json
alt-svc
clear
via
1.1 google

Redirect headers

date
Thu, 23 Apr 2020 22:04:04 GMT
via
1.1 google
server
openresty/1.11.2.5
status
307
location
https://r.skimresources.com/api/?xguid=01E6MH3FXFYMAZ2YXBG7WVC40Q&persistence=1&checksum=b96270991b70c744f6e448488710ab73c28e28fec1c5106312797cc27bbd8555
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.pcworld.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-type
text/html
alt-svc
clear
content-length
193
init.js
www.dwin2.com/
5 KB
2 KB
Script
General
Full URL
https://www.dwin2.com/init.js?t=1587679444851
Requested by
Host: www.dwin2.com
URL: https://www.dwin2.com/pub.531979.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
87984f28651235e9881bd0e87607da59e5ad53f28e59b63cda6e36862992239b

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
age
400
x-cache
HIT, HIT
status
200
x-cache-hits
1, 86
content-length
2258
x-served-by
cache-lcy19238-LCY, cache-fra19128-FRA
last-modified
Thu, 23 Apr 2020 21:56:25 GMT
server
nginx
x-timer
S1587679445.875669,VS0,VE0
etag
"5ea20f09-1241"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=3600
accept-ranges
bytes
expires
Thu, 23 Apr 2020 22:56:25 GMT
publishertag.js
static.criteo.net/js/ld/
98 KB
30 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183980-214854100715128.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
6d891777771aa5f97eacda90fbd16004957c0784475110611a4f7493bad8a9b5

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
content-encoding
gzip
last-modified
Mon, 30 Mar 2020 10:35:37 GMT
server
nginx
etag
W/"5e81cb79-1867d"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 24 Apr 2020 22:04:04 GMT
rid
match.adsrvr.org/track/
109 B
542 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187051
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183980-214854100715128.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.6.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-6-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
667debbaedd83bca646fd0699c0c124d837823404ed930ab4e6eb457dcb41cc7

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 23 Apr 2020 22:04:04 GMT
x-aspnet-version
4.0.30319
status
200
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.pcworld.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sat, 23 May 2020 22:04:04 GMT
iab
api.skimlinks.mgr.consensu.org/
772 B
637 B
XHR
General
Full URL
https://api.skimlinks.mgr.consensu.org/iab?nocache=1587679444955
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/111346X1569483.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.40.172 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.40.190.35.bc.googleusercontent.com
Software
nginx/1.14.0 /
Resource Hash
4898c2b9f8c2f931ef6a819d36e0019867931d9519af933ab4bd5edce724b2a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.14.0
access-control-allow-headers
*
status
200
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.pcworld.com
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
via
1.1 google
page
t.skimresources.com/api/v2/
22 B
343 B
XHR
General
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/111346X1569483.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 22:04:04 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.pcworld.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
link
t.skimresources.com/api/v2/
22 B
91 B
XHR
General
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/111346X1569483.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 22:04:04 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.pcworld.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
/
k.intellitxt.com/go/1/
5 KB
3 KB
Script
General
Full URL
https://k.intellitxt.com/go/1/?ipid=88677&consentstr=&consenttype=&referer=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html
Requested by
Host: k.intellitxt.com
URL: https://k.intellitxt.com/intellitxt/front.asp?ipid=88677
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.97.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-97-1.compute-1.amazonaws.com
Software
nginx / Kormorant
Resource Hash
ca1ee60603dcacd0f1bbb6b6c77db0b8fb5971a6f9ed213a7a81afa5e4827a0a

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Apr 2020 22:08:11 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
Kormorant
Vary
Accept-Encoding, *
Content-Type
text/javascript; charset=utf-8
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 08 Jan 2016 00:00:00 GMT
ttj
ib.3lift.com/
4 KB
2 KB
Script
General
Full URL
https://ib.3lift.com/ttj?inv_code=tan_PCWorld_MOAP
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-125.fra2.r.cloudfront.net
Software
/
Resource Hash
e90fb2e3df0d3c57d21793164d01be1e0064baddec3e62708925e64fe40f756b

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 23 Apr 2020 21:57:34 GMT
Content-Encoding
gzip
Connection
keep-alive
Age
443
ETag
"2319eec1a221ecb3e98932466fa4444f"
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=utf-8
Via
1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
Cache-Control
public, max-age=900
X-Amz-Cf-Pop
FRA2-C2
Content-Length
1977
X-Amz-Cf-Id
Ki479eVK0NRHL6ftGjYRaqujBLqOWiWsDYKa_afRAN23o_iQELrw5w==
gpt.js
www.googletagservices.com/tag/js/ Frame B3E5
42 KB
14 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2615f7baf05472622e67a05639e9980aa79f9bcb3466b03040602856842ef7d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"495 / 258 of 1000 / last-modified: 1587667613"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14370
x-xss-protection
0
expires
Thu, 23 Apr 2020 22:04:05 GMT
trk.gif
jadserve.postrelease.com/
43 B
426 B
Image
General
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=daf9ef61-90c3-4e59-89e8-eb0966edb699&ntv_fl=Js-9sgkIMAcneH5bOKp6X9uWqFUFyflRK83NhSSTeR4=&ntv_ht=1RCiXgA&ntv_at=303,302&ntv_a=AAAAAAAAAAaQIMA&ord=1587679445134&ntv_dpl=1009,1011,1001,1050,1003,1019,1007&ntv_it
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.137.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-137-236.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 22:04:05 GMT
server
nginx/1.12.1
status
200
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/
43 B
426 B
Image
General
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=daf9ef61-90c3-4e59-89e8-eb0966edb699&ntv_fl=Js-9sgkIMAcneH5bOKp6X9uWqFUFyflRK83NhSSTeR4=&ntv_ht=1RCiXgA&ntv_at=806&ntv_a=AAAAAAAAAAaQIMA&ntv_sat=5&ord=1587679445137&ntv_it
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.137.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-137-236.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 22:04:05 GMT
server
nginx/1.12.1
status
200
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/
43 B
426 B
Image
General
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=13313e9a-5f46-418b-a7fa-392e70964df9&ntv_fl=Js-9sgkIMAcneH5bOKp6X9uWqFUFyflRK83NhSSTeR4=&ntv_ht=1RCiXgA&ntv_at=303&ntv_a=AAAAAAAAAA_3gQA&ord=1587679445138&ntv_dpl=1009,1011,1001,1050,1003,1019,1007&ntv_it
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.137.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-137-236.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 22:04:05 GMT
server
nginx/1.12.1
status
200
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/
43 B
426 B
Image
General
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=13313e9a-5f46-418b-a7fa-392e70964df9&ntv_fl=Js-9sgkIMAcneH5bOKp6X9uWqFUFyflRK83NhSSTeR4=&ntv_ht=1RCiXgA&ntv_at=806&ntv_a=AAAAAAAAAAaQIMA&ntv_sat=14&ord=1587679445141&ntv_it
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.137.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-137-236.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 22:04:05 GMT
server
nginx/1.12.1
status
200
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/
43 B
426 B
Image
General
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=13313e9a-5f46-418b-a7fa-392e70964df9&ntv_fl=Js-9sgkIMAcneH5bOKp6X9uWqFUFyflRK83NhSSTeR4=&ntv_ht=1RCiXgA&ntv_at=807&ntv_a=AAAAAAAAAAaQIMA&ntv_sat=14&ntv_v=0&ord=1587679445142&ntv_it
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.137.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-137-236.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 22:04:05 GMT
server
nginx/1.12.1
status
200
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/
43 B
426 B
Image
General
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=13313e9a-5f46-418b-a7fa-392e70964df9&ntv_fl=Js-9sgkIMAcneH5bOKp6X9uWqFUFyflRK83NhSSTeR4=&ntv_ht=1RCiXgA&ntv_at=807&ntv_a=AAAAAAAAAA_3gQA&ntv_sat=14&ntv_v=0&ord=1587679445142&ntv_it
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.137.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-137-236.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 22:04:05 GMT
server
nginx/1.12.1
status
200
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
pubads_impl_2020042001.js
securepubads.g.doubleclick.net/gpt/ Frame B3E5
171 KB
63 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042001.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
sffe /
Resource Hash
0b810c6b83f3d55da4c3e345113ad863901ff3e382e04170817b853f761dd9f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Apr 2020 20:16:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
64174
x-xss-protection
0
expires
Thu, 23 Apr 2020 22:04:05 GMT
integrator.sync.js
adservice.google.de/adsid/ Frame B3E5
113 B
178 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.sync.js?domain=www.pcworld.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Apr 2020 22:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
108
x-xss-protection
0
get
odb.outbrain.com/utils/
35 KB
13 KB
Script
General
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&settings=true&recs=true&widgetJSId=AR_1&key=NANOWDGT01&idx=0&version=1050195&apv=false&sig=XUWhzdTn&format=html&va=true&et=true&rand=42369&pdobuid=-1&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&adblck=false&secured=true&cmpStat=1&ccpa=1YNN&ccpaStat=1&ref=&px=315&py=2746&vpd=1546
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a306acdabf2c261b44d36cbf95365978dec91dd520f5f4023cdf31791c484ea3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=0; includeSubDomains;
content-encoding
gzip
traffic-path
CHIDC2, MDW, HHN, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status
200
x-cache-hits
0, 0
x-traceid
4040d7689c3aac821129184d114db86a
content-length
12807
x-served-by
cache-mdw17347-MDW, cache-hhn4034-HHN
pragma
no-cache
x-timer
S1587679445.228305,VS0,VE234
date
Thu, 23 Apr 2020 22:04:05 GMT
vary
Accept-Encoding, User-Agent
content-type
text/x-json; charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
backend-ip
157.52.75.47
accept-ranges
bytes, bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
k.intellitxt.com/go/1/
4 KB
3 KB
Script
General
Full URL
https://k.intellitxt.com/go/1/?ipid=93398&consentstr=&consenttype=&referer=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html
Requested by
Host: k.intellitxt.com
URL: https://k.intellitxt.com/intellitxt/front.asp?ipid=93398
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.97.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-97-1.compute-1.amazonaws.com
Software
nginx / Kormorant
Resource Hash
17b7beee00ab0ed90dbb8dfce5c741a3beb67a0b66591a34e191ed0b7999a08f

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Apr 2020 22:08:11 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
Kormorant
Vary
Accept-Encoding, *
Content-Type
text/javascript; charset=utf-8
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 08 Jan 2016 00:00:00 GMT
bundle.js
ib.3lift.com/rev/ace1b2dc493a069d0552475ab6ab0b4b9909008b/dist/
213 KB
68 KB
Script
General
Full URL
https://ib.3lift.com/rev/ace1b2dc493a069d0552475ab6ab0b4b9909008b/dist/bundle.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=tan_PCWorld_MOAP
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-125.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a926c1788a4fc0c0473078d3179ff2bb119664f174ced220d1acf2ab3efcfdf9

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 23 Apr 2020 15:25:38 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Thu, 23 Apr 2020 15:25:34 GMT
Server
AmazonS3
Age
23908
ETag
"1b05236f8d1416ce435ac202b73f034c"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000, immutable
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Length
68846
X-Amz-Cf-Id
NlFDRg4ulCq7pCdhGlR6sJvAWy7hF_eRLFrs-DgRfqtrddwCeBwRDw==
kormorant-1.31.13.min.js
images.intellitxt.com/k/
179 KB
179 KB
Script
General
Full URL
https://images.intellitxt.com/k/kormorant-1.31.13.min.js
Requested by
Host: k.intellitxt.com
URL: https://k.intellitxt.com/go/1/?ipid=88677&consentstr=&consenttype=&referer=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-59.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
80eb7ac3e4dc7d02da1c15eb79982371eaaeb693b6487d2f8da7333b5f8d8a8f

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 22 Apr 2020 10:28:57 GMT
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 12:59:30 GMT
server
AmazonS3
age
128109
etag
"197c547d9ea343f7cce172df0f815126"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
182793
x-amz-cf-id
DWNw8BjCPCKUm8P1n9yL-x1c-MJrYI6EsVJIMWxs7MPAFWIQ_9Bwig==
kormorant-1.31.13.min.css
images.intellitxt.com/k/
27 KB
27 KB
Stylesheet
General
Full URL
https://images.intellitxt.com/k/kormorant-1.31.13.min.css
Requested by
Host: images.intellitxt.com
URL: https://images.intellitxt.com/k/kormorant-1.31.13.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-59.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64bc55b4e0096204079dc0cd710f9b80918345c1c54bcbd4c5454815b057a3bb

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 22 Apr 2020 10:28:57 GMT
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 12:59:29 GMT
server
AmazonS3
age
128109
etag
"76ab4afbed59d183838571013a845f03"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
27143
x-amz-cf-id
tDlPxftZvQx5N99S35JfKLRZAGUeVjeIbB4MM9LVwQR_BQRKePlLeA==
1
k.intellitxt.com/context/
257 B
801 B
Script
General
Full URL
https://k.intellitxt.com/context/1?callback=ctx_log_1&ipid=88677&contextKey=87bf4ad7960200ed82c863fc8e62122fa98bfcaa&pvu=3ad5d556-2790-42de-a145-10084801a8e9
Requested by
Host: images.intellitxt.com
URL: https://images.intellitxt.com/k/kormorant-1.31.13.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.97.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-97-1.compute-1.amazonaws.com
Software
nginx / Kormorant
Resource Hash
8b2dce279cfc64e43142d5095ac0708575c37fe6ee6e733c03c30512c74bd94d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Apr 2020 22:08:11 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Powered-By
Kormorant
Vary
*
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
undefined
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
257
ETag
W/"101-fGccn6KQDyMzQdsHyS984Nr9WhU"
Expires
Fri, 08 Jan 2016 00:00:00 GMT
aHR0cHM6Ly93d3cucGN3b3JsZC5jb20vYXJ0aWNsZS8xNjIyNDAvdGhlX2doMHN0X3JhdF9pbl90aGVfbWFjaGluZS5odG1s
k.intellitxt.com/log/0/ptr/87bf4ad7960200ed82c863fc8e62122fa98bfcaa/88677/3ad5d556-2790-42de-a145-10084801a8e9/
0
249 B
Image
General
Full URL
https://k.intellitxt.com/log/0/ptr/87bf4ad7960200ed82c863fc8e62122fa98bfcaa/88677/3ad5d556-2790-42de-a145-10084801a8e9/aHR0cHM6Ly93d3cucGN3b3JsZC5jb20vYXJ0aWNsZS8xNjIyNDAvdGhlX2doMHN0X3JhdF9pbl90aGVfbWFjaGluZS5odG1s
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.97.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-97-1.compute-1.amazonaws.com
Software
nginx / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Apr 2020 22:08:11 GMT
ETag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
Server
nginx
X-Powered-By
Express
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
1
k.intellitxt.com/ad/
72 B
739 B
Script
General
Full URL
https://k.intellitxt.com/ad/1?callback=vib_2&ipid=88677&pvu=3ad5d556-2790-42de-a145-10084801a8e9&kw=&audiences=&referer=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&contextKey=87bf4ad7960200ed82c863fc8e62122fa98bfcaa&liveLookup=false&intext.ids=-1758616245%2C-410687771%2C-1998435519%2C-1187980929%2C230931809%2C-1998435519%3A740%3Ainview%2C-1187980929%3A733%3Ainview%2C230931809%3A729%3Ainview&intext.sets=&intext.bidders=%255B%255D&intext.count=1&intext.internal=false&intext.autoreveal=false
Requested by
Host: images.intellitxt.com
URL: https://images.intellitxt.com/k/kormorant-1.31.13.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.97.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-97-1.compute-1.amazonaws.com
Software
nginx / Kormorant
Resource Hash
f60ea4210a46c318e3bb9c01e607f2a4a1910f4e45795e6fdd5ddf996ecfa559
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Apr 2020 22:08:11 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Powered-By
Kormorant
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
72
ETag
W/"48-+anmECeiPZBwCVsEJrlZXZ2eZD8"
Expires
Fri, 08 Jan 2016 00:00:00 GMT
ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/
7 KB
7 KB
Image
General
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:05 GMT
last-modified
Tue, 21 Apr 2020 13:14:32 GMT
server
AkamaiNetStorage
etag
"f370d19306add072a726e7f4ade8dc57:1587476365.278689"
status
200
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
content-length
7090
expires
Sat, 23 May 2020 22:04:05 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/
3 KB
3 KB
Image
General
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:05 GMT
last-modified
Tue, 21 Apr 2020 13:14:32 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1587476333.542459"
status
200
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
content-length
2735
expires
Sat, 23 May 2020 22:04:05 GMT
l
mcdp-chidc2.outbrain.com/
4 B
377 B
XHR
General
Full URL
https://mcdp-chidc2.outbrain.com/l?token=6127397c5c3be576d1f0c3fac03b6c4e_28405_1587679445397&tm=918&eT=0&widgetWidth=970&widgetHeight=694&widgetX=315&widgetY=2746&tpcs=0&wRV=1050195&pVis=1&lsd=7ca0667b-588f-41da-ac0c-58504ece9bd8&eIdx=&cheq=0&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 23 Apr 2020 22:04:05 GMT
content-encoding
gzip
Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
content-range
Connection
close
X-TraceId
d7fb3e157c877f4175d0723a2f01b185
Content-Length
30
vidget.js
libs.outbrain.com/vidget/
499 KB
148 KB
Script
General
Full URL
https://libs.outbrain.com/vidget/vidget.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b339d3774d92545b684128f1464ea94756e297ab3a8a579ae4fc39fbeea9d903

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:05 GMT
content-encoding
gzip
status
200
pragma
no-cache
last-modified
Wed, 22 Apr 2020 17:31:16 GMT
server
AkamaiNetStorage
etag
"0312e9653c3a3b469f9f9d930d350ba0:1587577655.602583"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Thu, 23 Apr 2020 22:04:05 GMT
streamFeed.js
widgets.outbrain.com/nanoWidget/1050195/module/
45 KB
15 KB
Script
General
Full URL
https://widgets.outbrain.com/nanoWidget/1050195/module/streamFeed.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f61b1ba3700b1804ae3b1f49123246d483907ed481dacda12aa40baa6a419e72

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:05 GMT
content-encoding
gzip
last-modified
Thu, 23 Apr 2020 07:52:33 GMT
server
AkamaiNetStorage
status
200
etag
"1b9d4a5b5dec9d39a90cbe1be9ee9865:1587629496.133139"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=345600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
content-length
14912
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame F743
0
0
Document
General
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/widgetOBUserSync/obUserSync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
obuid=7ca0667b-588f-41da-ac0c-58504ece9bd8; recs_167cc4e1b22acbd599be2199d479244b=0B2561710516A2668632062A2615973553A2255989705A2673160960A2026527585ACD1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html

Response headers

status
200
accept-ranges
bytes
content-type
text/html
etag
"55934d2eee012daae4d5234908aacef9:1586069622.523465"
last-modified
Sun, 05 Apr 2020 06:53:35 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=86400
expires
Fri, 24 Apr 2020 22:04:05 GMT
date
Thu, 23 Apr 2020 22:04:05 GMT
content-length
3517
timing-allow-origin
*
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1587679445~rv=42~id=871192c5505823ee090d57ba3816cd47; path=/; Expires=Thu, 23 Apr 2020 22:04:05 GMT; Secure; SameSite=None
get
mv.outbrain.com/Multivac/api/
51 KB
12 KB
Script
General
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&settings=true&recs=true&widgetJSId=AR_1&key=NANOWDGT01&version=1050195&apv=true&sig=XUWhzdTn&format=html&rand=95365&lsd=7ca0667b-588f-41da-ac0c-58504ece9bd8&lsdt=1587679445479&pdobuid=0&osLang=en-US&va=true&et=true&cmpStat=1&ccpa=1YNN&ccpaStat=1&scrW=1600&scrH=1200&t=NjEyNzM5N2M1YzNiZTU3NmQxZjBjM2ZhYzAzYjZjNGU=&winW=1600&winH=1200&adblck=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=10330-0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/1050195/module/streamFeed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c7cf115e67746c51d82a59d06f144ae845dcc4cd9419dd6252465ad8d66529c1

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:05 GMT
content-encoding
gzip
traffic-path
CHIDC2, MDW, FRA, Europe2
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status
200
x-cache-hits
0, 0
x-traceid
691eec58c6143dcb598aed8661ed6e10
content-length
11594
x-served-by
cache-mdw17381-MDW, cache-fra19175-FRA
pragma
no-cache
x-timer
S1587679446.604214,VS0,VE334
vary
Accept-Encoding, User-Agent
content-type
application/json; charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
backend-ip
157.52.75.81
accept-ranges
bytes, bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
getDocFeatures
videoclientsservicescalls.outbrain.com/
318 B
606 B
Script
General
Full URL
https://videoclientsservicescalls.outbrain.com/getDocFeatures?docId=2046225493&pubId=28405&callback=OB_VidgetServiceCallBack0
Requested by
Host: libs.outbrain.com
URL: https://libs.outbrain.com/vidget/vidget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
6f41e585383435a3d37287aca75d4351a53209f5724685b6f167a34458d2d1ac

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 23 Apr 2020 22:04:05 GMT
Content-Encoding
gzip
ETag
W/"13e-ogVNq4N1t/rv3b6o54V22Dc0yig"
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Connection
close
X-TraceId
50ebd27e8cd9bd34ed13673c33c91156
ads
securepubads.g.doubleclick.net/gampad/ Frame B3E5
416 B
418 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3881377916271590&correlator=3740468589158071&output=ldjh&impl=fif&adsid=NT&eid=21062832%2C21062900%2C21065392&vrg=2020042001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200423&iu_parts=7346874%2CNativeAds%2C174&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&eri=2&cookie_enabled=1&cdm=www.pcworld.com&bc=31&abxe=1&lmt=1587679445&dt=1587679445739&dlt=1587679445140&idt=75&ea=0&frm=23&biw=1600&bih=1200&isw=580&ish=75&oid=3&adxs=315&adys=2406&adks=3926454956&ucis=8d6x7cbmv97r&ifi=1&ifk=4230290839&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&top=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&dssz=4&icsg=42&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=580x90&msz=580x90&ga_vid=1781066029.1587679445&ga_sid=1587679446&ga_hid=426945561&ga_fc=true&fws=256&ohw=0&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
cafe /
Resource Hash
b0b6be374533c011d0cae2655a8005807135d05f30887e70b71a51c23dbfc11a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
222
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.pcworld.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2020042001.js
securepubads.g.doubleclick.net/gpt/ Frame B3E5
67 KB
24 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020042001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
sffe /
Resource Hash
4e84d85a31c26a182e31a0e7e97f1393690c5b5756a00201ca7752a253c79998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Apr 2020 20:16:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
24855
x-xss-protection
0
expires
Thu, 23 Apr 2020 22:04:05 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame B3E5
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/getconfig/ Frame B3E5
7 KB
5 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020042001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020042001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a60f9814c02a803c2a17e4599b9bc28e0387b367b90e009e3b53ccb60242cc31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Apr 2020 22:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5255
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B3E5
14 KB
5 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020042001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5456
x-xss-protection
0
expires
Thu, 23 Apr 2020 22:04:05 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 5F6D
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Thu, 23 Apr 2020 21:35:49 GMT
expires
Fri, 23 Apr 2021 21:35:49 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1696
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/
2 KB
3 KB
Image
General
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: libs.outbrain.com
URL: https://libs.outbrain.com/vidget/vidget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:05 GMT
last-modified
Tue, 21 Apr 2020 13:14:32 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1587476359.652628"
status
200
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
content-length
2326
expires
Sat, 23 May 2020 22:04:05 GMT
vpts.js
static.vidazoo.com/basev/
40 KB
11 KB
Script
General
Full URL
https://static.vidazoo.com/basev/vpts.js
Requested by
Host: libs.outbrain.com
URL: https://libs.outbrain.com/vidget/vidget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
cd8eb12655a8ddceb0cf2d593f6bb77a9b7fc22f3c96dce4ed400046564cdf2e

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 23 Apr 2020 22:04:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Apr 2020 12:07:11 GMT
ETag
"1586174831"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=52154
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
10246
X-HW
1587679445.dop111.am5.t,1587679445.cds131.am5.shn,1587679445.cds131.am5.c
crousle-arrow-right.png
widgets.outbrain.com/images/carousel_arrows/
737 B
1 KB
Image
General
Full URL
https://widgets.outbrain.com/images/carousel_arrows/crousle-arrow-right.png
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
67e0217460f25705f93a545a0cd44f94f337eee107f0308408b1978afcae1ab6

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:05 GMT
last-modified
Tue, 21 Apr 2020 13:14:32 GMT
server
AkamaiNetStorage
etag
"924977f0de181f6f364f4b71ba4eaf1e:1587476214.670255"
status
200
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
content-length
737
expires
Sat, 23 May 2020 22:04:05 GMT
l
mcdp-chidc2.outbrain.com/
4 B
377 B
XHR
General
Full URL
https://mcdp-chidc2.outbrain.com/l?token=94252ef451d585f458a6d891f20fff4d_28405_1587679445702&tm=1396&eT=0&widgetWidth=970&widgetHeight=307&widgetX=315&widgetY=3460&wRV=1050195&pVis=0&lsd=7ca0667b-588f-41da-ac0c-58504ece9bd8&eIdx=&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 23 Apr 2020 22:04:06 GMT
content-encoding
gzip
Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
content-range
Connection
close
X-TraceId
5c98203f388fdab301e6e295596830ca
Content-Length
30
adCarousel.js
widgets.outbrain.com/nanoWidget/1050195/module/
2 KB
1 KB
Script
General
Full URL
https://widgets.outbrain.com/nanoWidget/1050195/module/adCarousel.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ff8e9374671e5df3a2becd4a19478191344a1a8edfb1bd56c2d2973da2d1a54b

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:05 GMT
content-encoding
gzip
last-modified
Thu, 23 Apr 2020 07:52:33 GMT
server
AkamaiNetStorage
status
200
etag
"784b803df7940b098c6241efc6fbbf04:1587629473.26966"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=345600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
content-length
960
l
mcdp-chidc2.outbrain.com/
4 B
377 B
XHR
General
Full URL
https://mcdp-chidc2.outbrain.com/l?token=80ae75ea238abdf5ba4616a83c98e0c0_28405_1587679445735&tm=1403&eT=0&widgetWidth=970&widgetHeight=710&widgetX=315&widgetY=3788&wRV=1050195&pVis=1&lsd=7ca0667b-588f-41da-ac0c-58504ece9bd8&eIdx=&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 23 Apr 2020 22:04:06 GMT
content-encoding
gzip
Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
content-range
Connection
close
X-TraceId
8ebdd323e26d89e2b3ad75ccc1616069
Content-Length
30
eyJpdSI6ImJlZDZlZjBkZjU2MDc1YjQ5ZWI0MDcxMDlkM2YzZThhMzY4YTRmYmRjODg3NDk4NDZhMWU5MjA0MDYyOWRmOTciLCJ3Ijo0MDAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/
36 KB
36 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImJlZDZlZjBkZjU2MDc1YjQ5ZWI0MDcxMDlkM2YzZThhMzY4YTRmYmRjODg3NDk4NDZhMWU5MjA0MDYyOWRmOTciLCJ3Ijo0MDAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.170.21 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-170-21.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24f76ac1062a5170b20c81f6c57804077b4efb4466e58f8b0a679d3e22a6bc36
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Sat, 18 Apr 2020 00:45:34 GMT
Date
Thu, 23 Apr 2020 22:04:06 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=1955752
Connection
keep-alive
X-TraceId
bde642cfbbbfdf26c8a9df334b872092
Timing-Allow-Origin
*
Content-Length
36924
eyJpdSI6ImY0YTdlY2Q3Mjk1MTZjMjUyZmI0ZmEwZWVjODJjOTk4MjEwNGM5OTdlN2JiMThkMzlkYzNjNmY3NTUzYTc3ZjkiLCJ3Ijo0MCwiaCI6NDAsImQiOjIuMCwiY3MiOjAsImYiOjJ9.png
images.outbrainimg.com/transform/v3/
1 KB
2 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImY0YTdlY2Q3Mjk1MTZjMjUyZmI0ZmEwZWVjODJjOTk4MjEwNGM5OTdlN2JiMThkMzlkYzNjNmY3NTUzYTc3ZjkiLCJ3Ijo0MCwiaCI6NDAsImQiOjIuMCwiY3MiOjAsImYiOjJ9.png
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.170.21 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-170-21.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4209a1f523177a9246c17338e9fc7a648e8d44f59b256df832aa5b17cef7ebf0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Sat, 04 Apr 2020 04:56:06 GMT
Date
Thu, 23 Apr 2020 22:04:06 GMT
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=1888209
Connection
keep-alive
X-TraceId
fb96e0b46dffb05b366c0ce50d892f29
Timing-Allow-Origin
*
Content-Length
1428
eyJpdSI6ImIxYTA5MTVmNjgxOGU3OTg2NmY2NzM1YmUzZDI2MjQxNzRjZTE2OTk2YmU4ZGM4MmFmYmFhNDA1ZjdhOTZmYzEiLCJ3Ijo0MDAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/
37 KB
38 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImIxYTA5MTVmNjgxOGU3OTg2NmY2NzM1YmUzZDI2MjQxNzRjZTE2OTk2YmU4ZGM4MmFmYmFhNDA1ZjdhOTZmYzEiLCJ3Ijo0MDAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.170.21 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-170-21.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cf1871ccc00f388b54e10f740aef8ea3b64923b8cfc18eef9335c7a3db386ab4
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Mon, 13 Apr 2020 19:28:06 GMT
Date
Thu, 23 Apr 2020 22:04:06 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=2103456
Connection
keep-alive
X-TraceId
80edd76034629d707a9148a1e4822d8a
Timing-Allow-Origin
*
Content-Length
38120
eyJpdSI6IjZkMDQ3YTYzN2FkNzhlOTExNGJiYjhkMzVjMmZkNTE2YTEzYjE0MWU1ZDk1MzUwNjAwZjc5ZDBjNGE1YzcwYTkiLCJ3Ijo0MDAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/
13 KB
13 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjZkMDQ3YTYzN2FkNzhlOTExNGJiYjhkMzVjMmZkNTE2YTEzYjE0MWU1ZDk1MzUwNjAwZjc5ZDBjNGE1YzcwYTkiLCJ3Ijo0MDAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.170.21 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-170-21.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8fb57c89ebde7c4eddfd9658c4d650a3ce4fd943bc8f12de6a54c8e92475cd2d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Mon, 20 Apr 2020 16:13:39 GMT
Date
Thu, 23 Apr 2020 22:04:06 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=2183544
Connection
keep-alive
X-TraceId
80c21f7f8dd76fc35e26224992b55781
Timing-Allow-Origin
*
Content-Length
12952
eyJpdSI6IjgzN2Y1OWZlZjRiYWUyNGFiZmRmNzU0MDM3NTc1YjRiOTM0ZTE1ZTAxZDRlYjM3MzBlNTE4ZWI4ZWFlMjFlZDUiLCJ3Ijo0MiwiaCI6NDIsImQiOjEuNSwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/
1 KB
2 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjgzN2Y1OWZlZjRiYWUyNGFiZmRmNzU0MDM3NTc1YjRiOTM0ZTE1ZTAxZDRlYjM3MzBlNTE4ZWI4ZWFlMjFlZDUiLCJ3Ijo0MiwiaCI6NDIsImQiOjEuNSwiY3MiOjAsImYiOjR9.webp
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.170.21 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-170-21.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d51ba5b4b5e08defa88aeaa0824939747d0bd89b746fb57c4cf6f1cfb72311dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Sun, 05 Apr 2020 19:27:30 GMT
Date
Thu, 23 Apr 2020 22:04:06 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=1850718
Connection
keep-alive
X-TraceId
bb9d6d1d97e171dd1d3cc6b0910278fe
Timing-Allow-Origin
*
Content-Length
1362
eyJpdSI6ImQ0NDRiOGFiNjFhZjdjNzcyY2I3OGNkMjA4MjA2NDM4MWQyMmVkM2ZmNmFiMTI2NmUwOGQ0YjZmMWQ3YTljYTciLCJ3IjozMDAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/
8 KB
9 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImQ0NDRiOGFiNjFhZjdjNzcyY2I3OGNkMjA4MjA2NDM4MWQyMmVkM2ZmNmFiMTI2NmUwOGQ0YjZmMWQ3YTljYTciLCJ3IjozMDAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.170.21 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-170-21.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
07ea0e434a4610a7aca32dadfb0a72e23f229650eb422074f2999cf46b8cacb6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Sun, 05 Apr 2020 19:59:11 GMT
Date
Thu, 23 Apr 2020 22:04:06 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=1850729
Connection
keep-alive
X-TraceId
3f0a03cfbd808d55127fe524d823c3a5
Timing-Allow-Origin
*
Content-Length
8512
eyJpdSI6ImI1Y2NhNmNmYjdhODUxNzRmZmI0NDk3OGU4ODAyOTgxMzM2ODgxMDViMDFkMDM4MDM5N2Y5NzgxOGRhZjRjMmUiLCJ3IjozMDAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/
9 KB
10 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImI1Y2NhNmNmYjdhODUxNzRmZmI0NDk3OGU4ODAyOTgxMzM2ODgxMDViMDFkMDM4MDM5N2Y5NzgxOGRhZjRjMmUiLCJ3IjozMDAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.170.21 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-170-21.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
65c03f8269632a64df15ef9887406807bddee1b3f06deff1dbb3777e0027b2cd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Sun, 05 Apr 2020 19:37:40 GMT
Date
Thu, 23 Apr 2020 22:04:06 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=1850710
Connection
keep-alive
X-TraceId
d18bdb0d39bed6fd9dbac021e6b78155
Timing-Allow-Origin
*
Content-Length
9398
eyJpdSI6ImE0YmQ4YzM5NzNhODg2MjAxZjIwZjVkNTc0MWZhMzgzZWYwMDlhOWNiZWI3MmFkYTUyNTBjZGE3OGY0ODg3YzciLCJ3IjozMDAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/
3 KB
3 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImE0YmQ4YzM5NzNhODg2MjAxZjIwZjVkNTc0MWZhMzgzZWYwMDlhOWNiZWI3MmFkYTUyNTBjZGE3OGY0ODg3YzciLCJ3IjozMDAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.170.21 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-170-21.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a512590ee9ceb343f229b06fe7da21f67cc701bdf8790b3e4d03f26f24794f7a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Sun, 05 Apr 2020 07:34:30 GMT
Date
Thu, 23 Apr 2020 22:04:06 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=1850675
Connection
keep-alive
X-TraceId
bea5ff031dabdb5b01b35292a2c3b75e
Timing-Allow-Origin
*
Content-Length
3094
eyJpdSI6IjQ4YjJhM2U0YTE2NDNkMTk5MzRiMzM4Y2Y5MDEwYmMyNzdkNzkyODE4NjNlODliNGU1ODA3YWVlNzdhOTg4MzciLCJ3IjozMDAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/
3 KB
3 KB
Image
General
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQ4YjJhM2U0YTE2NDNkMTk5MzRiMzM4Y2Y5MDEwYmMyNzdkNzkyODE4NjNlODliNGU1ODA3YWVlNzdhOTg4MzciLCJ3IjozMDAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.170.21 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-170-21.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
092d361acdcbe0f2889fd1735e219a19b0452670d41046c68d93bf8c754f55b3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Sun, 05 Apr 2020 07:34:50 GMT
Date
Thu, 23 Apr 2020 22:04:06 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=1850802
Connection
keep-alive
X-TraceId
a9ff25d984e5edb17cd0d26176d84d6b
Timing-Allow-Origin
*
Content-Length
2889
gen_204
pagead2.googlesyndication.com/pagead/ Frame B3E5
0
58 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020042001&jk=3881377916271590&bg=!qKulq7NY71cjz_RCLE8CAAAAN1IAAAAJmQF0oaxvjXTfNA3nGIKngLLxvZFecoBR9iDkfxICcZIzvFTFb1Rh0-lWFwyLfq2YkqF9hHAYEBBNoXBikZTvU9LojkWZccwmI-UKjoyxYGTcWeHogLN7n1iJbIPsZyoHt41m9W0jY9nia9V1On9ncAkpqACKLckn9SRtnkXnGbxV0dTlIqlp_0OxgRVVBW-H2mvMYZt73PvCqmlWyaRNi1rdt43YC2KwVpjA4Dx1pPiJjd_h00AAkGsSIrug2UACHoKu5v3ohp8deWd5zNIxGD2PsoKmBCgS1QBxSp3avmAxbgbyZ5VoBkwcGf3KaGwAwsP_vedNosfq4jH6-jmrMDrKD7-6Mm3YW9y-i50hDNXSLMSo2A4Zsk5ghFNU5DlEfAdXPJaXLvVP3rRteYGU5LFa6rthTjMNP9Ea26Q1ehyxHU_stTH38qUdXFBk7Hru-ZYp3HuZD08nDd57snc6aGOrmldBvPpx83rUg3AVuBbv0B2jfU_1
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 22:04:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
server4.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/5ae0a5c0da5fdd00042f78f5/
45 KB
25 KB
XHR
General
Full URL
https://server4.vidazoo.com/campaigns/5a9ea5a0225f7d0004c70045/5ae0a5c0da5fdd00042f78f5/json
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vpts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.177.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-177-131.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e63dbe7776187b4a0bc6e40fb13a30a881848b5aab64edd3a597e87188a0ad60

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

Date
Thu, 23 Apr 2020 22:04:06 GMT
Content-Encoding
gzip
Server
Cowboy
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.pcworld.com
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
Content-Length
25531
Via
1.1 vegur
/
eventlog.outbrain.com/logger/v1/widget/
16 B
313 B
XHR
General
Full URL
https://eventlog.outbrain.com/logger/v1/widget/
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/ Express
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Thu, 23 Apr 2020 22:04:06 GMT
ETag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
X-Powered-By
Express
Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
close
Content-Length
16
/
eventlog.outbrain.com/logger/v1/widget/
16 B
313 B
XHR
General
Full URL
https://eventlog.outbrain.com/logger/v1/widget/
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/ Express
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Thu, 23 Apr 2020 22:04:06 GMT
ETag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
X-Powered-By
Express
Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
close
Content-Length
16
sce
eb2.3lift.com/
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/sce?inv_code=tan_PCWorld_MOAP&rev=ace1b2d&e=Error%20getting%20gdpr%20CMPData%3A%20There%20was%20an%20error%20in%20the%20publisher%20CMP%20API%3A%20CMP%20getConsentData%20timeout&block=auction&lvl=3&dc=%7B%7D&first=1&cb=40447
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.10.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-10-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 23 Apr 2020 22:04:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
auction
tlx.3lift.com/web/ Frame D159
48 B
229 B
Script
General
Full URL
https://tlx.3lift.com/web/auction?inv_code=tan_PCWorld_MOAP&referrer=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&rev=ace1b2d&fe=0&ft=0&cb=8751539860
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/ace1b2dc493a069d0552475ab6ab0b4b9909008b/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.56.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-56-182.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
56e2edc9a64a6a3c7fd672c1da3d910e0c8fdf69212995fe2d089f12c83308ff
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 22:04:06 GMT
content-type
application/javascript; charset=utf-8
status
200
cache-control
no-cache, no-store, must-revalidate
content-length
48
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
r
eb2.3lift.com/
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/r?inv_code=tan_PCWorld_MOAP&aid=122977494943206803130&rev=ace1b2d&domain=www.pcworld.com&ref=https%253A%252F%252Fwww.pcworld.com%252Farticle%252F162240%252Fthe_gh0st_rat_in_the_machine.html&pr=un&rr=auction&cb=29390
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.10.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-10-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 23 Apr 2020 22:04:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
identity
api.rlcdn.com/api/
0
0

sbt.js
static.vidazoo.com/basev/1.0.367/
508 KB
109 KB
Script
General
Full URL
https://static.vidazoo.com/basev/1.0.367/sbt.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vpts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
97b3d4f1091dae1786f87ae416382b953be6e3e493e7606de20317aa46441df6

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 23 Apr 2020 22:04:07 GMT
Content-Encoding
gzip
Last-Modified
Sun, 12 Apr 2020 12:27:47 GMT
ETag
"1586694467"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=80515
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
110599
X-HW
1587679445.dop111.am5.t,1587679447.cds131.am5.shn,1587679447.dop111.am5.t,1587679447.cds238.am5.c
dab78450-de46-457b-bee0-de94f03d6ebc
https://www.pcworld.com/
1 KB
0
Other
General
Full URL
blob:https://www.pcworld.com/dab78450-de46-457b-bee0-de94f03d6ebc
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.367/sbt.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee441245ef85f538030acf5e534d1cf2664c18289cec8cc0d84656ffb0e0a95d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length
1205
ab05eda3-ca5d-4619-bc43-e41e1dba9fad
https://www.pcworld.com/
1 KB
0
Other
General
Full URL
blob:https://www.pcworld.com/ab05eda3-ca5d-4619-bc43-e41e1dba9fad
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.367/sbt.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e920612ce29a3290fc2edbaab7647470f21dda35cc1a350f9b8b362fc4d3ebe

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length
1515
settings.txt
static.vidazoo.com/basev/
13 KB
9 KB
XHR
General
Full URL
https://static.vidazoo.com/basev/settings.txt
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.367/sbt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
57480da8fbbef6d6e46905c6c0c202e10982cbfaae2ed6a6cc9304abf0369676

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 23 Apr 2020 22:04:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Apr 2020 08:32:24 GMT
ETag
"1587630744"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=50671
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
text/plain
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
8362
X-HW
1587679447.dop143.am5.t,1587679447.cds014.am5.shn,1587679447.cds014.am5.c
outbrain.js
static.vidazoo.com/basev/skins/outbrain/
71 KB
20 KB
Script
General
Full URL
https://static.vidazoo.com/basev/skins/outbrain/outbrain.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.367/sbt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
3f006dec88c65732acad8ea71a9bcc6be450a360567eccc8174da37df54c6038

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 23 Apr 2020 22:04:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Apr 2020 12:23:25 GMT
ETag
"1586175805"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=80515
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
19996
X-HW
1587679445.dop111.am5.t,1587679447.cds131.am5.shn,1587679447.dop111.am5.t,1587679447.cds238.am5.c
blank.mp4
static.vidazoo.com/basev/
891 B
2 KB
Media
General
Full URL
https://static.vidazoo.com/basev/blank.mp4
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
c957adaf4326a8636ad68fc78acb194b96b34bbeba09daf6b36c74975ac37d21

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 23 Apr 2020 22:04:07 GMT
Content-Range
bytes 0-890/891
Last-Modified
Mon, 06 Apr 2020 12:07:11 GMT
ETag
"1586174831"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=80515
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
video/mp4
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
891
X-HW
1587679445.dop111.am5.t,1587679447.cds131.am5.shn,1587679447.dop111.am5.t,1587679447.cds238.am5.c
truncated
/
2 KB
2 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c27b11a4844614f6d6e987fa8f18ff24e12f59abe2972869509f57f92bdac135

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin
https://www.pcworld.com

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
directsdk.js
aka.spotxcdn.com/integration/directsdk/v1/
Redirect Chain
  • https://js.spotx.tv/directsdk/v1/265228.js
  • https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
420 KB
156 KB
Script
General
Full URL
https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.117 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-117.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1ebab26fbcab1b6f5b6e4b14917fe4f7985f71089a7b46daf57a2e23d3522884

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 23 Apr 2020 22:04:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Jan 2020 20:21:58 UTC
Server
nginx
Access-Control-Allow-Headers
ETag
4e88d2917c85501940ef8787730bb9aa
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=292
Connection
keep-alive
Timing-Allow-Origin
*
X-SpotX-Build-Version
1.31.0-20200116.1913
Content-Length
158787

Redirect headers

Pragma
no-cache
Date
Thu, 23 Apr 2020 22:04:07 GMT
Last-Modified
Thu, 23 Apr 2020 22:04:07 UTC
Server
nginx
Location
//aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
post-check=0, pre-check=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
50
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
directsdk.js
aka.spotxcdn.com/integration/directsdk/v1/
Redirect Chain
  • https://js.spotx.tv/directsdk/v1/263588.js
  • https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
420 KB
156 KB
Script
General
Full URL
https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.117 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-117.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1ebab26fbcab1b6f5b6e4b14917fe4f7985f71089a7b46daf57a2e23d3522884

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 23 Apr 2020 22:04:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Jan 2020 20:21:58 UTC
Server
nginx
Access-Control-Allow-Headers
ETag
4e88d2917c85501940ef8787730bb9aa
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=292
Connection
keep-alive
Timing-Allow-Origin
*
X-SpotX-Build-Version
1.31.0-20200116.1913
Content-Length
158787

Redirect headers

Pragma
no-cache
Date
Thu, 23 Apr 2020 22:04:07 GMT
Last-Modified
Thu, 23 Apr 2020 22:04:07 UTC
Server
nginx
Location
//aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
post-check=0, pre-check=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
23
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid.js
static.vidazoo.com/basev/1.0.367/prebid/ Frame 089D
267 KB
84 KB
Script
General
Full URL
https://static.vidazoo.com/basev/1.0.367/prebid/prebid.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.367/sbt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
d4975634c46a5d77bdf46a8ed69680cdf60eb1b4400e20eb68c3f8388ab9b5bd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 23 Apr 2020 22:04:07 GMT
Content-Encoding
gzip
Last-Modified
Sun, 12 Apr 2020 12:27:46 GMT
ETag
"1586694466"
Access-Control-Allow-Methods
GET, OPTIONS, HEAD
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
max-age=80515
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
85536
X-HW
1587679445.dop111.am5.t,1587679447.cds131.am5.shn,1587679447.dop111.am5.t,1587679447.cds238.am5.c
5e369b45879a340004f7e9e3.mp4
inventory.vidazoo.com/5a9ea5a0225f7d0004c70045/5e369b45879a340004f7e9e3/
10 KB
11 KB
Media
General
Full URL
https://inventory.vidazoo.com/5a9ea5a0225f7d0004c70045/5e369b45879a340004f7e9e3/5e369b45879a340004f7e9e3.mp4
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
0d3e39f8fc8dd7dbd323f99696f9e553dc774af283e7ba37d4684eee6d6f0809

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 23 Apr 2020 22:04:07 GMT
Last-Modified
Sun, 02 Feb 2020 09:52:17 GMT
Access-Control-Allow-Origin
*
ETag
"1580637137"
X-HW
1587679447.dop143.am5.t,1587679447.cds236.am5.shn,1587679447.cds236.am5.c
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Range
bytes 0-10410/10411
Access-Control-Expose-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Cache-Control
public, max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
video/mp4
Access-Control-Allow-Headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
Content-Length
10411
digitrust.min.js
cdn.digitru.st/prod/1/
49 KB
14 KB
Script
General
Full URL
https://cdn.digitru.st/prod/1/digitrust.min.js
Requested by
Host: aka.spotxcdn.com
URL: https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.180.84.2 , United States, ASN33047 (INSTART, US),
Reverse DNS
Software
DTOrigin-IL /
Resource Hash
64a13fb927e2ef03f3a59a79d0588d7514c4fbfb85f9237abb59dc04e7a49707

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 21:48:38 GMT
content-encoding
gzip
last-modified
Wed, 08 Jan 2020 20:51:16 GMT
server
DTOrigin-IL
etag
"4075fa912cfaa93cb7d74358264fe3b9"
status
200
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
*
cache-control
max-age=86400
x-instart-request-id
17203654683970197366:YBA01-CPVNPPRY12:1587679447:0
x-instart-cache-id
7:17597229340621274344::1587678518
accept-ranges
bytes
content-type
application/javascript
content-length
13632
expires
Fri, 24 Apr 2020 21:48:38 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=dados
  • https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=5a61ac91-85ae-11ea-8253-1860f0711c06
0
589 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?source=dados&__user_check__=1&sync_id=5a61ac91-85ae-11ea-8253-1860f0711c06
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Thu, 23 Apr 2020 22:04:07 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
112
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Thu, 23 Apr 2020 22:04:07 GMT
Server
nginx
Location
/partner?source=dados&__user_check__=1&sync_id=5a61ac91-85ae-11ea-8253-1860f0711c06
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
110
Connection
keep-alive
Content-Length
0
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
715 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
dt.html
cdn.digitru.st/prod/1.5.41/ Frame 1D80
0
0
Document
General
Full URL
https://cdn.digitru.st/prod/1.5.41/dt.html
Requested by
Host: cdn.digitru.st
URL: https://cdn.digitru.st/prod/1/digitrust.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.180.84.2 , United States, ASN33047 (INSTART, US),
Reverse DNS
Software
DTOrigin-IL /
Resource Hash

Request headers

:method
GET
:authority
cdn.digitru.st
:scheme
https
:path
/prod/1.5.41/dt.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html

Response headers

status
200
content-type
text/html
content-length
1951
expires
Fri, 24 Apr 2020 21:48:38 GMT
last-modified
Wed, 08 Jan 2020 20:51:16 GMT
cache-control
max-age=86400
content-encoding
gzip
date
Thu, 23 Apr 2020 21:48:38 GMT
accept-ranges
bytes
etag
"9223f2606b924de3a6346b0126773a9e"
x-instart-cache-id
8:7171987066363576118::1587678517
x-instart-request-id
6391864383515080553:YBA01-CPVNPPRY12:1587679447:0
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
*
server
DTOrigin-IL
265228
search.spotxchange.com/openrtb/2.3/dados/
0
1 KB
XHR
General
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/265228
Requested by
Host: aka.spotxcdn.com
URL: https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
x-openrtb-version
2.3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Thu, 23 Apr 2020 22:04:07 GMT
X-SpotX-Timing-Transform
0.000286
X-SpotX-Timing-SpotMarket
0.006995
X-SpotX-Timing-Page-Mux
0.000302
X-SpotX-Timing-Page-Require
0.000308
X-fe
023
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000026
X-SpotX-Timing-Page
0.013433
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003291
Last-Modified
Thu, 23 Apr 2020 22:04:07 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006995
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.pcworld.com
X-SpotX-Timing-Page-Misc
0.002212
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
263588
search.spotxchange.com/openrtb/2.3/dados/
0
1 KB
XHR
General
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/263588
Requested by
Host: aka.spotxcdn.com
URL: https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
x-openrtb-version
2.3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Thu, 23 Apr 2020 22:04:07 GMT
X-SpotX-Timing-Transform
0.000268
X-SpotX-Timing-SpotMarket
0.007476
X-SpotX-Timing-Page-Mux
0.000357
X-SpotX-Timing-Page-Require
0.000332
X-fe
042
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000026
X-SpotX-Timing-Page
0.016359
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003233
Last-Modified
Thu, 23 Apr 2020 22:04:07 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.007476
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.pcworld.com
X-SpotX-Timing-Page-Misc
0.004653
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
aggregate
bis.vidazoo.com/
0
464 B
XHR
General
Full URL
https://bis.vidazoo.com/aggregate?_=1587679448200
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.367/sbt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.243.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-243-28.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 23 Apr 2020 22:04:08 GMT
Via
1.1 vegur
Server
Cowboy
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Type
text/plain
Access-Control-Allow-Headers
Origin, DNT, X-Requested-With, Keep-Alive, Content-Type, Accept, Cache-Control, Pragma, Authorization, Content-Length, Accept-Encoding, Accept-Language
Content-Length
0
trk.gif
jadserve.postrelease.com/
43 B
426 B
Image
General
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=daf9ef61-90c3-4e59-89e8-eb0966edb699&ntv_fl=Js-9sgkIMAcneH5bOKp6X9uWqFUFyflRK83NhSSTeR4=&ntv_ht=1RCiXgA&ntv_at=808&ntv_a=AAAAAAAAAAaQIMA&ntv_sat=5&ord=1587679448315&ntv_it
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.137.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-137-236.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 22:04:08 GMT
server
nginx/1.12.1
status
200
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cygnus
as-sec.casalemedia.com/ Frame 089D
24 B
988 B
XHR
General
Full URL
https://as-sec.casalemedia.com/cygnus?s=419498&v=8.1&r=%7B%22id%22%3A%2217dfd6fb0db87e%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2225b19804d2b1c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22419498%22%2C%22sid%22%3A%22639x292%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A3%2C%22maxduration%22%3A120%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22w%22%3A639%2C%22h%22%3A292%2C%22placement%22%3A4%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22outbrain.com%22%2C%22sid%22%3A%2200754848a7392526f220d8aadd28083864%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&nf=1&
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.367/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.44 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3bfcc7926b83be5bf9f1961c6f993558dc5abe2e7e3730bacda178b45eeb3b2a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Apr 2020 22:04:25 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://www.pcworld.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
44
Expires
Thu, 23 Apr 2020 22:04:25 GMT
avjp
outbrain-d.openx.net/v/1.0/ Frame 089D
92 B
474 B
XHR
General
Full URL
https://outbrain-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=9fff869c-e97f-4692-91fe-37461fd6edfe&nocache=1587679465327&schain=1.0%2C1!outbrain.com%2C00754848a7392526f220d8aadd28083864%2C1%2C%2C%2C&auid=540492000&vwd=639&vht=292&vos=101&
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.367/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.184.0 /
Resource Hash
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 22:04:25 GMT
via
1.1 google
server
OXGW/16.184.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.pcworld.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
92
expires
Mon, 26 Jul 1997 05:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 089D
0
0

pd
u.openx.net/w/1.0/ Frame 7DE0
0
0
Document
General
Full URL
https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.367/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.184.0 /
Resource Hash

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd?gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=f59d8525-a711-0f4d-1bd9-7096184abb80|1587679465
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
vary
Accept, Accept-Encoding
set-cookie
i=f59d8525-a711-0f4d-1bd9-7096184abb80|1587679465; Version=1; Expires=Fri, 23-Apr-2021 22:04:25 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1587679465|mOgikimWiygu; Version=1; Expires=Fri, 08-May-2020 22:04:25 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.184.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 23 Apr 2020 22:04:25 GMT
content-type
text/html
content-length
374
content-encoding
gzip
via
1.1 google
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame 4C53
0
0
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.367/prebid/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.44 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
Apache
Last-Modified
Mon, 19 Jun 2017 19:18:19 GMT
ETag
"e20015-112-55254ff6a1972"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
211
Date
Thu, 23 Apr 2020 22:04:25 GMT
Connection
keep-alive
aniview.js
player.aniview.com/script/6.1/
21 KB
8 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: libs.outbrain.com
URL: https://libs.outbrain.com/vidget/vidget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3100:3a5::2c79 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
UploadServer /
Resource Hash
bdb83acfc2d3c9edfed8ae0c0b362107e99c91da1bf090c6beef0beb2a88cc5e

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:27 GMT
content-encoding
gzip
x-guploader-uploadid
AAANsUmT9wWfvicL_x3rZG7QecWvhumDDQ8-PJHUwuu-2n7oDs1tqonbBhOfUhGnieZok6LZ5gkofdxB5BoVF4DqYFi2oF84ag
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
7983
last-modified
Thu, 23 Apr 2020 07:39:33 GMT
server
UploadServer
etag
"3a5ca89435752942e626d3f1f773464e"
vary
Accept-Encoding
x-goog-hash
crc32c=6wBUrw==, md5=OlyolDV1KULmJtPx93NGTg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1587627573681440
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
7983
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 23 Apr 2020 22:09:27 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame DB0C
333 KB
96 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3100:3a5::2c79 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
UploadServer /
Resource Hash
b7350ce75a64d101a238f064385519d7133625f81f1c9efaf38381c6675695ee

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:27 GMT
content-encoding
gzip
x-guploader-uploadid
AAANsUkXpDTSlGo3_jY6WmsU2eauLL59UhkGJzxOubUWrTBQ4dFH271cyGfgviNKTxis476ytRcQInLRVLoESODH110
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
97770
last-modified
Thu, 23 Apr 2020 07:39:32 GMT
server
UploadServer
etag
"e9563608d7e33f7e9a4ab05ab622bcf8"
vary
Accept-Encoding
x-goog-hash
crc32c=OwAZKw==, md5=6VY2CNfjP36aSrBatiK8+A==
content-language
en
access-control-allow-origin
*
x-goog-generation
1587627572424062
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
97770
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 23 Apr 2020 22:09:27 GMT
track
track1.aniview.com/ Frame DB0C
0
79 B
Image
General
Full URL
https://track1.aniview.com/track?r=www.pcworld.com&sn=28405&cd1=AR_1&cd2=10330-0&cd3=154215&cd4=footer&ic=0&tgt=0&app=&wi=639&he=292&test=&apppkg=&fv=3&proto=https&pid=58a5addb28a0612d3529bc5e&cid=5cefc4be28a0610267719ed8&e=inventory&vi=0&cb=1587679467282
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.75.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-75-104.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 23 Apr 2020 22:04:27 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
observe.aniview.com/api/adserver/tag/ Frame DB0C
12 KB
2 KB
XHR
General
Full URL
https://observe.aniview.com/api/adserver/tag/?AV_SUBID=28405&AV_CDIM1=AR_1&AV_UID=6127397c5c3be576d1f0c3fac03b6c4e&AV_CDIM2=10330-0&AV_CDIM3=154215&AV_CDIM4=footer&AV_SCHAIN=1.0%2C1!outbrain.com%2C00754848a7392526f220d8aadd28083864%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&AV_CHANNELID=5cefc4be28a0610267719ed8&format=json&tgt=0&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.pcworld.com&AV_DADPOS=3&v=6.1.1.243&avtoken=467282&AV_WIDTH=639&AV_HEIGHT=292&cb=1587679467293
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.154.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-154-26.compute-1.amazonaws.com
Software
/
Resource Hash
6565044c8634f7a7dd28ba108f8e1ef8d344f2b23332d11b55965634ec23df69

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:27 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.pcworld.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Sun, 12 Apr 2020 08:17:47 GMT
truncated
/
581 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27610c6febde0eab59f77460be3751d60ba33b1d7c4be656b8150a0320a6c818

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
480 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
tag
q017o-wfv89.ads.tremorhub.com/ad/ Frame DB0C
Redirect Chain
  • https://q017o-wfv89.ads.tremorhub.com/ad/tag?adCode=q017o-k87q1&playerWidth=639&playerHeight=292&srcPageUrl=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&cust...
  • https://q017o-wfv89.ads.tremorhub.com/ad/tag?adCode=q017o-k87q1&playerWidth=639&playerHeight=292&srcPageUrl=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&cust...
949 B
1 KB
XHR
General
Full URL
https://q017o-wfv89.ads.tremorhub.com/ad/tag?adCode=q017o-k87q1&playerWidth=639&playerHeight=292&srcPageUrl=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&custom=AR_1&c2=28405&c3=154215&c4=10330-0&gdpr=1&gdpr_consent=2&schain=1.0,1!outbrain.com,00754848a7392526f220d8aadd28083864,1,,,&cbb=7679467632&_tur=T
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:5ba:f6db:f8d:c3e0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:27 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
status
403
content-language
en
access-control-allow-origin
https://www.pcworld.com
access-control-allow-credentials
true
x-tremorvideo-status
REJECTED_BY_SEAT_QPS_LIMIT
content-type
text/html;charset=utf-8
content-length
949

Redirect headers

date
Thu, 23 Apr 2020 22:04:27 GMT
server
Apache-Coyote/1.1
status
302
location
https://q017o-wfv89.ads.tremorhub.com/ad/tag?adCode=q017o-k87q1&playerWidth=639&playerHeight=292&srcPageUrl=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&custom=AR_1&c2=28405&c3=154215&c4=10330-0&gdpr=1&gdpr_consent=2&schain=1.0,1!outbrain.com,00754848a7392526f220d8aadd28083864,1,,,&cbb=7679467632&_tur=T
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.pcworld.com
access-control-allow-credentials
true
content-length
0
avjp
outbrain-d.openx.net/v/1.0/ Frame DB0C
92 B
293 B
XHR
General
Full URL
https://outbrain-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&jr=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=1587679467633&nocache=1587679467634&schain=1.0%2C1!outbrain.com%2C00754848a7392526f220d8aadd28083864%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22w%22%3A639%2C%22h%22%3A292%7D%7D%5D%2C%22w%22%3A639%2C%22v%22%3A292%7D&auid=540837254&vwd=639&vht=292&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.184.0 /
Resource Hash
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 22:04:27 GMT
via
1.1 google
server
OXGW/16.184.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.pcworld.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
92
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
outbrain-d.openx.net/v/1.0/ Frame DB0C
92 B
293 B
XHR
General
Full URL
https://outbrain-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&jr=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=1587679467634&nocache=1587679467634&schain=1.0%2C1!outbrain.com%2C00754848a7392526f220d8aadd28083864%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22w%22%3A639%2C%22h%22%3A292%7D%7D%5D%2C%22w%22%3A639%2C%22v%22%3A292%7D&auid=540837254&vwd=639&vht=292&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.184.0 /
Resource Hash
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 22:04:27 GMT
via
1.1 google
server
OXGW/16.184.0
status
200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.pcworld.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
92
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame DB0C
0
116 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Thu, 23 Apr 2020 22:04:27 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://www.pcworld.com
cygnus
as-sec.casalemedia.com/ Frame DB0C
23 B
1 KB
XHR
General
Full URL
https://as-sec.casalemedia.com/cygnus?s=422099&v=8.1&r=%7B%22id%22%3A%221587679467636%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221587679467636%22%2C%22ext%22%3A%7B%22siteID%22%3A%22422099%22%2C%22sid%22%3A%22639x292%22%7D%2C%22video%22%3A%7B%22skippable%22%3Afalse%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A639%2C%22h%22%3A292%2C%22placement%22%3A4%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22sid%22%3A%2200754848a7392526f220d8aadd28083864%22%2C%22rid%22%3A%22%22%2C%22name%22%3A%22%22%2C%22asi%22%3A%22outbrain.com%22%2C%22domain%22%3A%22%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D&ac=j&sd=1&nf=1&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.44 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
03ee156150f3b71f89526f9bfab307348c02c551d136a8347c2121cb631d8384

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Apr 2020 22:04:27 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://www.pcworld.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
43
Expires
Thu, 23 Apr 2020 22:04:27 GMT
tag
q017o-ootbn.ads.tremorhub.com/ad/ Frame DB0C
Redirect Chain
  • https://q017o-ootbn.ads.tremorhub.com/ad/tag?adCode=q017o-d6orw&playerWidth=639&playerHeight=292&srcPageUrl=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&cust...
  • https://q017o-ootbn.ads.tremorhub.com/ad/tag?adCode=q017o-d6orw&playerWidth=639&playerHeight=292&srcPageUrl=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&cust...
949 B
1 KB
XHR
General
Full URL
https://q017o-ootbn.ads.tremorhub.com/ad/tag?adCode=q017o-d6orw&playerWidth=639&playerHeight=292&srcPageUrl=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&custom=AR_1&c2=28405&c3=154215&c4=10330-0&gdpr=1&gdpr_consent=2&schain=1.0,1!outbrain.com,00754848a7392526f220d8aadd28083864,1,,,&cbb=7679467636&_tur=T
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:42a:a8ed:cc8a:b5e1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:27 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
status
403
content-language
en
access-control-allow-origin
https://www.pcworld.com
access-control-allow-credentials
true
x-tremorvideo-status
REJECTED_BY_SEAT_QPS_LIMIT
content-type
text/html;charset=utf-8
content-length
949

Redirect headers

date
Thu, 23 Apr 2020 22:04:27 GMT
server
Apache-Coyote/1.1
status
302
location
https://q017o-ootbn.ads.tremorhub.com/ad/tag?adCode=q017o-d6orw&playerWidth=639&playerHeight=292&srcPageUrl=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&custom=AR_1&c2=28405&c3=154215&c4=10330-0&gdpr=1&gdpr_consent=2&schain=1.0,1!outbrain.com,00754848a7392526f220d8aadd28083864,1,,,&cbb=7679467636&_tur=T
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.pcworld.com
access-control-allow-credentials
true
content-length
0
258527
search.spotxchange.com/openrtb/2.3/dados/ Frame DB0C
0
1 KB
XHR
General
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/258527
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Apr 2020 22:04:27 GMT
X-SpotX-Timing-Transform
0.000308
X-SpotX-Timing-SpotMarket
0.007234
X-SpotX-Timing-Page-Mux
0.000251
X-SpotX-Timing-Page-Require
0.000318
X-fe
035
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000032
X-SpotX-Timing-Page
0.014000
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003116
Last-Modified
Thu, 23 Apr 2020 22:04:27 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.007234
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.pcworld.com
X-SpotX-Timing-Page-Misc
0.002724
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000016
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
257079
search.spotxchange.com/openrtb/2.3/dados/ Frame DB0C
0
1 KB
XHR
General
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/257079
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Apr 2020 22:04:27 GMT
X-SpotX-Timing-Transform
0.000298
X-SpotX-Timing-SpotMarket
0.007102
X-SpotX-Timing-Page-Mux
0.000247
X-SpotX-Timing-Page-Require
0.000448
X-fe
141
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000027
X-SpotX-Timing-Page
0.013968
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.003438
Last-Modified
Thu, 23 Apr 2020 22:04:27 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.007102
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.pcworld.com
X-SpotX-Timing-Page-Misc
0.002395
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cygnus
as-sec.casalemedia.com/ Frame DB0C
23 B
1 KB
XHR
General
Full URL
https://as-sec.casalemedia.com/cygnus?s=438313&v=8.1&r=%7B%22id%22%3A%221587679467637%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221587679467637%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438313%22%2C%22sid%22%3A%22639x292%22%7D%2C%22video%22%3A%7B%22skippable%22%3Afalse%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A639%2C%22h%22%3A292%2C%22placement%22%3A4%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22sid%22%3A%2200754848a7392526f220d8aadd28083864%22%2C%22rid%22%3A%22%22%2C%22name%22%3A%22%22%2C%22asi%22%3A%22outbrain.com%22%2C%22domain%22%3A%22%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D&ac=j&sd=1&nf=1&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.44 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
68a82d058ee6e3dd8bf0d0fa0f7cdfc5644cae006bb1e50809ef6de5e3e388be

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Apr 2020 22:04:27 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://www.pcworld.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
43
Expires
Thu, 23 Apr 2020 22:04:27 GMT
track
track1.aniview.com/ Frame DB0C
0
79 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=OSX&r=www.pcworld.com&rs=www.pcworld.com&sid=68195&t=1587679467&cip=185.217.171.12&sn=28405&tgt=0&osv=10.14.5&bv=74.0&brn=Chrome&wi=639&he=292&app=&AV_PUBLISHERID=58a5addb28a0612d3529bc5e&test=&aafaid=&proto=https&uid=4e0ccf7f9e73242a92d364b6f59eeb2e&imid=e6dafebf16c56bcf04aa109eb73cbabd224974523751723148170&fpo=1&cb=73319472839&cd3=154215&cd4=footer&cd1=AR_1&cd2=10330-0&d9=1000&AV_WIDTH=639&AV_HEIGHT=292&nid=58a5addb28a0612d3529bc5e&ncid=5cefc4be28a0610267719ed8&e=request&cb=1587679467638&asid=5cefc73b28a06160261d4604%2C5d62749b28a061737d7ff0cd%2C5d6fb3f928a0614888084556%2C5ddba95528a0612e6e3e7557%2C5deccd1b28a06130f22f37ac%2C5df62cf928a061366a090fd2%2C5ceb8f1328a06140e11e2507%2C5cced0b928a06103fa5d684d%2C5df8e96028a0612b93212cd7
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.75.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-75-104.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 23 Apr 2020 22:04:27 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pd
u.openx.net/w/1.0/ Frame 527A
0
0
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.184.0 /
Resource Hash

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/pd
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=f59d8525-a711-0f4d-1bd9-7096184abb80|1587679465; pd=v2|1587679465|mOgikimWiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html

Response headers

status
200
vary
Accept, Accept-Encoding
set-cookie
i=f59d8525-a711-0f4d-1bd9-7096184abb80|1587679465; Version=1; Expires=Fri, 23-Apr-2021 22:04:27 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1587679465.2|kimWiymOgugi.fcgqsLomgen0; Version=1; Expires=Fri, 08-May-2020 22:04:27 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.184.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 23 Apr 2020 22:04:27 GMT
content-type
text/html
content-length
355
content-encoding
gzip
via
1.1 google
alt-svc
clear
showad.js
ads.pubmatic.com/AdServer/js/ Frame D5DF
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=58a5addb28a0612d3529bc5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html

Response headers

Last-Modified
Tue, 14 Apr 2020 10:27:52 GMT
ETag
"13006b6-a4bb-5a33da6f1a023"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
15243
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=130835
Expires
Sat, 25 Apr 2020 10:25:02 GMT
Date
Thu, 23 Apr 2020 22:04:27 GMT
Connection
keep-alive
Vary
Accept-Encoding
tag
a.teads.tv/page/108803/
7 KB
2 KB
Script
General
Full URL
https://a.teads.tv/page/108803/tag
Requested by
Host: libs.outbrain.com
URL: https://libs.outbrain.com/vidget/vidget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.169.115 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-169-115.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e26208c75ab34c86b46d8ba7aeb66dc26274538ef1a978f97001a537e18d76a8

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:28 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
1850
expires
Thu, 23 Apr 2020 23:04:28 GMT
teads-format.min.js
a.teads.tv/media/format/v3/
663 KB
140 KB
Script
General
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/108803/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.169.115 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-169-115.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d9ca1438657fd03d5f135e97a2c0d41b6d4be97d294b83d2ec3c2b5d0f2eb14

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:28 GMT
content-encoding
br
last-modified
Thu, 23 Apr 2020 11:31:13 GMT
x-amz-request-id
B3B58F3B2544356C
etag
"186d4477325c8b4948a25517b00d24bf"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
status
200
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
6
accept-ranges
bytes
content-length
142954
x-amz-id-2
cS3HHmHSjeY6FQ+2SDJgckzXbnkUjXJJE+TBFJNgupbOxN2xPdTWQt2wHX13IyrIlzcIooFvNjc=
expires
Thu, 23 Apr 2020 22:34:28 GMT
track
t.teads.tv/
23 B
143 B
Image
General
Full URL
https://t.teads.tv/track?action=placementCall&ts=1587679468670&pageId=108803&pid=118265&env=js-web&pfid=[pfid]&f=1&auctid=85d8a6ef-ff44-4fb4-95a0-c2ad61b5d3d2&fv=333&referer=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.169.115 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-169-115.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 23 Apr 2020 22:04:28 GMT
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
23
expires
Sat, 26 Jul 1997 05:00:00 GMT
track
t.teads.tv/
23 B
143 B
Image
General
Full URL
https://t.teads.tv/track?action=slotAvailable&ts=1587679468670&pageId=108803&pid=118265&env=js-web&pfid=[pfid]&f=1&slot=native&auctid=85d8a6ef-ff44-4fb4-95a0-c2ad61b5d3d2&fv=333&referer=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.169.115 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-169-115.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 23 Apr 2020 22:04:28 GMT
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
23
expires
Sat, 26 Jul 1997 05:00:00 GMT
ad
a.teads.tv/page/108803/
488 B
660 B
XHR
General
Full URL
https://a.teads.tv/page/108803/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&page=%7B%22id%22%3A108803%2C%22placements%22%3A%5B%7B%22id%22%3A118265%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A639%2C%22height%22%3A359%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22status%22%3A23%2C%22consent%22%3A%22%22%2C%22reason%22%3A231%7D%7D&auctid=85d8a6ef-ff44-4fb4-95a0-c2ad61b5d3d2&formatVersion=2.22.61&env=js-web&netBw=10&ttfb=30
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.169.115 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-169-115.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
27fde44068bd4c5d0c82b71f10cc792d7f532e1bcfc6e3aab812670c86abc8d3

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Apr 2020 22:04:29 GMT
content-encoding
gzip
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.pcworld.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
339
expires
Thu, 23 Apr 2020 22:04:29 GMT
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1587679468931&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_s...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1587679468931&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_...
43 B
309 B
Image
General
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1587679468931&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=60763124&cs_ucfr=
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.5.97.37 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-97-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Apr 2020 22:04:29 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1587679468931&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=60763124&cs_ucfr=
Pragma
no-cache
Date
Thu, 23 Apr 2020 22:04:29 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
iframe
sync.teads.tv/ Frame B2E1
0
0
Document
General
Full URL
https://sync.teads.tv/iframe?pid=118265&gdprIab={%22status%22:23,%22consent%22:%22%22,%22reason%22:231}&fromFormat=true&env=js-web&vid=270d4c2c-4bc6-4414-a0f9-b3c9212ba8e8&1587679469030
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-12.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.9 /
Resource Hash

Request headers

:method
GET
:authority
sync.teads.tv
:scheme
https
:path
/iframe?pid=118265&gdprIab={%22status%22:23,%22consent%22:%22%22,%22reason%22:231}&fromFormat=true&env=js-web&vid=270d4c2c-4bc6-4414-a0f9-b3c9212ba8e8&1587679469030
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cs=1; tt_viewer=270d4c2c-4bc6-4414-a0f9-b3c9212ba8e8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html

Response headers

status
200
content-type
text/html; charset=UTF-8
server
akka-http/10.1.9
vary
Accept-Encoding
content-encoding
gzip
expires
Thu, 23 Apr 2020 22:04:29 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Thu, 23 Apr 2020 22:04:29 GMT
content-length
622
set-cookie
tt_bluekai=; Expires=Fri, 24 Apr 2020 22:04:29 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_exelate=; Expires=Fri, 24 Apr 2020 22:04:29 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_emetriq=; Expires=Fri, 24 Apr 2020 22:04:29 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_liveramp=; Expires=Fri, 24 Apr 2020 22:04:29 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_neustar=; Expires=Fri, 24 Apr 2020 22:04:29 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_salesforce=; Expires=Fri, 24 Apr 2020 22:04:29 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_dar=; Expires=Fri, 24 Apr 2020 22:04:29 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_skp=; Expires=Fri, 24 Apr 2020 22:04:29 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_retargetly=; Expires=Fri, 24 Apr 2020 22:04:29 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None
sync
eb2.3lift.com/ Frame 0C2F
Redirect Chain
  • https://eb2.3lift.com/sync?max=10&cb=51695
  • https://eb2.3lift.com/sync?max=10&cb=51695&ld=1
0
0
Document
General
Full URL
https://eb2.3lift.com/sync?max=10&cb=51695&ld=1
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/ace1b2dc493a069d0552475ab6ab0b4b9909008b/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.10.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-10-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?max=10&cb=51695&ld=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=8581330282545650930
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html

Response headers

status
200
date
Thu, 23 Apr 2020 22:04:34 GMT
content-type
text/html; charset=utf-8
content-length
457
set-cookie
sync=CgoIgQIQ3-TIyJouCgoIoQEQ3-TIyJouCgoI4gEQ3-TIyJouCgoI5gEQ3-TIyJouCgoI1gEQ3-TIyJouCgkIOhDf5MjImi4KCQgLEN_kyMiaLgoKCM4BEN_kyMiaLgoJCF8Q3-TIyJouCgkIHxDf5MjImi4=; Max-Age=7776000; Expires=Wed, 22 Jul 2020 22:04:34 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=8581330282545650930; Max-Age=7776000; Expires=Wed, 22 Jul 2020 22:04:34 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

status
302
date
Thu, 23 Apr 2020 22:04:34 GMT
content-length
0
set-cookie
tluid=8581330282545650930; Max-Age=7776000; Expires=Wed, 22 Jul 2020 22:04:34 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location
/sync?max=10&cb=51695&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
connatix.renderer.infeed.min.js
cdn.connatix.com/min/
957 B
1 KB
Script
General
Full URL
https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Requested by
Host: www.pcworld.com
URL: https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
f48770a2af9e2c710b87c44950c0a19a900d7f57690265886c9d25639558f055

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:34 GMT
via
1.1 varnish
server
Varnish
age
0
x-served-by
cache-fra19183-FRA
x-cache
HIT
content-type
application/javascript
status
200
x-referer-host
pcworld.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
x-timer
S1587679474.261411,VS0,VE0
content-length
957
retry-after
0
x-cache-hits
0
connatix.renderer.infeed.min_dc.js
cdns.connatix.com/p/1944/min/ Frame 6D06
726 KB
191 KB
Script
General
Full URL
https://cdns.connatix.com/p/1944/min/connatix.renderer.infeed.min_dc.js
Requested by
Host: cdn.connatix.com
URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2511ba7489f690890a23399b428011b1691b79278dddf2c53f9221cc19606e72

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:34 GMT
content-encoding
gzip
age
127242
x-cache
HIT, HIT
status
200
content-length
195701
x-served-by
cache-dca17733-DCA, cache-fra19183-FRA
access-control-allow-origin
*
last-modified
Wed, 22 Apr 2020 10:42:50 GMT
x-timer
S1587679474.296813,VS0,VE0
etag
"8b4eb60dfe8d07a573a61a8e79999196"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
1, 7520
g
ck.connatix.com/
46 B
104 B
Script
General
Full URL
https://ck.connatix.com/g?callback=cnxJSONP_75645168daf61bb547531587679474424
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1944/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e97cc76a9f1fb6abe8679ef2111e55dd7b0cdd9981cdffcdc056b58edefe1d3a

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:34 GMT
via
1.1 varnish
server
Varnish
age
0
x-served-by
cache-fra19183-FRA
x-cache
HIT
status
200
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
x-timer
S1587679474.455143,VS0,VE0
content-length
46
retry-after
0
x-cache-hits
0
pls
core.connatix.com/ Frame 6D06
4 KB
2 KB
Script
General
Full URL
https://core.connatix.com/pls?callback=jQuery32105769268381431929_1587679474420&token=4e5961ed-0324-48db-be9c-4ac254530014&p=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&c_v=1944_1_0_0_0&page_guid=305ce5d97a47a711bd6e1587679474470&spp=1&_=1587679474421
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1944/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.183.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-183-211.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
e4c11f5bef24752ad5aa0310faef966c431a027a40ceb703dfcad04ca208afd0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 23 Apr 2020 22:04:34 GMT
content-encoding
gzip
server
nginx/1.15.9 (Ubuntu)
access-control-allow-origin
*
1.jpg
i.connatix.com/s3/connatix-uploads/d093b16b-9b3e-4d90-b97c-8085d01e74c6/
14 KB
14 KB
Image
General
Full URL
https://i.connatix.com/s3/connatix-uploads/d093b16b-9b3e-4d90-b97c-8085d01e74c6/1.jpg?mode=stretch&connatiximg=true&scale=both&height=225&width=400
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
017ecacd47438f10cfbc12a9388ad99c2889257df82924f07ab8d90ed3d3b3aa

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:34 GMT
via
1.1 varnish, 1.1 varnish
age
64152
x-served-by
cache-sjc10023-SJC, cache-fra19183-FRA
status
200
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-timer
S1587679475.897836,VS0,VE0
content-length
14482
x-cache-hits
1, 1
1_360_1.mp4
v.connatix.com/d093b16b-9b3e-4d90-b97c-8085d01e74c6/
3 MB
0
Media
General
Full URL
https://v.connatix.com/d093b16b-9b3e-4d90-b97c-8085d01e74c6/1_360_1.mp4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
xvlxY._BWeQn6f7LE8t3oRZMOO7YSW6o
via
1.1 varnish, 1.1 varnish
etag
"2f6ec5b8be11e2155fd26e82d5d23d1b-54"
age
64134
x-cache
HIT, HIT
status
206
Content-Length
281650966
x-served-by
cache-sjc10033-SJC, cache-fra19126-FRA
Content-Range
bytes 0-281650965/281650966
last-modified
Thu, 23 Apr 2020 04:02:54 GMT
x-timer
S1587679475.000026,VS0,VE0
date
Thu, 23 Apr 2020 22:04:35 GMT
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
0, 9444
1_0.vtt
v.connatix.com/d093b16b-9b3e-4d90-b97c-8085d01e74c6/
83 KB
83 KB
TextTrack
General
Full URL
https://v.connatix.com/d093b16b-9b3e-4d90-b97c-8085d01e74c6/1_0.vtt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
017a34f74ce0ffbfba504c7af87b054d8afc3b432170a7c6d9da45b5660d1118

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Origin
https://www.pcworld.com

Response headers

x-amz-version-id
PHMVZssLvLHIfD4ZZ5Icx87J3uuqXWFr
via
1.1 varnish, 1.1 varnish
etag
"7c429d2b233c46febb51eee66f1f766e"
age
64153
x-cache
HIT, HIT
status
200
access-control-max-age
3000
content-length
84833
x-served-by
cache-sjc10051-SJC, cache-fra19126-FRA
last-modified
Thu, 23 Apr 2020 03:29:12 GMT
x-timer
S1587679475.000009,VS0,VE1
date
Thu, 23 Apr 2020 22:04:35 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
POST, PUT, DELETE, GET
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
2, 2
1_360_1.mp4
v.connatix.com/d093b16b-9b3e-4d90-b97c-8085d01e74c6/
0
0
Media
General
Full URL
https://v.connatix.com/d093b16b-9b3e-4d90-b97c-8085d01e74c6/1_360_1.mp4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
xvlxY._BWeQn6f7LE8t3oRZMOO7YSW6o
via
1.1 varnish, 1.1 varnish
etag
"2f6ec5b8be11e2155fd26e82d5d23d1b-54"
age
64134
x-cache
HIT, HIT
status
206
Content-Length
281650966
x-served-by
cache-sjc10033-SJC, cache-fra19126-FRA
Content-Range
bytes 0-281650965/281650966
last-modified
Thu, 23 Apr 2020 04:02:54 GMT
x-timer
S1587679475.999926,VS0,VE0
date
Thu, 23 Apr 2020 22:04:35 GMT
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
0, 9443
1_0.vtt
v.connatix.com/d093b16b-9b3e-4d90-b97c-8085d01e74c6/
83 KB
83 KB
TextTrack
General
Full URL
https://v.connatix.com/d093b16b-9b3e-4d90-b97c-8085d01e74c6/1_0.vtt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
017a34f74ce0ffbfba504c7af87b054d8afc3b432170a7c6d9da45b5660d1118

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
Origin
https://www.pcworld.com

Response headers

x-amz-version-id
PHMVZssLvLHIfD4ZZ5Icx87J3uuqXWFr
via
1.1 varnish, 1.1 varnish
etag
"7c429d2b233c46febb51eee66f1f766e"
age
64153
x-cache
HIT, HIT
status
200
access-control-max-age
3000
content-length
84833
x-served-by
cache-sjc10051-SJC, cache-fra19126-FRA
last-modified
Thu, 23 Apr 2020 03:29:12 GMT
x-timer
S1587679475.000006,VS0,VE1
date
Thu, 23 Apr 2020 22:04:35 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
POST, PUT, DELETE, GET
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
2, 2
r
trk.connatix.com/ Frame 6D06
0
162 B
Image
General
Full URL
https://trk.connatix.com/r?connatix_sess=InSTi1qTVJJmjs4-hLvlTbFdYq7kgOeyLSfOLojxkwgklUQM8CpNUCXzPmvXEEUi1pn37e2gNRsIBuGk3xcB5_F_Mg89f1IZ9Sl1ule1PWd-xp1LX4fS0qxWtf-I9gtb7NEz2UjX0OPZGfsUoHdE8qpes8AkI5fMusQWUhF88GhVTyrprUHKq1cydfem1CiC&videoID=1111894&c_pl=W07wLIJJlQHLyJBS5QLeNPs77ej23XswGYYtLC5OvQ6LzLNa3aFT6SJGHOnhQDgYKwod-sScG3GEYbzqOMyjZf31MVAFr3W8ZYSYQx7UEC1NiJNLhr-mtXluOyHxTcIJ1I43HGcazT2oz_ud-wvBqhSYS8kGx_OgnaGoHIK3TZwq4fNG_XNGrOZvP0x2CHAjCS5Z0hUzs7n-3vupBJ82soMkkp-IOfn26pOVwTd87zPV1VF6AnxrSmNIURYbSOZEcsysupC6mYSr-_3q6OUkEA&p=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&c_v=1944_1_0_0_0&spp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.68.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-68-76.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Apr 2020 22:04:35 GMT
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
0
vwt
trk.connatix.com/ Frame 6D06
0
162 B
Image
General
Full URL
https://trk.connatix.com/vwt?c_pl=W07wLIJJlQHLyJBS5QLeNPs77ej23XswGYYtLC5OvQ6LzLNa3aFT6SJGHOnhQDgYKwod-sScG3GEYbzqOMyjZf31MVAFr3W8ZYSYQx7UEC1NiJNLhr-mtXluOyHxTcIJ1I43HGcazT2oz_ud-wvBqhSYS8kGx_OgnaGoHIK3TZwq4fNG_XNGrOZvP0x2CHAjCS5Z0hUzs7n-3vupBJ82soMkkp-IOfn26pOVwTd87zPV1VF6AnxrSmNIURYbSOZEcsysupC6mYSr-_3q6OUkEA&id_cl=1ee7f20c50400ba22d3e1587679474971&c_vid=1111894&connatix_sess=InSTi1qTVJJmjs4-hLvlTbFdYq7kgOeyLSfOLojxkwgklUQM8CpNUCXzPmvXEEUi1pn37e2gNRsIBuGk3xcB5_F_Mg89f1IZ9Sl1ule1PWd-xp1LX4fS0qxWtf-I9gtb7NEz2UjX0OPZGfsUoHdE8qpes8AkI5fMusQWUhF88GhVTyrprUHKq1cydfem1CiC&p=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&c_v=1944_1_0_0_0&spp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.68.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-68-76.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Apr 2020 22:04:35 GMT
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
0
vwt
trk.connatix.com/ Frame 6D06
0
162 B
Image
General
Full URL
https://trk.connatix.com/vwt?connatix_sess=InSTi1qTVJJmjs4-hLvlTbFdYq7kgOeyLSfOLojxkwgklUQM8CpNUCXzPmvXEEUi1pn37e2gNRsIBuGk3xcB5_F_Mg89f1IZ9Sl1ule1PWd-xp1LX4fS0qxWtf-I9gtb7NEz2UjX0OPZGfsUoHdE8qpes8AkI5fMusQWUhF88GhVTyrprUHKq1cydfem1CiC&c_vid=1111894&c_pl=W07wLIJJlQHLyJBS5QLeNPs77ej23XswGYYtLC5OvQ6LzLNa3aFT6SJGHOnhQDgYKwod-sScG3GEYbzqOMyjZf31MVAFr3W8ZYSYQx7UEC1NiJNLhr-mtXluOyHxTcIJ1I43HGcazT2oz_ud-wvBqhSYS8kGx_OgnaGoHIK3TZwq4fNG_XNGrOZvP0x2CHAjCS5Z0hUzs7n-3vupBJ82soMkkp-IOfn26pOVwTd87zPV1VF6AnxrSmNIURYbSOZEcsysupC6mYSr-_3q6OUkEA&p=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&c_v=1944_1_0_0_0&spp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.68.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-68-76.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Apr 2020 22:04:35 GMT
Server
nginx/1.15.9 (Ubuntu)
Connection
keep-alive
Content-Length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 6D06
264 KB
90 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdns.connatix.com
URL: https://cdns.connatix.com/p/1944/min/connatix.renderer.infeed.min_dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
420b0da3f4e41827174f892bfe3c46a2b9bec8675f53549b1b556d06032e567e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
91808
x-xss-protection
0
expires
Thu, 23 Apr 2020 22:04:35 GMT
bridge3.382.1_en.html
imasdk.googleapis.com/js/core/ Frame 3E13
0
0
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.382.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.382.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
198152
date
Thu, 23 Apr 2020 17:38:34 GMT
expires
Fri, 23 Apr 2021 17:38:34 GMT
last-modified
Wed, 22 Apr 2020 19:30:37 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
15961
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
client.js
s0.2mdn.net/instream/video/ Frame 6D06
26 KB
11 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 22:04:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
10523
x-xss-protection
0
expires
Thu, 23 Apr 2020 22:04:35 GMT
integrator.js
adservice.google.com/adsid/ Frame 6D06
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.pcworld.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Apr 2020 22:04:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
p2
sb.scorecardresearch.com/ Frame 6D06
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1587679475606&ns_st_ec=1&ns_st_sp=1&ns...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1587679475606&ns_st_ec=1&ns_st_sp=1&n...
43 B
309 B
Image
General
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1587679475606&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=3886000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_1111894&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1587679475607&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=1&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=AMD%20B550%20motherboards%20and%203rd-gen%20Ryzen%203%20CPUs%2C%20finding%20old%20PC%20hardware%20%7C%20The%20Full%20Nerd%20ep.%20136&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&c8=&c9=&cs_ucfr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.5.97.37 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-97-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Apr 2020 22:04:35 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/p2?c1=2&c2=17958079&ns_ap_an=ConnatixWeb&ns_ap_bi=*null&ns_type=hidden&ns_st_sv=6.1.1.171219&ns_st_smv=5.8&ns_st_it=r&ns_st_id=1587679475606&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=3886000&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.1.1.171219&ns_st_pn=1&ns_st_tp=0&ns_st_ci=v_1111894&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_ts=1587679475607&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=1&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=AMD%20B550%20motherboards%20and%203rd-gen%20Ryzen%203%20CPUs%2C%20finding%20old%20PC%20hardware%20%7C%20The%20Full%20Nerd%20ep.%20136&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc11&ns_st_ge=*null&ns_st_st=*null&ns_st_ce=*null&ns_st_ia=*null&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Connatix&ns_st_ti=*null&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Fwww.pcworld.com%2Farticle%2F162240%2Fthe_gh0st_rat_in_the_machine.html&c8=&c9=&cs_ucfr=0
Pragma
no-cache
Date
Thu, 23 Apr 2020 22:04:35 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
bridge3.382.1_en.html
imasdk.googleapis.com/js/core/ Frame C794
0
0
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.382.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.382.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
198152
date
Thu, 23 Apr 2020 17:38:34 GMT
expires
Fri, 23 Apr 2021 17:38:34 GMT
last-modified
Wed, 22 Apr 2020 19:30:37 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
15961
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
bridge3.382.1_en.html
imasdk.googleapis.com/js/core/ Frame 0EB2
0
0
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.382.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.382.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.pcworld.com/article/162240/the_gh0st_rat_in_the_machine.html

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
198152
date
Thu, 23 Apr 2020 17:38:34 GMT
expires
Fri, 23 Apr 2021 17:38:34 GMT
last-modified
Wed, 22 Apr 2020 19:30:37 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
15962
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.adsafeprotected.com
URL
https://cdn.adsafeprotected.com/iasPET.1.js
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Domain
ads.adaptv.advertising.com
URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=OutbrainHB

Verdicts & Comments Add Verdict or Comment

223 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| getQueryVariable function| $ function| jQuery function| getApolloLocaleSlugMap function| getApolloLocaleIdMap function| getApolloLocaleDescMap function| getApolloLocaleBrandMap function| getCountryCodeLocaleMap function| getCookie function| setCookie function| getFastlyCountryCode function| getLocaleFromCountryCode function| getAutoLocale function| getSelectedLocale function| setSelectedLocale function| browserLocaleError function| setBrowserLocale function| getRedirectLocale function| getBrowserLocale function| getLocale function| __cmp object| consent object| dataLayer object| _sp_ function| __uspapi object| _sp_ccpa object| __core-js_shared__ object| core function| getConsentInfo function| idgCMPSourcepointCallback function| runQueue function| watchConsentQueue function| bindReshowCmp object| jQuery1102016439839856514804 string| twitterUrl string| linkedInUrl string| facebookUrl string| youTubeUrl string| twitterHandle string| busUnit string| localeEdition string| busUnitAddress object| IDG object| googletag string| positionDataTag object| adUnitIdsMap function| getSrcCookie function| isElementAboveTheFold function| isElementInViewport function| isVisible function| isTabVisible function| buildPositionData function| refreshCountdown number| refreshInterval undefined| testRefreshInterval object| adLayer boolean| global_ShowSuper boolean| global_ShowHero string| url string| fn_pageskin object| Logon object| $thm function| loadGPT boolean| requestAdsCalled function| requestAds function| iasDataHandler object| __iasPET number| IASPET_TIMEOUT number| __iasPETTimeoutRequestAds object| _sf_async_config boolean| canRunAds string| oneRegPlacementID boolean| supMontMods undefined| segs object| ntvConfig string| prodNames string| prodManufacturers string| prodCategories string| prodVendors string| idg_uuid string| edition string| dlJobFunction object| dlJobPosition object| dlIndustry string| adBlockStatus function| bindPerformanceMarks function| numberFromDataLayer function| stringFromDataLayer undefined| userData undefined| hermesAttrs undefined| userKeys object| permutive function| moment function| isValidEmailAddress function| encodeQueryData boolean| supLocaleEd object| LazyLoader object| xrayAd function| exeImuMobile function| exeImuDesktop function| debounce boolean| supportsOrientationChange string| orientationEvent boolean| suppressEd string| obEdition string| widgetId object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client function| renderTSO function| selectTSOAds function| parallaxLb function| parallaxLbHandler function| DP_jQuery_1587679444270 function| getQsVal function| getTrackingToken function| socialTrack function| linkedInTrack function| initZooms function| initAccordion number| localeId boolean| g_bRequireHttps string| subscribersSiteId object| DOMObjects object| subscribersApp object| acceptedDomains string| cleanedHost object| a object| f string| timeDate object| google_tag_manager function| postscribe object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| recaptcha function| onYouTubeIframeAPIReady string| firstSessionDate string| lastSessionDate string| currentSessionDate number| sessionNumber undefined| inSession number| daysSinceLastSession object| currentTime number| longExpiry undefined| lastSessionMS string| GoogleAnalyticsObject function| ga object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| google_tag_data object| gaplugins number| google_srt undefined| google_measure_js_timing object| headertag string| slot object| SC object| gaGlobal object| gaData object| twttr function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI function| generateSubtag function| twq object| AWIN object| Criteo function| headertag_render object| pbjs object| rubicontag object| criteo_pubtag object| vmConsentCookieFinder object| script object| child object| _tlImpressionBusLoader object| VM object| tl_jsonp function| _typeof string| VIDGET_VERSION function| OB_VidgetServiceCallBack number| vidgetServiceInstance function| OB_VidgetServiceCallBack0 object| OB_VIDGET function| OB_VidgetAuditCallback object| vdz number| _tlTagsPending function| webpackJsonpbl7qyxgd3mzp function| setImmediate function| clearImmediate object| vidazoo object| Vidiazoo boolean| CLOSURE_NO_DEPS object| SpotX object| DigiTrust function| avPlayer object| storageAni object| teadsscript object| teads object| teadsObj0

0 Cookies

6 Console Messages

Source Level URL
Text
console-api error URL: https://cdn.permutive.com/f5b3be27-f789-4ef1-8867-37c67da5b361-web.js(Line 1)
Message:
Error while initialising permutive. localStorage not supported
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042001.js(Line 6)
Message:
Exception in queued GPT command TypeError: Cannot read property 'getItem' of null
console-api log URL: https://ccpa.sp-prod.net/ccpa.js(Line 1)
Message:
CCPA script successfully executed.
console-api log URL: https://k.intellitxt.com/intellitxt/front.asp?ipid=88677(Line 78)
Message:
VM: ReloadGo - Consent cookie not found
console-api log URL: https://k.intellitxt.com/intellitxt/front.asp?ipid=93398(Line 78)
Message:
VM: ReloadGo - Consent cookie not found
console-api warning URL: https://static.vidazoo.com/basev/1.0.367/prebid/prebid.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
ads.adaptv.advertising.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
adservice.google.nl
aka.spotxcdn.com
alt.idgesg.net
ampcid.google.com
ampcid.google.de
api.rlcdn.com
api.skimlinks.mgr.consensu.org
as-sec.casalemedia.com
bis.vidazoo.com
ccpa-service.sp-prod.net
ccpa.sp-prod.net
cdn.adsafeprotected.com
cdn.connatix.com
cdn.digitru.st
cdn.permutive.com
cdn.subscribers.com
cdns.connatix.com
ck.connatix.com
cmp.pcworld.com
core.connatix.com
csmb.staticworld.net
d2zv5rkii46miq.cloudfront.net
eb2.3lift.com
eventlog.outbrain.com
hbopenbid.pubmatic.com
i.connatix.com
ib.3lift.com
idge.staticworld.net
images.idgesg.net
images.intellitxt.com
images.outbrainimg.com
imasdk.googleapis.com
inventory.vidazoo.com
jadserve.postrelease.com
js-sec.indexww.com
js.spotx.tv
k.intellitxt.com
libs.outbrain.com
log.outbrainimg.com
match.adsrvr.org
mcdp-chidc2.outbrain.com
mv.outbrain.com
observe.aniview.com
odb.outbrain.com
outbrain-d.openx.net
p.skimresources.com
p.typekit.net
pagead2.googlesyndication.com
platform.twitter.com
player.aniview.com
q017o-ootbn.ads.tremorhub.com
q017o-wfv89.ads.tremorhub.com
r.skimresources.com
s.ntv.io
s.skimresources.com
s0.2mdn.net
sb.scorecardresearch.com
search.spotxchange.com
securepubads.g.doubleclick.net
server4.vidazoo.com
sourcepoint.mgr.consensu.org
static.ads-twitter.com
static.criteo.net
static.vidazoo.com
sync.search.spotxchange.com
sync.teads.tv
t.skimresources.com
t.teads.tv
tcheck.outbrainimg.com
tlx.3lift.com
tpc.googlesyndication.com
track1.aniview.com
trk.connatix.com
u.openx.net
uploads-ssl.webflow.com
use.typekit.net
v.connatix.com
videoclientsservicescalls.outbrain.com
w.soundcloud.com
widgets.outbrain.com
www.dwin2.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.pcworld.com
ads.adaptv.advertising.com
api.rlcdn.com
cdn.adsafeprotected.com
104.19.150.54
13.225.73.125
13.225.73.2
13.225.73.32
13.225.73.44
13.225.73.59
151.101.114.165
151.101.114.2
151.101.12.157
151.101.14.110
151.101.14.2
151.101.14.217
151.139.128.11
159.180.84.2
172.217.21.194
18.194.103.60
185.64.189.112
185.94.180.124
185.94.180.126
185.94.180.128
23.210.248.12
23.213.164.117
23.213.164.238
23.213.165.125
23.213.165.149
23.213.165.44
23.213.169.115
23.213.170.21
23.5.97.37
2600:1f18:612b:4216:42a:a8ed:cc8a:b5e1
2600:1f18:612b:4216:5ba:f6db:f8d:c3e0
2600:9000:20eb:3600:17:5578:e080:21
2600:9000:21f3:6800:2:d151:aac0:93a1
2a00:1450:4001:801::200e
2a00:1450:4001:806::200e
2a00:1450:4001:808::2001
2a00:1450:4001:809::2004
2a00:1450:4001:809::2006
2a00:1450:4001:80b::2003
2a00:1450:4001:815::2002
2a00:1450:4001:817::2008
2a00:1450:4001:818::200e
2a00:1450:4001:819::2002
2a00:1450:4001:81e::2002
2a00:1450:4001:81e::200a
2a00:1450:4001:81f::2002
2a00:1450:4001:821::2002
2a02:2638:1::3
2a02:26f0:3100:3a5::2c79
3.125.56.182
34.201.75.104
34.234.137.236
34.95.120.147
35.190.40.172
35.190.59.101
35.190.91.160
35.201.67.47
52.201.97.1
52.204.232.56
52.57.10.175
52.58.47.46
52.6.68.76
54.225.177.131
54.229.6.20
54.81.183.211
54.85.243.28
54.86.154.26
64.202.112.95
64.74.236.95
69.16.175.10
70.42.32.95
93.184.220.66
95.100.67.47
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14
017a34f74ce0ffbfba504c7af87b054d8afc3b432170a7c6d9da45b5660d1118
017ecacd47438f10cfbc12a9388ad99c2889257df82924f07ab8d90ed3d3b3aa
02b017b9b37161fe4442f83ec94c59c34fa3a0108a8ebfee7871c3a7bc458674
02d2940a00290f3a9e4955de7821626688c0cacde8c97c762838e6b40ab22926
03643efcf63e8fbfe6571cd0f1a4ce49f8575a7bee74f2e9fd7fab344e474e48
03ee156150f3b71f89526f9bfab307348c02c551d136a8347c2121cb631d8384
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07ea0e434a4610a7aca32dadfb0a72e23f229650eb422074f2999cf46b8cacb6
092d361acdcbe0f2889fd1735e219a19b0452670d41046c68d93bf8c754f55b3
0b810c6b83f3d55da4c3e345113ad863901ff3e382e04170817b853f761dd9f0
0be4e687e8b026eca636a2e41e9c11fdefcec1e1696d2f3553c0bad72bd6ed5d
0d3e39f8fc8dd7dbd323f99696f9e553dc774af283e7ba37d4684eee6d6f0809
0dd04ee5d897a00eb69286a8c9cf09aab8fe27343108ac530d61e0a0821f268d
120fb2279d5061dd4a428f935fdf10c09e95c1f2ec0346f7aaf6c8b7f382cf49
12f049028f53201e403ee1f8d8f57a243f752a68d22f5f09f026c6ed373c2447
16b202847dca025983e3ad10c7281b3079b4ce12217fe3a67f6468582653fba6
17b7beee00ab0ed90dbb8dfce5c741a3beb67a0b66591a34e191ed0b7999a08f
1b197985c0bef8bc365381bd16e15dccf184eb33d0abf0afdb4f567da2000fb2
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d3c27508b822c29325cf36b9652384f7719a580df35733a9d146f45289c95dc
1dc3b33190a6b7e747940c7f383e80038cd4bea05b1e8e0e6b4258bcf94ed5cd
1e8e9b90a66e1741a5300ee65d6fab837aab5c3f0a32a523d85002ae53154c9c
1ebab26fbcab1b6f5b6e4b14917fe4f7985f71089a7b46daf57a2e23d3522884
202190afcb483c57aaf053be5b197ce0a0b9543c468037154dd4fade151f13c7
21b3d2dc8e0d9e70821e7647ace3fb0a50fd046fb92d48873c5dbab4a30e6826
2270d902c0076b7e4cb64998828f77298b5dad9b2eba1505cff01d4902c33a26
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
24f76ac1062a5170b20c81f6c57804077b4efb4466e58f8b0a679d3e22a6bc36
2511ba7489f690890a23399b428011b1691b79278dddf2c53f9221cc19606e72
2615f7baf05472622e67a05639e9980aa79f9bcb3466b03040602856842ef7d2
27610c6febde0eab59f77460be3751d60ba33b1d7c4be656b8150a0320a6c818
27fde44068bd4c5d0c82b71f10cc792d7f532e1bcfc6e3aab812670c86abc8d3
289892281b48ca17404d864d2dbb41a4ee40eb6743ca429371b90ba5c357597a
2ab172d1a6dab39d0b8efd61404468129ea0c23eaee414669b69276064dd3c11
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2cee233aacdc8334419da29513183ca776a588e8b533b19bc7f7430ca704e526
2e9b6db91ede2a0ffae7dcaeb2bd77945a104a95e32a44cc80caee919fe1cd20
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34c78154ac348b702e1cde8e5d432668b6afa3f93f639aa15856a05d527f3458
352a6ff912307bde526ad72be4d0df4f331352cbae0fb9cf842e99cf72a88895
373e1b5b20dc644f44a4c3184d392d9e7eb64845c3e9f3433a31ff6424675253
382bfda3859c621547c8d56bd7eebe93afc88df5fd876d356ac090bb95543123
39ad44c226bb05409a2d07bce0632db9df7d808becd6bba7a438b5a6dc0d6c62
3bfcc7926b83be5bf9f1961c6f993558dc5abe2e7e3730bacda178b45eeb3b2a
3d8759af37bfd3ec562b123ddd2d1e04d063eaf8d9cf18f6ee395ee1beaa59c5
3f006dec88c65732acad8ea71a9bcc6be450a360567eccc8174da37df54c6038
3f6aa3b9a86115f8ce87c94ef4a28d3b3a535701a4d32571a121a37125ebd75a
4209a1f523177a9246c17338e9fc7a648e8d44f59b256df832aa5b17cef7ebf0
420b0da3f4e41827174f892bfe3c46a2b9bec8675f53549b1b556d06032e567e
42280bb8f1c1e9bdcde431402ff2fc3dd2494b0f5ba7b118cb4709d62a398f9e
44ecdeeb04d9cb6de9d76ebc9f8ab716a7f6b2f08a01f179a462e008debfcb07
464e7cde418a559c5035942d1ab154d5d906f378f256a0dd39848d197df6180d
47c749c888c850505d68f2745651928d8aec9a6802d6a8b20869fa114af92277
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
4898c2b9f8c2f931ef6a819d36e0019867931d9519af933ab4bd5edce724b2a8
4e160895472e0f3fe95c9910034eb6a67fc96c6ce3b612a92232e4194b425074
4e67d8c11d78864f56c57e41f8d64bdf0238b881625f19022132fa2d35a1ef81
4e6b5fc328bac95eec2e30afa8a58224c9accc6d70daf0e864d75c4c6d07fe94
4e84d85a31c26a182e31a0e7e97f1393690c5b5756a00201ca7752a253c79998
4f4ed0e81c2f0016d06ae816dd872edc04e97612c9d36f2f3f4475f2954e7fcc
5037cd418ca2bff00f8215d2104c389074f932b1474e9925c916c57bc4b75a6e
5156e9286b87b1e03f6151c2bb29ad54d2b9da4df874a23c742a0693bdc209a1
522e2ab4cfe5b160a1c90ee0d581f0d26abaad30a17e1f2bdc79255052838000
529406b62faebc10b88ac3556e600efa3318b85aba083bdc453c5521907b73e0
52a65f202bea1f6a3a6160fc21534d0fd0141c262c7d0b100f96e8d0f976de0b
537d7a2ee55484fcb24cea45dd4593d1f478d83545b0399616af969a69c88c41
538d417f7a723df17237e4a83e532b7f86d4411282693983f614f20085f0e0c5
55e8d16bb1a291b0524928dd3bd20c191a14d8a947e4b141271f9c595c7bb451
564e924253c465a9722ebbad7fc25124530009d191a17ea1c224d3dba7268add
56e2edc9a64a6a3c7fd672c1da3d910e0c8fdf69212995fe2d089f12c83308ff
57480da8fbbef6d6e46905c6c0c202e10982cbfaae2ed6a6cc9304abf0369676
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5b515ef46ed7043e31bcc5bbfdee7ad82c3e3e794b5c01ee8810f850a9649665
5e91451bafe3d79b6875643fec5b6b198b4e4b9a0e38fe8ea02dd8e0f3b51cf8
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
64a13fb927e2ef03f3a59a79d0588d7514c4fbfb85f9237abb59dc04e7a49707
64bc55b4e0096204079dc0cd710f9b80918345c1c54bcbd4c5454815b057a3bb
6565044c8634f7a7dd28ba108f8e1ef8d344f2b23332d11b55965634ec23df69
65c03f8269632a64df15ef9887406807bddee1b3f06deff1dbb3777e0027b2cd
667debbaedd83bca646fd0699c0c124d837823404ed930ab4e6eb457dcb41cc7
676aa6d4090a54ea6893484095f55c80659fb8538db100cdb8ce1dc82bab42b8
67e0217460f25705f93a545a0cd44f94f337eee107f0308408b1978afcae1ab6
68a82d058ee6e3dd8bf0d0fa0f7cdfc5644cae006bb1e50809ef6de5e3e388be
6a0f6cf6b4648c192d81b5fc7b70cb2f6819ef4a799e421e8626cae9697aa85a
6bca657f0f40273c51e479f6d8b775b466c5c7f7db8a35ff3deef165dbbacabf
6ca3d81747291dea42fd556588fd0c18003ffaf042bce2fe9f4683f91164f201
6d670e22647964b1b3663c0b34b6531a12a6f7d36dc232570af7d84b9458df0b
6d891777771aa5f97eacda90fbd16004957c0784475110611a4f7493bad8a9b5
6d9ca1438657fd03d5f135e97a2c0d41b6d4be97d294b83d2ec3c2b5d0f2eb14
6f1e5a59314dbb7c2c0dc22b03f7f2bae75ea8f2c918e0e147388ce6c95881fb
6f41e585383435a3d37287aca75d4351a53209f5724685b6f167a34458d2d1ac
78d83d68ccf7a24aca085486bfc291760424279b6f5308092af4fe600b9d1e19
7cffadca178c2346f349b255fe288be601a4890e3bde39f23a60d1f33c5386fe
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
80eb7ac3e4dc7d02da1c15eb79982371eaaeb693b6487d2f8da7333b5f8d8a8f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d86c9e7359ed844c0e7682abcd5cdb65222d421c61156f17791ac6c2650274
85277adb60d0772c6a0f026ad88974c96cad412f065585082a02b41dbc956eec
87984f28651235e9881bd0e87607da59e5ad53f28e59b63cda6e36862992239b
87bffeae13a5cc3b427d1b837fe42ce466905791de34c137c92a3d71d848a99f
8b2dce279cfc64e43142d5095ac0708575c37fe6ee6e733c03c30512c74bd94d
8c28f89ce6de3bdbb63e6e18f11fd7fa811d498688fe29f932bb8ecbe6e87053
8d8685788fb9f068527bb37b61f70a685dc17e3f86475c35f8b6719e068db491
8e920612ce29a3290fc2edbaab7647470f21dda35cc1a350f9b8b362fc4d3ebe
8fb57c89ebde7c4eddfd9658c4d650a3ce4fd943bc8f12de6a54c8e92475cd2d
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94a12c39ffced5acc0455cf0932bb6f191bb52fa7bf929cecdc23238080a9df0
950701e4650043f514b6e59c2499415eea44888d8ccce9a96c08be8349e8a430
97b3d4f1091dae1786f87ae416382b953be6e3e493e7606de20317aa46441df6
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
994275551d8a3b66aa3ec609f99d7cb2b7edaf393e125748c7f8ddf064ae115a
99b522b7529c433012cf38d770feaeb70851d71133384bd71ea3cdb27d51dade
9c170785d0d0709612d3f7ce4c0509a4466433819c02d7c95a91ac4c25dec2d3
9cc04c56dfa36de6a55397e43b6df5b30b1db863d59c2b1feee9f903559e63f9
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a15f05f190041cbc96dd8ce19c1b343b6c53c2de0d746c3f9577b18944d4b200
a306acdabf2c261b44d36cbf95365978dec91dd520f5f4023cdf31791c484ea3
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a512590ee9ceb343f229b06fe7da21f67cc701bdf8790b3e4d03f26f24794f7a
a60f9814c02a803c2a17e4599b9bc28e0387b367b90e009e3b53ccb60242cc31
a8df0678076b92038596e4a3b1c8a9d230275e4dbe72ae9ccd4ed99eed08ade0
a926c1788a4fc0c0473078d3179ff2bb119664f174ced220d1acf2ab3efcfdf9
ab2ef76dffeae79cf8924b6e69368c855af10f35510888e098143971b3a62ed1
ab54e63098ff1a191073bf312d7fc5cf09ff09f96d5c9b2b9372cb9dfbd632f1
abf6a1c57f968570bebfe1913e419589d42f899b40799bc5d8509b773c89d569
ad20d2d42fcbd58ad9c50a6e53db21bf4425be6f8237a41f109c2717c30b4067
aef82825aeae31cac3837ddc620f97cfd5458f9ebaa70dfa71b3a07ab1050474
b0b6be374533c011d0cae2655a8005807135d05f30887e70b71a51c23dbfc11a
b339d3774d92545b684128f1464ea94756e297ab3a8a579ae4fc39fbeea9d903
b3f949c5fa5809887926e9351f3d35a72b6c9b542bcbfffbc41e0fd87424ae71
b402bc64327a0461e1a09527c7f0401d29d808278d9fc65554628a2830956203
b42412a0e2fd452601f89dc9119e8dc4c563d204e6a54ba2f91e7c046f9de3a4
b52e06f854795718703ef9723b47a9a23edcbe2ae53ff261926d8d6059056cfe
b57be03e4acc549fb6df3904fee027141b6964ea20e021bce329483a79492f0d
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b65dde4c9354b696887b7ec8d52c2a723491c0327a34d4b6c922e15619dbcca2
b7350ce75a64d101a238f064385519d7133625f81f1c9efaf38381c6675695ee
b91ab9dfda75da71ef2d179b7f3e2898803f9dacbc913675c762e10128d4d979
b9a7da85e66b39ae1fc22786b9d3663f8b0b36cbd69882779ea385981ebfe43f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc1ee6100bce11eef9cc1f7dc9cdcae914fa7c5c125f0becff2c6f84bf594414
bdb83acfc2d3c9edfed8ae0c0b362107e99c91da1bf090c6beef0beb2a88cc5e
c27b11a4844614f6d6e987fa8f18ff24e12f59abe2972869509f57f92bdac135
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c71b723f8b3ffd2865e43fd72f9cf7cb9665b6aedca5dc88c8d328814be023da
c7cf115e67746c51d82a59d06f144ae845dcc4cd9419dd6252465ad8d66529c1
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c957adaf4326a8636ad68fc78acb194b96b34bbeba09daf6b36c74975ac37d21
ca1ee60603dcacd0f1bbb6b6c77db0b8fb5971a6f9ed213a7a81afa5e4827a0a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd8eb12655a8ddceb0cf2d593f6bb77a9b7fc22f3c96dce4ed400046564cdf2e
cd97b51977edf7d5651d3fd14e85d8be5a6417323a5fd3de658f42df2d0a6106
cdf2700459ab474c9e19ccf7a3b9c6044a6cf2f2ff7bb0e1ab7bde2304409c87
cf1871ccc00f388b54e10f740aef8ea3b64923b8cfc18eef9335c7a3db386ab4
d2aae940b6d023c99cbd656bbd0868f51bcf4a93455efef42cc95d8a4c7bceca
d4975634c46a5d77bdf46a8ed69680cdf60eb1b4400e20eb68c3f8388ab9b5bd
d51ba5b4b5e08defa88aeaa0824939747d0bd89b746fb57c4cf6f1cfb72311dd
d67513f0b036a0c8afc20ce34ac8fac82f40f9a6d196ba24b69a2ae70b0f051d
dc272f580cca5b696c2f47222e52f0423140e05140f88c213cb1e51972a5c9fb
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de71752b9da39752192f15c8153ca0c81a2f327c4afc65161709731eda8571c3
df0894bd40dae58dae94ead8d27bd0da42b346bdb000030142a620089f43f52f
df19d8c2376b5e16d9ffcc02c844b361823b8ac98e74b4edc056275f81c7df21
e100e3cfe5199ae8b8daff8362685fd1ac424b7f4325f57200a0fbc2eecec6ee
e26208c75ab34c86b46d8ba7aeb66dc26274538ef1a978f97001a537e18d76a8
e2d685ea9d70a27737acb497a3411485a89eb2cde0a9d0b1139e0ce8f7b9dbd8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c11f5bef24752ad5aa0310faef966c431a027a40ceb703dfcad04ca208afd0
e54f6a66c7e17b593d4bb6ec76157a4b1aa638cb4b25411dcd336dbe69a4f72f
e5574325672fa8c35bad6d935af2c906a120a2a177ad835302c76c72d063e969
e63dbe7776187b4a0bc6e40fb13a30a881848b5aab64edd3a597e87188a0ad60
e69e091f9f1171b2379dd92aeff8a226352b27e7a76ff1e8db7056770f30a531
e90fb2e3df0d3c57d21793164d01be1e0064baddec3e62708925e64fe40f756b
e97cc76a9f1fb6abe8679ef2111e55dd7b0cdd9981cdffcdc056b58edefe1d3a
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec76008643303d55f290bc235136d8c86e9c492ef6e17c291c538c9c6398f06f
ee441245ef85f538030acf5e534d1cf2664c18289cec8cc0d84656ffb0e0a95d
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eff1e369cf0b3ccaf06a247ad118d31ddb4dee8c19ae178d2f7bd6f4043a2d6c
f0b97fc49950832323730d508911fa12bd098eca0670ccb3a18ada5af3a34699
f268d5ee7df294c975d8e6825c32be94978c451dfb3ae01b05bf132e65e9c93f
f274e373901cfedb5598343e280e971b80b7a6b7cf5ce64da2647fa08b46c870
f48770a2af9e2c710b87c44950c0a19a900d7f57690265886c9d25639558f055
f54c116d5b5cb7af0fd2221ed7fa0d09f80e4bfdcda62c3f56cea772b730e648
f60ea4210a46c318e3bb9c01e607f2a4a1910f4e45795e6fdd5ddf996ecfa559
f61b1ba3700b1804ae3b1f49123246d483907ed481dacda12aa40baa6a419e72
f6bbd3540733be952a2921b2e4716d3b5190d5897510efcf9baa09649a1eaedf
fb35f8c9675722c4d1f3f0b65e6c324723e0f4e9c1d8d6b4f825f9c1d15b59a3
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
ff8e9374671e5df3a2becd4a19478191344a1a8edfb1bd56c2d2973da2d1a54b