www.windowscentral.com Open in urlscan Pro
2606:4700::6812:bd37 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/uqY78Nqx6F
Effective URL:
https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Submission: On April 18 via api (April 18th 2022, 5:57:37 pm UTC) from US — Scanned from DE

Summary HTTP 93 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 45 IPs in 6 countries across 39 domains to perform 93 HTTP transactions. The main IP is 2606:4700::6812:bd37, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.windowscentral.com. The Cisco Umbrella rank of the primary domain is 59551.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 5th 2021. Valid for: a year.

This is the only time www.windowscentral.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
16	2606:4700::68... 2606:4700::6812:bd37	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e053	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:451	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.97.8 18.66.97.8	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:20:... 2606:4700:20::ac43:4acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:78b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
5	2600:9000:225... 2600:9000:225a:c00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.215.1.116 52.215.1.116	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	143.204.101.50 143.204.101.50	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:fcb8:22d2:d390:5f1b	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
3	151.101.130.114 151.101.130.114	54113 (FASTLY) (FASTLY)
1	34.111.234.236 34.111.234.236	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	13.225.80.85 13.225.80.85	16509 (AMAZON-02) (AMAZON-02)
2	18.66.2.26 18.66.2.26	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	52.50.139.7 52.50.139.7	16509 (AMAZON-02) (AMAZON-02)
1	18.64.87.36 18.64.87.36	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:249... 2600:9000:2491:3600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:238... 2600:9000:238d:4e00:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
2 6	99.86.7.79 99.86.7.79	16509 (AMAZON-02) (AMAZON-02)
2	63.32.132.64 63.32.132.64	16509 (AMAZON-02) (AMAZON-02)
1	34.194.161.83 34.194.161.83	14618 (AMAZON-AES) (AMAZON-AES)
1	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
5	108.128.98.123 108.128.98.123	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225f:3400:d:5ce3:a4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.121.92.52 3.121.92.52	16509 (AMAZON-02) (AMAZON-02)
2 2	104.36.113.107 104.36.113.107	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 2	185.86.139.57 185.86.139.57	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.211.144.1 35.211.144.1	15169 (GOOGLE) (GOOGLE)
1	51.195.5.234 51.195.5.234	16276 (OVH) (OVH)
1 2	54.220.157.118 54.220.157.118	16509 (AMAZON-02) (AMAZON-02)
93	45

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700::6812:bd37 (United States)

ASN13335 (CLOUDFLARENET, US)

www.windowscentral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:f7::5c7b:e053 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:451 (United States)

ASN13335 (CLOUDFLARENET, US)

6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

freyr.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bordeaux.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.servebom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-8.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4acf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

futureplc-com.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:225a:c00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.1.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-1-116.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-50.fra50.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:fcb8:22d2:d390:5f1b (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.130.114 (United States)

ASN54113 (FASTLY, US)

search-api.fie.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.234.236 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.80.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-85.fra2.r.cloudfront.net

js.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.2.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-26.txl50.r.cloudfront.net

uk-script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.139.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-139-7.eu-west-1.compute.amazonaws.com

sommelier.futurehybrid.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.87.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-87-36.txl50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2491:3600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:238d:4e00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.86.7.79 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-79.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.132.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-132-64.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.128.98.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-98-123.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225f:3400:d:5ce3:a4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rm-script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.92.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-92-52.eu-central-1.compute.amazonaws.com

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.113.107 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.57 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.52 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.211.144.1 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 1.144.211.35.bc.googleusercontent.com

pool.grid-data.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.5.234 (France)

ASN16276 (OVH, FR)
PTR: p36.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.220.157.118 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-157-118.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	windowscentral.com www.windowscentral.com — Cisco Umbrella Rank: 59551	390 KB
7	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2167 test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 5832 audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 10095	177 KB
6	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 137	5 KB
6	cpx.to p.cpx.to — Cisco Umbrella Rank: 10837 s.cpx.to — Cisco Umbrella Rank: 2228	7 KB
6	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	20 KB
5	futurecdn.net freyr.futurecdn.net — Cisco Umbrella Rank: 14122 bordeaux.futurecdn.net — Cisco Umbrella Rank: 15504 search-api.fie.futurecdn.net — Cisco Umbrella Rank: 14626	235 KB
4	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 903	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	1 KB
3	dotmetrics.net uk-script.dotmetrics.net — Cisco Umbrella Rank: 5497 rm-script.dotmetrics.net — Cisco Umbrella Rank: 7753	5 KB
3	gumgum.com js.gumgum.com — Cisco Umbrella Rank: 4540 g2.gumgum.com — Cisco Umbrella Rank: 1506	39 KB
3	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1059 c2.taboola.com — Cisco Umbrella Rank: 7825	189 KB
3	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1523 bcp.crwdcntrl.net — Cisco Umbrella Rank: 858	12 KB
3	typekit.net use.typekit.net — Cisco Umbrella Rank: 510	79 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 438	2 KB
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1463	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 355	898 B
2	pubmatic.com 2 redirects image2.pubmatic.com — Cisco Umbrella Rank: 898	631 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1307	1 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2749 p1.parsely.com — Cisco Umbrella Rank: 2214	18 KB
2	perfectmarket.com widget.perfectmarket.com — Cisco Umbrella Rank: 3657	33 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 975	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 138	83 KB
2	btloader.com btloader.com — Cisco Umbrella Rank: 1133 api.btloader.com — Cisco Umbrella Rank: 1274	7 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	621 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 699	1009 B
1	bidswitch.net pool.grid-data.bidswitch.net — Cisco Umbrella Rank: 10682	244 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 675	214 B
1	futurehybrid.tech sommelier.futurehybrid.tech — Cisco Umbrella Rank: 16170	1 KB
1	servebom.com ads.servebom.com — Cisco Umbrella Rank: 12906	360 B
1	google.com adservice.google.com — Cisco Umbrella Rank: 77	549 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 7579	792 B
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 897	2 KB
1	ml314.com ml314.com — Cisco Umbrella Rank: 1582	32 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	33 KB
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	1 KB
1	videoplayerhub.com 1 redirects futureplc-com.videoplayerhub.com — Cisco Umbrella Rank: 18253	532 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1209	5 KB
1	permutive.app 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app — Cisco Umbrella Rank: 14444	241 KB
1	t.co t.co — Cisco Umbrella Rank: 476	558 B
93	39

	Domain	Requested by
16	www.windowscentral.com	t.co www.windowscentral.com
6	sb.scorecardresearch.com	2 redirects widget.perfectmarket.com www.windowscentral.com
5	s.cpx.to	p.cpx.to www.windowscentral.com
5	quantcast.mgr.consensu.org	www.windowscentral.com quantcast.mgr.consensu.org
4	rules.quantcount.com	secure.quantserve.com
3	www.google-analytics.com	www.windowscentral.com
3	search-api.fie.futurecdn.net	www.windowscentral.com search-api.fie.futurecdn.net
3	use.typekit.net	www.windowscentral.com
2	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
2	secure.adnxs.com	2 redirects
2	sync.smartadserver.com	1 redirects www.windowscentral.com
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	image2.pubmatic.com	2 redirects
2	g2.gumgum.com	js.gumgum.com
2	stats.g.doubleclick.net	www.windowscentral.com
2	ad-delivery.net	www.windowscentral.com
2	uk-script.dotmetrics.net	www.windowscentral.com
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	secure.quantserve.com	www.windowscentral.com t.co
2	connect.facebook.net	www.windowscentral.com connect.facebook.net
2	cdn.taboola.com	www.windowscentral.com cdn.taboola.com
2	securepubads.g.doubleclick.net	www.windowscentral.com securepubads.g.doubleclick.net
2	www.facebook.com	www.windowscentral.com
1	id5-sync.com	www.windowscentral.com
1	pool.grid-data.bidswitch.net	www.windowscentral.com
1	token.rubiconproject.com	www.windowscentral.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	rm-script.dotmetrics.net	www.windowscentral.com
1	api.btloader.com	futureplc-com.videoplayerhub.com
1	p1.parsely.com	www.windowscentral.com
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	sommelier.futurehybrid.tech	bordeaux.futurecdn.net
1	ads.servebom.com	bordeaux.futurecdn.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	js.gumgum.com	www.windowscentral.com
1	unpkg.com	t.co
1	ml314.com	www.windowscentral.com
1	www.googletagmanager.com	www.windowscentral.com
1	d1z2jf7jlzjs58.cloudfront.net	www.windowscentral.com
1	p.cpx.to	www.windowscentral.com
1	c2.taboola.com	www.windowscentral.com
1	btloader.com	www.windowscentral.com
1	futureplc-com.videoplayerhub.com	1 redirects
1	tags.crwdcntrl.net	www.windowscentral.com
1	a.teads.tv	www.windowscentral.com
1	bordeaux.futurecdn.net	www.windowscentral.com
1	freyr.futurecdn.net	www.windowscentral.com
1	6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app	www.windowscentral.com
1	t.co
93	52

This site contains links to these domains. Also see Links.

Domain
forums.windowscentral.com
www.thrifter.com
www.androidcentral.com
www.futureplc.com
www.bleepingcomputer.com
www.mobilenations.com
admin.androidcentral.com
admin.imore.com
thrifter.com
www.technobuffalo.com
youtube.com
passport.mobilenations.com
www.twitter.com
www.facebook.com
www.youtube.com
instagram.com
yourfuturejob.futureplc.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
windowscentral.com Cloudflare Inc ECC CA-3	`2021-06-05` - `2022-06-04`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2022-03-17` - `2022-06-15`	3 months	crt.sh
freyr.futurecdn.net R3	`2022-04-10` - `2022-07-09`	3 months	crt.sh
bordeaux.futurecdn.net R3	`2022-03-11` - `2022-06-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-26` - `2022-04-26`	3 months	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2022-03-25` - `2023-04-23`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-13` - `2023-01-13`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
hawk.techradar.com R3	`2022-02-25` - `2022-05-26`	3 months	crt.sh
*.ml314.com GoGetSSL RSA DV CA	`2022-03-29` - `2023-03-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
*.gumgum.com Amazon	`2021-10-15` - `2022-11-12`	a year	crt.sh
*.dotmetrics.net Amazon	`2021-10-24` - `2022-11-21`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
ads.servebom.com R3	`2022-03-13` - `2022-06-11`	3 months	crt.sh
sommelier.futurehybrid.tech R3	`2022-04-08` - `2022-07-07`	3 months	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2022-02-23` - `2022-05-24`	3 months	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-17` - `2023-01-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
pool.grid-data.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-02-25` - `2023-03-07`	a year	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Frame ID: F6CECDF19D5E04220A572CCCDC0B626A
Requests: 90 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: 5BE0ADFE55D03FE9F073920F7FB3BC33
Requests: 2 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=12464/rand=849272580/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr
Frame ID: 4FCEB657AACACD3EA3AB69C12E69B2B2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Microsoft says Windows under attack from Chinese threat actors using stealth malware | Windows Central

Page URL History Show full URLs

https://t.co/uqY78Nqx6F Page URL
https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

93
Requests

90 %
HTTPS

39 %
IPv6

39
Domains

52
Subdomains

45
IPs

6
Countries

1643 kB
Transfer

6248 kB
Size

41
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://forums.windowscentral.com/?utm_source=wc&utm_medium=navbar&utm_campaign=navigation
Title: Forums

Search URL Search Domain Scan URL

URL: https://www.thrifter.com//?utm_source=wc&utm_medium=navbar&utm_campaign=navigation
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.androidcentral.com/best-vpn?utm_source=wp&utm_medium=topicblock&utm_campaign=navigation
Title: Best VPN

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/terms-conditions/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/microsoft-new-malware-uses-windows-bug-to-hide-scheduled-tasks/
Title: BleepingComputer

Search URL Search Domain Scan URL

URL: https://forums.windowscentral.com/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Forums

Search URL Search Domain Scan URL

URL: https://www.mobilenations.com/licensing-reprints/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Licensing and Reprints

Search URL Search Domain Scan URL

URL: https://www.mobilenations.com/advertise?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/accessibility-statement/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Accessibility Statement

Search URL Search Domain Scan URL

URL: https://admin.androidcentral.com/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Android Central

Search URL Search Domain Scan URL

URL: https://admin.imore.com/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: iMore

Search URL Search Domain Scan URL

URL: https://thrifter.com/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Thrifter

Search URL Search Domain Scan URL

URL: https://www.technobuffalo.com/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: TechnoBuffalo

Search URL Search Domain Scan URL

URL: http://youtube.com/c/themrmobile?utm_source=wp&utm_medium=drawer&utm_campaign=navigation&sub_confirmation=1
Title: MrMobile

Search URL Search Domain Scan URL

URL: https://passport.mobilenations.com/?u=eNpVT8tuwzAM-xff3bwTxD0O2AdsuweKrDZGHDuwVXjDsH-fk_WyG0WRXCIFalDfUVW1EoG0CYQ8PYIV18xVpRIL8x5VUaSULsk47VNEchzAXtBvxWYw-OhvLCN8RflUyIfTFCQwA64SF-MokuQlELAEZB-yJBp3l5EJLC9yA5sg0Bnb_68ybbo7-CZX1BrGstHDjDgD9DdqEcsZW41DM-r59LdKRMNcJ8yOtB8gn8yxxrtj6JSw_m5OfLz48v72On34lTIzq_LJ0uduAvx5TC7VlU3d112V16MSO4VcXNm49bBU159fXCK-bVc,
Title: Log in

Search URL Search Domain Scan URL

URL: https://passport.mobilenations.com/?utm_source=wp&utm_medium=signup&utm_campaign=passport&u=eNpVT8tuwzAM-5fc3byT1T0W2AdsuweKrDZGEjuQVXjDsH-fk_WyG0WRXCIFutffQZeVzpiMZUIZHrxkl8SVhc4mkS3oPI8xnqJ1xseA5IRhOaFf89VcIvvgb6ICfAX1VKiHM8QKRFwwZ4WTdRRIycQEolwwxXOSBOvuKgjBXCKTWmGJwHTEdv-rDKtpd75OFY2Bc1GbfkQcAbobNYjFiI3Bvj6b8fA3OgtWDpgccdtBOplirXf78LLfv9sUzUde-vL6_vY6fPiZkmDUxZOlz80y_Nls6tUWddVVbZnWZ51txKm1dfNuKS8_v41obqY%2C
Title: Sign up

Search URL Search Domain Scan URL

URL: http://www.twitter.com/windowscentral?utm_source=wc&utm_medium=burger&utm_campaign=navigation
Title: t

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WindowsCentral?utm_source=wc&utm_medium=burger&utm_campaign=navigation
Title: f

Search URL Search Domain Scan URL

URL: https://www.youtube.com/wmexperts?utm_source=wc&utm_medium=burger&utm_campaign=navigation
Title: p

Search URL Search Domain Scan URL

URL: http://instagram.com/WindowsCentral?utm_source=wc&utm_medium=burger&utm_campaign=navigation
Title: i

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: © Future US, Inc.

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/terms-conditions/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/privacy-policy?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/cookies-policy?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: http://yourfuturejob.futureplc.com/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/services/endorsement-licensing/?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Licensing

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/accessibility-statement?utm_source=wp&utm_medium=drawer&utm_campaign=navigation
Title: Accessibility Statement

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/?utm_source=wp&utm_medium=footer&utm_campaign=navigation
Title: © Future US, Inc.

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/terms-conditions/?utm_source=wp&utm_medium=footer&utm_campaign=navigation
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/privacy-policy?utm_source=wp&utm_medium=footer&utm_campaign=navigation
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/cookies-policy?utm_source=wp&utm_medium=footer&utm_campaign=navigation
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: http://yourfuturejob.futureplc.com/?utm_source=wp&utm_medium=footer&utm_campaign=navigation
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/services/endorsement-licensing/?utm_source=wp&utm_medium=footer&utm_campaign=navigation
Title: Licensing

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/accessibility-statement?utm_source=wp&utm_medium=footer&utm_campaign=navigation
Title: Accessibility Statement

Search URL Search Domain Scan URL

URL: https://www.futureplc.com/services/advertising/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/uqY78Nqx6F Page URL
https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://futureplc-com.videoplayerhub.com/galleryplayer.js HTTP 301
https://btloader.com/tag?h=futureplc-com&upapi=true

Request Chain 78

https://sb.scorecardresearch.com/p?c1=8&c2=15039634&c3=9&c4=n6aekmb1&c7=https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware&c8=Microsoft%20says%20Windows%20under%20attack%20from%20Chinese%20threat%20actors%20using%20stealth%20malware%20%7C%20Windows%20Central&c9=https%3A%2F%2Ft.co%2F&cv=2.0&cj=1&ns__t=1650304652560 HTTP 302
https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=9&c4=n6aekmb1&c7=https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware&c8=Microsoft%20says%20Windows%20under%20attack%20from%20Chinese%20threat%20actors%20using%20stealth%20malware%20%7C%20Windows%20Central&c9=https%3A%2F%2Ft.co%2F&cv=2.0&cj=1&ns__t=1650304652560

Request Chain 79

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D3f853ca5-c093-4ff8-8455-efdca2ef7868 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D3f853ca5-c093-4ff8-8455-efdca2ef7868 HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B196D5AD-F18E-4F8C-8BA3-945CF0E41540&fid=3f853ca5-c093-4ff8-8455-efdca2ef7868

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=3f853ca5-c093-4ff8-8455-efdca2ef7868 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=3f853ca5-c093-4ff8-8455-efdca2ef7868&google_tc= HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=3f853ca5-c093-4ff8-8455-efdca2ef7868&google_gid=CAESEC09SWs9AiPzwEPxzGjqcfI&google_cver=1

Request Chain 82

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
https://s.cpx.to/sync?dsp_uid=63d3771c-222e-4fd3-97bb-8dc4e2b48710&dsp=TTD

Request Chain 83

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D3f853ca5-c093-4ff8-8455-efdca2ef7868&gdpr=0 HTTP 302
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=3f853ca5-c093-4ff8-8455-efdca2ef7868&gdpr=0&cklb=1

Request Chain 84

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12542%26ref%3Dhttps%253A%252F%252Ft.co%252F%26url%3Dhttps%253A%252F%252Fwww.windowscentral.com%252Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware%26hn_ver%3D40%26fid%3D3f853ca5-c093-4ff8-8455-efdca2ef7868 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12542%2526ref%253Dhttps%25253A%25252F%25252Ft.co%25252F%2526url%253Dhttps%25253A%25252F%25252Fwww.windowscentral.com%25252Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware%2526hn_ver%253D40%2526fid%253D3f853ca5-c093-4ff8-8455-efdca2ef7868 HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=3034105167916977054&pid=12542&ref=https%3A%2F%2Ft.co%2F&url=https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware&hn_ver=40&fid=3f853ca5-c093-4ff8-8455-efdca2ef7868

Request Chain 89

https://bcp.crwdcntrl.net/5/c=12464/rand=849272580/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=12464/rand=849272580/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr

Request Chain 90

https://sb.scorecardresearch.com/cs/10055482/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

93 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 uqY78Nqx6F
t.co/ 485 B
558 B 144ms
128ms Document
text/html 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/uqY78Nqx6F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 227
content-type: text/html; charset=utf-8
date: Mon, 18 Apr 2022 17:57:29 GMT
expires: Mon, 18 Apr 2022 18:02:30 GMT
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 4732012649f630c635070df36398fbbd54137068ce97ae21f0090844c227eeb3
x-response-time: 121
x-xss-protection: 0

GET
H2 200 Primary Request microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware Show response
www.windowscentral.com/ 142 KB
32 KB 1144ms
1106ms Document
text/html 2606:4700::6812:bd37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware

Requested by

Host: t.co
URL: https://t.co/uqY78Nqx6F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bd37 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bb75d5045112e96f213b110ad294dc8ff2b1607445c02e3cfbfd35fed8bfff3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://t.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=300, s-maxage=21600
cf-cache-status: MISS
cf-ray: 6fdf48835967cc4e-ZRH
content-encoding: gzip
content-language: en
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Mon, 18 Apr 2022 17:57:31 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Mon, 18 Apr 2022 18:02:31 GMT
last-modified: Mon, 18 Apr 2022 17:57:31 GMT
link: <https://www.windowscentral.com/sites/wpcentral.com/files/styles/large/public/field/image/2022/01/microsoft-logo-2022.jpg>; rel="image_src",<https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware>; rel="canonical",<https://www.windowscentral.com/node/91631>; rel="shortlink"
mn-server-ip: 73
permissions-policy: interest-cohort=()
server: cloudflare
strict-transport-security: max-age=86400
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 microsoft-logo-2022.jpg
www.windowscentral.com/sites/wpcentral.com/files/styles/large_wm_brw/public/field/image/2022/01/ 169 KB
170 KB 965ms
964ms Image
image/jpeg 2606:4700::6812:bd37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/wpcentral.com/files/styles/large_wm_brw/public/field/image/2022/01/microsoft-logo-2022.jpg
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fc82d3fd2e62e9152b6dc727bc336fcba6f894cf835c6d6938e26c83ec4f7b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Jan 2022 16:58:15 GMT
server: cloudflare
etag: "61f420a7-2a5c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6fdf488a5938cc4e-ZRH
content-length: 173513
expires: Thu, 19 May 2022 17:57:32 GMT

GET
H2 200 l
use.typekit.net/af/6d4bb2/00000000000000003b9acafc/27/ 26 KB
26 KB 93ms
14ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e053
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6d4bb2/00000000000000003b9acafc/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e053 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: da03f140d305f2abdf496bdd3fad9cfed87a237cf09f6a2edcec58bc5a1f044d

Request headers

Referer: https://www.windowscentral.com/
Origin: https://www.windowscentral.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:31 GMT
server: nginx
etag: "7d4a321fb4284bed9856c33aee6c065aba0855a7"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26392

GET
H2 200 fa-solid-900.woff2
www.windowscentral.com/sites/all/fonts/fontawesome-min/ 8 KB
8 KB 32ms
30ms Font
application/octet-stream 2606:4700::6812:bd37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/all/fonts/fontawesome-min/fa-solid-900.woff2
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd23f77e0f2633a6eb7eab764d98ab21a0ae46fe92d169262b52ffefd1dcf16c

Request headers

Referer: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Origin: https://www.windowscentral.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:31 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 15:02:52 GMT
server: cloudflare
age: 1685712
etag: "62349f1c-1ff4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6fdf488a5939cc4e-ZRH
content-length: 8180
expires: Sat, 30 Apr 2022 05:42:19 GMT

GET
H2 200 mona-icons.ttf
www.windowscentral.com/sites/all/fonts/ 2 KB
2 KB 33ms
32ms Font
application/octet-stream 2606:4700::6812:bd37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/all/fonts/mona-icons.ttf
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2f14c14f8b1cc9659e849b3db6b22410b5641152120e50e5a1292d78016016c

Request headers

Referer: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Origin: https://www.windowscentral.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:31 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 15:02:25 GMT
server: cloudflare
age: 1623092
etag: "62349f01-70c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6fdf488a593acc4e-ZRH
content-length: 1804
expires: Sat, 30 Apr 2022 23:05:58 GMT

GET
H2 200 6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js Show response
6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/ 867 KB
241 KB 93ms
38ms Script
application/javascript 2606:4700::6812:451
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:451 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4d30c76f6c4f12662e2a140e5900c3f0a68776ed72f22d3fd626d6b9b7218d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 6093eccf-6734-4877-ac8b-83d6d0e27b46
age: 2778
x-guploader-uploadid: ADPycdtuXW85I6ILYTJM33ohqXQilnpTAgIbhEyetcsK2knmP7iqGwazo2d5jaoUt58cdDAVTDQhEaOD7vrV7dgPYlJSeQ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Thu, 14 Apr 2022 17:04:53 GMT
server: cloudflare
etag: W/"1454d9e9f2733e146d781cb6fff2d502"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=H+2eRA==, md5=FFTZ6fJzPhRteBy2//LVAg==
x-goog-generation: 1649955893417392
cache-control: public, max-age=900
x-goog-stored-content-length: 252734
cf-ray: 6fdf488b2ab301f8-ZRH
expires: Mon, 18 Apr 2022 18:12:32 GMT

GET
H2 200 freyr.js Show response
freyr.futurecdn.net/ 69 KB
17 KB 87ms
29ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://freyr.futurecdn.net/freyr.js

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

b25590ed0eb80f9d4324448b2f2be99e6b7c73affaaed9625d1643826fe218c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 09:43:15 GMT
server: nginx/1.19.0
etag: W/"6242d4b3-11540"
strict-transport-security: max-age=15724800; includeSubDomains
freyr-version: 4.0.0
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1678
accept-ranges: bytes
content-length: 17557
x-hw: 1650304652.cds067.lo4.hn,1650304652.cds228.lo4.c

GET
H2 200 js__n7HQ4TG1EEZYz2tjiNVR6cVScwcUWaE3qTK3TEDs0X4__0q2wZs_Du6XgivdmkEtGm64iEdYt-B97Ol6Y6U5KYRA__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.js Show response
www.windowscentral.com/sites/wpcentral.com/files/advagg_js/ 194 KB
64 KB 35ms
34ms Script
application/x-javascript 2606:4700::6812:bd37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_js/js__n7HQ4TG1EEZYz2tjiNVR6cVScwcUWaE3qTK3TEDs0X4__0q2wZs_Du6XgivdmkEtGm64iEdYt-B97Ol6Y6U5KYRA__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47574b2437bb834db5f02f5c5e4952fe1a2b6313348dd6cfbcecfaa579f704d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Jan 2022 21:39:00 GMT
server: cloudflare
age: 764169
etag: W/"61d76174-3aba1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Tue, 10 May 2022 21:41:22 GMT
cache-control: max-age=2678400
cf-polished: origSize=240545
cf-ray: 6fdf488a593bcc4e-ZRH
cf-bgj: minify

GET
H2 200 js__c0wIEn2kbwfSABNH37FFHYYM7mCF9kYLDVp5KdHQI30__Pr-ynne3WA3SaozEBe8Rs0OElNLarFAb10Yxr7wDwvw__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.js Show response
www.windowscentral.com/sites/wpcentral.com/files/advagg_js/ 21 KB
6 KB 32ms
31ms Script
application/x-javascript 2606:4700::6812:bd37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_js/js__c0wIEn2kbwfSABNH37FFHYYM7mCF9kYLDVp5KdHQI30__Pr-ynne3WA3SaozEBe8Rs0OElNLarFAb10Yxr7wDwvw__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dedf0005af46ab90d7b42e76026288fc5a2ba67ce8ffae805f22e971f358c55b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 03 Feb 2021 22:05:42 GMT
server: cloudflare
age: 1340489
etag: W/"601b1e36-739a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Wed, 04 May 2022 05:36:02 GMT
cache-control: max-age=2678400
cf-polished: origSize=29594
cf-ray: 6fdf488a593ccc4e-ZRH
cf-bgj: minify

GET
H2 200 bordeaux.js Show response
bordeaux.futurecdn.net/ 293 KB
79 KB 78ms
22ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://bordeaux.futurecdn.net/bordeaux.js

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

26b19b50b1459f5c81dafdb46a5b5ec3930f77c1ce9f49df144351ced50f1256

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
content-encoding: gzip
last-modified: Thu, 07 Apr 2022 12:48:59 GMT
server: nginx/1.19.0
etag: W/"624eddbb-49310"
strict-transport-security: max-age=15724800; includeSubDomains
x-hw: 1650304652.cds085.lo4.hn,1650304652.cds240.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=501
accept-ranges: bytes
bordeaux-version: 4.20.1
content-length: 80387

GET
H2 200 tr
www.facebook.com/ 44 B
408 B 21ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1765793593738454&ev=PageView&noscript=1

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 18 Apr 2022 17:57:31 GMT

GET
H2 200 tr
www.facebook.com/ 44 B
213 B 22ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1765793593738454&ev=ViewContent&noscript=1

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 18 Apr 2022 17:57:31 GMT

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 18 KB
5 KB 218ms
28ms Script
text/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9379485b510d404dc953c886c69acc421789b085804b6148d2f30be9f8ff0880

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: .c4q720Weuo_WjGTYzrLUxh_yQPz7y2N
content-encoding: br
last-modified: Mon, 04 Apr 2022 09:26:10 GMT
x-amz-request-id: 8140PM927P3N3EEP
etag: "640674f5ff78aa716cb34f0cbeaf2d44"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
date: Mon, 18 Apr 2022 17:57:32 GMT
accept-ranges: bytes
content-length: 4724
x-amz-id-2: vR4mjXmkxNoUWRj+UKDAUsCA6MpkmKE8wSYol6U56GiqH01m4pJaB/sgo/sFB7h4RVAL42tGMYQ=

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/12464/ 38 KB
11 KB 32ms
6ms Script
application/json 18.66.97.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/12464/cc.js?ns=_cc12464
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94fe2acdde59c996a475902afadf127e555e25fb6aae6f8f93914b318de3e19d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 18 Apr 2022 08:45:09 GMT
content-encoding: gzip
last-modified: Wed, 11 Mar 2020 04:01:36 GMT
server: AmazonS3
age: 33143
etag: W/"60ae9e169e0216122e9d8bf94f8906db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 72WprB_bzEZjiIWauAPbUHdjElH6mNGyaM5a5C4KLRbvSsrfuPNWmA==

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://futureplc-com.videoplayerhub.com/galleryplayer.js
https://btloader.com/tag?h=futureplc-com&upapi=true

16 KB
6 KB

95ms
43ms

Script
application/javascript

2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=futureplc-com&upapi=true
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 067edf7df83e78af3ad8bd0b56325be772f837a5f9cb1f3c2d8a0f3d29da7f11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

cf-ray: 6fdf488c295b59d7-MXP
date: Mon, 18 Apr 2022 17:57:32 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 18 Apr 2022 15:35:16 GMT
server: cloudflare
age: 1214
etag: W/"2d7e1c91196267dbfe3b1e36e0f26e35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVtS8Ah%2BpGZC%2ByPTQdpbOnCWZoE7R9OXsUmGHr%2Blq%2F2sP48c0BQzU6PWkLBYEemSf%2F6g%2BlEmL8XhoOS2zGhP%2BATsbtlTSXj32BdvaUWJgOkBDPDY9WhQBxeT0WpAKGYi%2FVf8QXnMmwDkDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br

Redirect headers

date: Mon, 18 Apr 2022 17:57:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VESL%2F59Csp4WIz08OUGlq4jYf1Cw3TyOEBEWNzuHeptxI6LO3gOqMeoiCSueoga41sg7JT3o1WmLKy0oRGN2sEv7PZlszg%2FNuRBX5pwGdLoC03xs8Lb90p18f9kV2c%2FwnEe4gDtqGCinNDYyWhzalL8LSKqvSMW4o2USAiFc"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=futureplc-com&upapi=true
cache-control: max-age=3600
cf-ray: 6fdf488b5cc859ef-MXP
expires: Mon, 18 Apr 2022 18:57:32 GMT

GET
H2 200 glade.js Show response
securepubads.g.doubleclick.net/static/ 53 KB
16 KB 38ms
14ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/glade.js

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

25db43cdbafdfcb1e932d48d691a87835d88e898ef6817da85dba40cd3f7b2dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16024
x-xss-protection: 0
server: sffe
etag: "1642106280940716"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=1800, stale-while-revalidate=3600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 18 Apr 2022 17:57:31 GMT

GET
H2 200 js__0TtPV7tYtOKF8q4xu8UDn_i8ZNmArXKAaAgO1n7Dv5g__TInbTdXTj3bp0-SfE_ABqL935JSTUvmeOxcMURwHmxw__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.js Show response
www.windowscentral.com/sites/wpcentral.com/files/advagg_js/ 46 KB
14 KB 32ms
32ms Script
application/x-javascript 2606:4700::6812:bd37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_js/js__0TtPV7tYtOKF8q4xu8UDn_i8ZNmArXKAaAgO1n7Dv5g__TInbTdXTj3bp0-SfE_ABqL935JSTUvmeOxcMURwHmxw__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cf5396993e4b7b8e74c4bd348756f51104cc01ce20b5f7a193a45ec47574c63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Sep 2021 14:10:28 GMT
server: cloudflare
age: 1395852
etag: W/"61532254-fc7e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Tue, 03 May 2022 14:13:19 GMT
cache-control: max-age=2678400
cf-polished: origSize=64638
cf-ray: 6fdf488ad9d2cc4e-ZRH
cf-bgj: minify

GET
H2 200 css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
www.windowscentral.com/sites/wpcentral.com/files/advagg_css/ 297 KB
48 KB 49ms
49ms Stylesheet
text/css 2606:4700::6812:bd37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c84a5b9e09825082ba7b583fddf8abca5efbdd05eb7beb7d9e2abdfcebda332c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Aug 2021 16:03:53 GMT
server: cloudflare
age: 2425589
etag: W/"611a8c69-4a370"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Thu, 21 Apr 2022 16:11:02 GMT
cache-control: max-age=2678400
cf-polished: origSize=303984
cf-ray: 6fdf488ad9d8cc4e-ZRH
cf-bgj: minify

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/mobilenations1-network/ 464 KB
37 KB 22ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/mobilenations1-network/loader.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17077ffaf689a4f07028a1d15ea2a54fd4189707578ed0b3acdfdda59aa0362d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: VQP7d3JevNKNP6SF2BZYHUKjliGg_h0g
content-encoding: gzip
etag: "edbc206f76b26e2776209d17e082d043"
age: 113
x-cache: HIT
content-length: 37867
x-amz-id-2: m/2dlReXvRn0ZzVlxlwcRNFdEbUrKmBM98MIQUu37DDGXLiuvLmen5Kc7RHp7+8yjhiV71Oqlqc=
x-served-by: cache-hhn4036-HHN
last-modified: Mon, 18 Apr 2022 09:04:08 GMT
server: AmazonS3
x-timer: S1650304652.983639,VS0,VE1
date: Mon, 18 Apr 2022 17:57:31 GMT
vary: Accept-Encoding
x-amz-request-id: C2ZPF5QYAYFKCFQ5
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 39
x-cache-hits: 1

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/uer8ZPXHG8WDU/www.windowscentral.com/ 5 KB
2 KB 89ms
37ms Script
application/javascript 2600:9000:225a:c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/uer8ZPXHG8WDU/www.windowscentral.com/choice.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225a:c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0bd4246cc88ea9a0f90dc318e0ff3c42b4ab6da779c6557f00ca1d5d404408fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 18 Apr 2022 17:57:32 GMT
content-encoding: br
last-modified: Thu, 07 Apr 2022 11:02:22 GMT
server: AmazonS3
age: 19
etag: W/"87b4fb495aec618afd1d86b9dc9387f2"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 11928875e072fa46f6185840ed222a20.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: oIislbBQYZnUTGsyE0QDMujBRy6EMFWzgXw2pKQYwcqT2nKmLfG7xQ==

GET
H2 200 analytics.js Show response
www.windowscentral.com/sites/wpcentral.com/files/googleanalytics/ 49 KB
20 KB 31ms
31ms Script
application/x-javascript 2606:4700::6812:bd37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/wpcentral.com/files/googleanalytics/analytics.js?raao42
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c21173e97cdde5579f5144813a24b7e406ad2a6a483da2cd18b864a8d2ecc40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 09 Nov 2021 18:56:28 GMT
server: cloudflare
age: 423903
etag: W/"618ac45c-c41d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
expires: Sat, 14 May 2022 20:12:28 GMT
cache-control: max-age=2678400
cf-polished: origSize=50205
cf-ray: 6fdf488ad9d5cc4e-ZRH
cf-bgj: minify

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/mobilenations1-windowcentral/ 62 KB
16 KB 10ms
9ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/mobilenations1-windowcentral/newsroom.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e4f5f3bc3d6c472382dc6ae414a1d2558fc9fd1fe4ec4c7ae7d3adc8957d438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "1dbadc531dcc54906bcc5f5e1fe01430"
age: 70
x-cache: HIT
content-length: 16437
x-amz-id-2: jJ5hwbDJEXTRTs/PmlQLv9v9nqchMUoso5ioULqNBU4eH4yiJhMLyXFG3sINrYVsSbAkjGcPZOk=
x-served-by: cache-hhn4036-HHN
last-modified: Fri, 04 Sep 2020 23:39:59 GMT
server: AmazonS3
x-timer: S1650304652.992755,VS0,VE1
date: Mon, 18 Apr 2022 17:57:31 GMT
vary: Accept-Encoding
x-amz-request-id: 4GNSPXDPMZQDP57Y
via: 1.1 varnish
cache-control: max-age=14400
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 wc-logo-color.svg
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 5 KB
2 KB 26ms
26ms Image
image/svg+xml 2606:4700::6812:bd37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/wc-logo-color.svg?reload
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577c6dfe3ebcb5435b28de78f9112774f8910e67e889aad87895daf6cd1a9f44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 15:02:30 GMT
server: cloudflare
age: 1337146
etag: W/"62349f06-121f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 6fdf488ad9dfcc4e-ZRH
expires: Wed, 04 May 2022 06:31:45 GMT

GET
H2 200 l
use.typekit.net/af/46da36/00000000000000003b9acaf6/27/ 26 KB
26 KB 92ms
92ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e053
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/46da36/00000000000000003b9acaf6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e053 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 464b561ee00c86db1cddb80f2c9d6febbc2c1aa95f422fa73a4fb8ef7d5d5028

Request headers

Referer: https://www.windowscentral.com/
Origin: https://www.windowscentral.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
server: nginx
etag: "de29fb2e3e401b15877c6b3a0953702fe7fa1105"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26812

GET
H2 200 l
use.typekit.net/af/027dd4/00000000000000003b9acafa/27/ 26 KB
26 KB 58ms
57ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e053
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/027dd4/00000000000000003b9acafa/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e053 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 00f7d628d0c49b1b0d512c3c56d16cc8d0ac222e7437efea750b584083c053dd

Request headers

Referer: https://www.windowscentral.com/
Origin: https://www.windowscentral.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
server: nginx
etag: "37da2a6b18214f547dbbc4036f830d9caa1b9787"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26676

GET
H2 200 3x1.png
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 38 B
291 B 30ms
30ms Image
image/webp 2606:4700::6812:bd37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/3x1.png
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0df08e3ece6f39b3ab5126853be9ebe1219123e742136dec9d153452d5aa1159

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
cf-cache-status: HIT
age: 911014
cf-polished: origFmt=png, origSize=70
content-disposition: inline; filename="3x1.webp"
content-length: 38
last-modified: Fri, 18 Mar 2022 15:02:30 GMT
server: cloudflare
etag: "62349f06-46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Mon, 09 May 2022 04:53:58 GMT
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6fdf488b3a45cc4e-ZRH
cf-bgj: imgq:85,h2pri

GET
H2 200 1x1.png
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 38 B
184 B 38ms
38ms Image
image/webp 2606:4700::6812:bd37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/1x1.png
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f03b278147f8f0bbfd56ebe73d183470ec71d18512c2d24bea55212bbe724e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
cf-cache-status: HIT
age: 917115
cf-polished: origFmt=png, origSize=68
content-disposition: inline; filename="1x1.webp"
content-length: 38
last-modified: Fri, 18 Mar 2022 15:02:30 GMT
server: cloudflare
etag: "62349f06-44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Mon, 09 May 2022 03:12:17 GMT
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6fdf488b3a47cc4e-ZRH
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12542/ 2 KB
2 KB 154ms
32ms Script
application/javascript 52.215.1.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12542/px.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.1.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-1-116.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f42e1cd6c29e600d1e67f3a4a315f29d13875e15ec3c6413eb9b4ec76929b528

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 17:57:31 GMT
Cache-Control: max-age=2419200, public
Connection: keep-alive
Content-Length: 1769
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 27ms
9ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5d46dc72a7e91646d4867cd6689a12be02c5f9a56ad79795b8b95eca258e6e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: SwmMbOsIGwunumqxUqfRyA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Mon, 18 Apr 2022 18:13:11 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 3FZW0tqNGuc8kTlMUfWn019SqaKIKCLZBAuHSmbPc5VoO+1svhnktgNWG7eMRlU6Fd5yZBxC7OAWV4S1aRdksQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 4b79de308216ac7698993f3b839aee16
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 18 Apr 2022 17:57:32 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "d43b4529c0d26a2149c6ffa659d01247"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 71ms
7ms Script
application/javascript 143.204.101.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-50.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 08:42:53 GMT
Via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
Age: 33279
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/javascript
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: sUgXLpflYRuFVtAaC9C9FuAQDXXgKHFpa_xHx0KrporUwJDlVAXmFg==
Expires: Tue, 19 Apr 2022 08:42:53 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 72ms
10ms Script
application/javascript 2620:116:800d:21:fcb8:22d2:d390:5f1b
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 25 Apr 2022 17:57:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 83 KB
33 KB 51ms
18ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N9VHS7

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

923590a665c884affc3b51c0948afa97b0e0b65724104ad1634915a3105f3b67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33124
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Apr 2022 17:57:32 GMT

GET
H2 200 mona.js Show response
search-api.fie.futurecdn.net/js/w/es6/ 389 KB
126 KB 49ms
13ms Script
application/javascript 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://search-api.fie.futurecdn.net/js/w/es6/mona.js

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0f507045398a529b76fa0de28f329699590b881503633f2cea95a87013359da6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.windowscentral.com/
Origin: https://www.windowscentral.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
content-encoding: gzip
x-hawk-country
xkey: asset-type-fie-widgets
age: 993
x-ftr-backend-server: fievarnishprodwhite
x-hawk-area: DE
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
content-length: 128592
x-ftr-expires: Mon, 18 Apr 2022 16:00:28 GMT
x-ftr-balancer: hawk-proxy-185-113-25-36
x-cache: HIT, HIT
x-ftr-request-id: 00000000:AC18_00000000:01BB_625D8672_1321924:3C1D
last-modified: Wed, 13 Apr 2022 13:10:44 GMT
x-timer: S1650304652.074070,VS0,VE1
etag: "6256cbd4-6120d"
x-served-by: cache-lon4224-LON, cache-hhn4054-HHN
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges: bytes
access-control-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 tag.aspx Show response
ml314.com/ 31 KB
32 KB 34ms
5ms Script
application/javascript 34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?1832022
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 75d893335a1d25db1bf02e25ab904d97a3af743128850d8566b93d197e56e9e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:12:50 GMT
age: 2682
x-guploader-uploadid: ADPycdvpIDeWbtzqW6vfk3mjVAjSuqiXpOGS24e8Y6Bgktgo0Akhw_Kvgq8MsIeFlfxo-TE_wbcQlOpHUGQIEmhwkydQLNWTufeM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 32025
last-modified: Mon, 04 Apr 2022 15:43:44 GMT
server: UploadServer
cache-control: public,max-age=3600
etag: "25b1f355dd487bdf5381a749056080c4"
x-goog-hash: crc32c=dPpbog==, md5=JbHzVd1Ie99TgadJBWCAxA==
x-goog-generation: 1649087024620619
cache-id: FRA-fa985ced
x-cache-hit: hit
x-goog-stored-content-length: 32025
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 web-vitals.js Show response
unpkg.com/web-vitals@2.0.1/dist/ 5 KB
2 KB 70ms
27ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@2.0.1/dist/web-vitals.js?module

Requested by

Host: t.co
URL: https://t.co/uqY78Nqx6F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

45b6640b10629fe0dcec64d3031726d9841d5504280f8be01f2d5ca2f31f5cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.windowscentral.com/
Origin: https://www.windowscentral.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23523952
x-powered-by: Express
content-encoding: br
vary: Accept-Encoding
fly-request-id: 01FB1TYRG5AHDG3FXF3XT86SR7
server: cloudflare
etag: W/"13f0-FB5AIG1d3V3SKXQC+aDRC1j67uc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6fdf488b9ebb01f0-ZRH

GET
H2 200 load.js Show response
widget.perfectmarket.com/mobilenations1-network/ 3 KB
2 KB 29ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/mobilenations1-network/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mobilenations1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad1cd9c9fd8f0eb0c9e41a7683654a834d6da5e3ba132f70096b7929e79eb298

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: J4XuLknNLAuC7N4qV0D8ae6KQwP3.A6b
content-encoding: gzip
etag: "685ca634ee38daf89f4b9f310d082b34"
age: 232
x-cache: HIT, HIT
content-length: 1106
x-amz-id-2: +e4zLGwe7dK0NvxiMom2nmXgaPElORJEM2D90370e+pfPFEYL2biyWaXIQCYUbjNgVCKw0aXqfk=
x-served-by: cache-lax10621-LGB, cache-hhn4071-HHN
last-modified: Thu, 28 Feb 2019 04:56:18 GMT
server: AmazonS3
x-timer: S1650304652.108576,VS0,VE1
date: Mon, 18 Apr 2022 17:57:32 GMT
vary: Accept-Encoding,,
x-amz-request-id: D8PAZ862XWM8GTPN
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 impl.20220418-3-RELEASE.es5.js Show response
cdn.taboola.com/libtrc/ 701 KB
135 KB 13ms
11ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220418-3-RELEASE.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mobilenations1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 52ff2a623c77412b9c7f27ee7d24bd125b1e3dd37450c45fe373e0627824b9ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: a.XepnKhY2ILW._QJ7_BWyOl1ij9P8Wm
content-encoding: br
etag: "f7559ef9aedce359d2c5a06c1b33526e"
age: 4186
x-cache: HIT
content-length: 137923
x-amz-id-2: z1JQkwu7IlXqSBk33KR4qWXJCbiFXtcMesq49XTKHgXehUf6h6QBROAkJEuF+8mT5uJ9w7lm4UU=
x-served-by: cache-hhn4036-HHN
last-modified: Mon, 18 Apr 2022 08:46:57 GMT
server: AmazonS3-br
x-timer: S1650304652.072090,VS0,VE0
date: Mon, 18 Apr 2022 17:57:32 GMT
vary: Accept-Encoding
x-amz-request-id: YMADS9SG9VG0AB14
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 32
x-cache-hits: 2150

GET
H2 200 services.js Show response
js.gumgum.com/ 101 KB
38 KB 44ms
13ms Script
application/javascript 13.225.80.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.gumgum.com/services.js
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-85.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74d4fe26abff96aadb849dea507e94f1d944bfb805ef7e410b5024dea3f6ba44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: x2K86VUv8V2AugygglVmCLHCn.JPitub
content-encoding: gzip
etag: W/"1107b8738b70282a38d77bad4b1e2bfa"
age: 8149
x-cache: Hit from cloudfront
x-amz-meta-timing-allow-origin: *
x-amz-meta-access-control-allow-origin: *
last-modified: Thu, 07 Apr 2022 10:25:15 GMT
server: AmazonS3
date: Mon, 18 Apr 2022 15:48:36 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: MWNz06nfrhE6LJQXFl_U5KuXHqfkQF9tOqfwPGbnnQ3pwaqXfDi73g==

GET
H2 200 door.js Show response
uk-script.dotmetrics.net/ 8 KB
3 KB 133ms
50ms Script
application/javascript 18.66.2.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uk-script.dotmetrics.net/door.js?id=5257
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-26.txl50.r.cloudfront.net
Software: Kestrel /
Resource Hash: 1b9c957f00c749468844c08b973dc98f8cd6302fc2aa4c9f6380f84d6bcc21a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
content-encoding: br
server: Kestrel
x-amz-cf-pop: TXL50-P1
etag: "5257...199.2022041817"
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 634cb8ef257d85d9d03b5a4d492df944.cloudfront.net (CloudFront)
cache-control: private
content-type: application/javascript
x-amz-cf-id: goHyEFstMZih-NkDBYDsuT9GZBs23jkDnN19UOUvwtshjh3MTnJsVw==

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/googleanalytics/analytics.js?raao42

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 18 Apr 2022 18:39:41 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 38ms
17ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.windowscentral.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/static/glade.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Apr 2022 17:57:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 39ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.windowscentral.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/static/glade.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Apr 2022 17:57:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 hybrid_id Show response
ads.servebom.com/ 43 B
360 B 191ms
124ms Fetch
application/json 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servebom.com/hybrid_id
Requested by: Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 1e29efc65ac0c1ae65a7a773507beb076bc946c0ffaade21298d1302cfa15901

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: https://www.windowscentral.com
date: Mon, 18 Apr 2022 17:57:32 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 69
x-hw: 1650304652.cds076.lo4.hn,1650304652.cds072.lo4.sc,1650304652.cds072.lo4.p
content-type: application/json

GET
H2 200 config Show response
sommelier.futurehybrid.tech/ 5 KB
1 KB 181ms
40ms Fetch
application/json 52.50.139.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sommelier.futurehybrid.tech/config?r=376&tpl=normal&l=https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware

Requested by

Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.50.139.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-139-7.eu-west-1.compute.amazonaws.com

Software

nginx/1.19.0 /

Resource Hash

fab2e6b042ec3920ace988314188075cf130ec5c8f9892bc8cddf94ac4ed7294

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 18 Apr 2022 17:57:32 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: nginx/1.19.0
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/json

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 283 KB
81 KB 19ms
11ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=366383dc22d60cba4b4018e999d68d77

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e30fd585b3bc0653779f162eeea77fe028930fa0bb5f3fde1706c29a0f1c3ded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.windowscentral.com/
Origin: https://www.windowscentral.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: YUdON6UyZK95okqynytvNQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Tue, 18 Apr 2023 17:13:40 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 82862
x-fb-rlafr: 0
x-fb-debug: 4B77EsnSYKorrF9ledy7aB2PxCUv4YNlrqBooiPDwHR8eDQqW6k0Rsk99SO3BzQR0XNo8rAGPcb0MvBvEyyL3g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 4cf7740eaf1803e395b4947792f7f6a7
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 18 Apr 2022 17:57:32 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "eeda2813f117cdc2b304a56e1e92c01e"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/38/ 179 KB
44 KB 22ms
21ms Script
text/javascript 2600:9000:225a:c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/38/cmp2.js?referer=www.windowscentral.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/uer8ZPXHG8WDU/www.windowscentral.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225a:c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87a05e266719cffcabe1f5b046d7e6c0b095a2f35723e3d00b41d001b5b02ff0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:56:54 GMT
content-encoding: br
age: 42
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 06 Jan 2022 15:09:26 GMT
server: AmazonS3
etag: W/"c29546e2a6954891b2b97d808459afe6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 11928875e072fa46f6185840ed222a20.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-meta-qc-ineu: True
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: wuWc9ktBJHNKU6wUeknpACPsK_C7xe7QuWHPGT6WXDoQHjcoUzZ3kQ==

GET
BLOB 200
OK 590ec10a-7022-4f10-bd75-58ce559e2dbf
https://www.windowscentral.com/ 590 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.windowscentral.com/590ec10a-7022-4f10-bd75-58ce559e2dbf
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e233fa437ca8020631b91098a50cf0752b2c21e79bcaf08f088150f5a10ca0ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 603951

GET
H3 200 extra_38.js Show response
securepubads.g.doubleclick.net/static/glade/ 6 KB
2 KB 40ms
20ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/glade/extra_38.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/static/glade.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

aed98a9e46eb03e8f84c07f12241c32a436c87ebf56fc65d7d5ec14ae4f98bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 11:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24638
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2404
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 20:36:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 18 Apr 2023 11:06:54 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/windowscentral.com/ 47 KB
18 KB 91ms
22ms Script
application/javascript 18.64.87.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/windowscentral.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.87.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-87-36.txl50.r.cloudfront.net
Software: nginx /
Resource Hash: 5193e47e28655d2fc5b3dfc953deb76a214496204d95866998ddcd24f1700544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: public
date: Mon, 18 Apr 2022 04:31:54 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 17:08:16 GMT
server: nginx
age: 48338
etag: W/"603d1f80-bd33"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0cd2c3fbaf7659321a893cd5ab933aa4.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: VqutfMakkRwzeYNV1-Y2DB6z1SYP8X2Hzzg7GK1s8G4nPtzLIoWKmg==
expires: Tue, 19 Apr 2022 04:31:54 GMT

GET
H2 200 rules-p-ebutdjFEkjMk-.js Show response
rules.quantcount.com/ 3 B
429 B 54ms
8ms Script
application/javascript 2600:9000:2491:3600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-ebutdjFEkjMk-.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:3600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:50:29 GMT
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
age: 44475
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 21:03:35 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P7
accept-ranges: bytes
x-amz-cf-id: OLNOzoaOui-QdUXE_o8hjwTi_th2q6wA0zx_SAVrlInWnDdSvvkXBg==

GET
H2 200 rules-p-8bC03lZwjgqy2.js Show response
rules.quantcount.com/ 3 B
429 B 54ms
9ms Script
application/javascript 2600:9000:2491:3600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-8bC03lZwjgqy2.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:3600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 16:50:29 GMT
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
age: 46262
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:13:13 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P7
accept-ranges: bytes
x-amz-cf-id: snMaTwT9tYYgcqum6RgyofF9Nj3ZDlAEIK3WlRETQbwSscW6yD0x_A==

GET
H2 200 rules-p-uer8ZPXHG8WDU.js Show response
rules.quantcount.com/ 1 KB
1 KB 53ms
8ms Script
application/javascript 2600:9000:2491:3600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-uer8ZPXHG8WDU.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:3600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd058e51526b3cec4f24d62da25e068dddd98f10809f5f46cde0013c006d8607

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:05:30 GMT
content-encoding: gzip
age: 3124
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Tue, 13 Jul 2021 15:45:03 GMT
server: AmazonS3
etag: W/"0c287fb1be55ca2e77fb3cd36cbe5ae8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: E-bDFkq_P_T_Vu8I9Np5VXqZp369FlcR3l8gOXxVmFjiq9Leez_VYw==

GET
H2 200 pmk-201901001.3.js Show response
widget.perfectmarket.com/mobilenations1-network/ 117 KB
32 KB 13ms
13ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/mobilenations1-network/pmk-201901001.3.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/mobilenations1-network/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b6fd7add250b3e434d5a9c18270214db91b8c87ad8550eb77aff2780fdd5ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: bfUibajn8Hr9uOSWwagmUKVBmPbHEKOs
content-encoding: gzip
etag: "42798c9bd56143345cd9e74dcc5ac1b9"
age: 1151773
x-cache: HIT, HIT
content-length: 32077
x-amz-id-2: n1PDsenK+g6RX5ufYaL9W+/tQ79nFXRP9rL/Ku0FKEGz0JtmZIT+UYrfPCPXf3C7Am+K5dSWq1c=
x-served-by: cache-lax10622-LGB, cache-hhn4071-HHN
last-modified: Thu, 28 Feb 2019 04:56:18 GMT
server: AmazonS3
x-timer: S1650304652.278210,VS0,VE0
date: Mon, 18 Apr 2022 17:57:32 GMT
vary: Accept-Encoding,,
x-amz-request-id: D586JZ9CYFNEBBW6
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 60, 3

GET
H2 200 translations.php Show response
search-api.fie.futurecdn.net/ 32 KB
11 KB 20ms
19ms Fetch
application/json 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://search-api.fie.futurecdn.net/translations.php?language=en-US

Requested by

Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/mona.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6f27ead86675e282e4ab4bb981cede9beab7ab1d2e849e42643654cca896c1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
content-encoding: gzip
x-hawk-country
age: 812
x-ftr-backend-server: fievarnishprodred
x-hawk-area: DE
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: fie-api
x-ftr-cache-status: HIT
content-length: 10731
x-ftr-expires: Mon, 18 Apr 2022 18:03:59 GMT
x-ftr-balancer: hawk-proxy-185-113-25-40
x-cache: HIT, HIT
x-ftr-request-id: 00000000:A94E_00000000:01BB_625DA360_F6429:73B7
x-timer: S1650304652.297642,VS0,VE0
x-served-by: cache-lon4280-LON, cache-hhn4054-HHN
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/json; charset=utf-8;
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Hawk-Country,X-Hawk-Area
x-cache-hits: 1, 3

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 42ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1834006825&t=pageview&_s=1&dl=https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Microsoft%20says%20Windows%20under%20attack%20from%20Chinese%20threat%20actors%20using%20stealth%20malware%20%7C%20Windows%20Central&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAAIhAAAAAC~&jid=606781588&gjid=686861366&cid=1338041605.1650304652&tid=UA-1058506-1&_gid=912160996.1650304652&_r=1&_slc=1&cd1=full&cd2=default&cd3=true&cd4=C%3Aarticle%2CS%3Astandard%2CB%3Aaside%2CB%3Anofollow%2CB%3Aw400&cd12=microsoft%20news%2Cnews%2Cwindows&cd14=91631&z=1467912424

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/googleanalytics/analytics.js?raao42

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 17:57:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.windowscentral.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 38ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1834006825&t=pageview&_s=1&dl=https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Microsoft%20says%20Windows%20under%20attack%20from%20Chinese%20threat%20actors%20using%20stealth%20malware%20%7C%20Windows%20Central&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACAIhBAAAAC~&jid=2102228424&gjid=284067375&cid=1338041605.1650304652&tid=UA-4245582-4&_gid=912160996.1650304652&_r=1&_slc=1&cd1=full&cd2=Microsoft%20News&cd3=true&cd4=C%3Aarticle%2CS%3Astandard%2CB%3Aaside%2CB%3Anofollow%2CB%3Aw400&cd6=microsoft%20news%2Cnews%2Cwindows&cd8=0&cd9=91631&cd10=242&z=1685511541

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/googleanalytics/analytics.js?raao42

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 17:57:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.windowscentral.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo-future.png
www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/ 938 B
1 KB 31ms
30ms Image
image/webp 2606:4700::6812:bd37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windowscentral.com/sites/all/themes/mbn2_twig/assets/images/logo-future.png
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b4c22fb31bd965bc428138e49e4771d006b018b88237f9900ab3d35b2b5ad6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
cf-cache-status: HIT
age: 1018091
cf-polished: origFmt=png, origSize=2774
content-disposition: inline; filename="logo-future.webp"
content-length: 938
last-modified: Fri, 18 Mar 2022 15:02:30 GMT
server: cloudflare
etag: "62349f06-ad6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 07 May 2022 23:09:21 GMT
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6fdf488d1c7bcc4e-ZRH
cf-bgj: imgq:85,h2pri

GET
H2 200 fa-brands-400.woff2
www.windowscentral.com/sites/all/fonts/fontawesome-min/ 3 KB
3 KB 32ms
32ms Font
application/octet-stream 2606:4700::6812:bd37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/all/fonts/fontawesome-min/fa-brands-400.woff2
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ee7c770102f566fd1b43746cb510d4beeac6838428d8e73c108ad34a942e62

Request headers

Referer: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
Origin: https://www.windowscentral.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 15:02:52 GMT
server: cloudflare
age: 1685713
etag: "62349f1c-aa4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6fdf488d1c7dcc4e-ZRH
content-length: 2724
expires: Sat, 30 Apr 2022 05:42:19 GMT

GET
H2 200 fa-light-300.woff2
www.windowscentral.com/sites/all/fonts/fontawesome-min/ 10 KB
11 KB 30ms
29ms Font
application/octet-stream 2606:4700::6812:bd37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/all/fonts/fontawesome-min/fa-light-300.woff2
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00f51b719a573dfa2938413394e4b37664f52cb517a443b422d3bb2d4b2c7586

Request headers

Referer: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
Origin: https://www.windowscentral.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 15:02:52 GMT
server: cloudflare
age: 1340662
etag: "62349f1c-29b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6fdf488d1c7ecc4e-ZRH
content-length: 10672
expires: Wed, 04 May 2022 05:33:10 GMT

GET
H2 200 fa-regular-400.woff2
www.windowscentral.com/sites/all/fonts/fontawesome-min/ 10 KB
10 KB 31ms
31ms Font
application/octet-stream 2606:4700::6812:bd37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windowscentral.com/sites/all/fonts/fontawesome-min/fa-regular-400.woff2
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1371d0f926a79debf9bb4be641ae6600ad41e6b27b6cc007f9ec30257160ed0

Request headers

Referer: https://www.windowscentral.com/sites/wpcentral.com/files/advagg_css/css__6Uwog9rDP_LyjBChMl65edelxMcXiiz8pBvY4cPTsxw__dFQ6AS_Sq8-8AzJDte5Uit_n4gOskvGxGalUo8JCGt4__-hrOzNKBWnRpd6oI03ihHywytuGoABlgfyr1ULxhHPA.css
Origin: https://www.windowscentral.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Mar 2022 15:02:52 GMT
server: cloudflare
age: 1340071
etag: "62349f1c-27e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 6fdf488d1c81cc4e-ZRH
content-length: 10208
expires: Wed, 04 May 2022 05:43:01 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
933 B 80ms
30ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Mon, 18 Apr 2022 17:57:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 195022
x-guploader-uploadid: ADPycdsowQJ6rURy0co-EY7MiGa-FXGKSILS5iwWt29vuA9fRE8DXui98HJH3YFUF5RSMBoBt4VUCGnp1MbaL2XDYWw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTZ9yLZwxIEsc88XGvKu8IOh9EqTSY3jisVgYe015F%2BbN7Zv4lYR3AC7q7OPpvMl10MQP4HqqGHSETQ1%2F3YpAdMDSseAH0nxuBx4Mr08J5Iv2hK%2FXAy45LI7IywSae27u8KdsjMUYMz2sucJSA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 6fdf488d8e32e8f7-MXP
expires: Sat, 16 Apr 2022 12:24:00 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
338 B 98ms
48ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.6844432220591339
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Mon, 18 Apr 2022 17:57:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 195022
x-guploader-uploadid: ADPycdsowQJ6rURy0co-EY7MiGa-FXGKSILS5iwWt29vuA9fRE8DXui98HJH3YFUF5RSMBoBt4VUCGnp1MbaL2XDYWw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7i7uVih0p4mxYkJ6YNixHqC60npkdG0Df484Mfz1u%2FtDh1TMFjuXjYITShyfHR0ZAyXmLodAqYiODWqZVOYo0SRkz2uNwDqIfgjVXq4bpc4y76viOBul9WPhRgCthq4B1ls9o9FjrcOg%2BGtFw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 6fdf488d8e35e8f7-MXP
expires: Sat, 16 Apr 2022 12:24:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
444 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1058506-1&cid=1338041605.1650304652&jid=606781588&gjid=686861366&_gid=912160996.1650304652&_u=aGBAAAIgAAAAAC~&z=1675823838

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/googleanalytics/analytics.js?raao42

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 18 Apr 2022 17:57:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.windowscentral.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-4245582-4&cid=1338041605.1650304652&jid=2102228424&gjid=284067375&_gid=912160996.1650304652&_u=aGDACAIhBAAAAC~&z=1026783905

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/sites/wpcentral.com/files/googleanalytics/analytics.js?raao42

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 18 Apr 2022 17:57:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.windowscentral.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 9 KB
3 KB 62ms
12ms XHR
application/json 2600:9000:238d:4e00:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/38/cmp2.js?referer=www.windowscentral.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:4e00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1c9d79d4c1f7434241f585d6cda795673e9a883999631e6889c46d6e01681b1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 03:00:36 GMT
content-encoding: br
age: 53817
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Mon, 04 Apr 2022 19:52:29 GMT
server: AmazonS3
etag: W/"40af78ddd5428a8827297a3108ff0f96"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: ErQ4DdluPZ.uqNFyIPqTjQ9DZM7Y2Y6Q
via: 1.1 0e12b175c31e0e750266df78bf0e1068.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: AMS1-P1
content-type: application/json
x-amz-cf-id: OJPQeXdSaO1h1meKIwU6H9iyXFf6STv4HnPuWl3jsGeATJ54T9z3dA==

GET
H2 200 wp.min.css
search-api.fie.futurecdn.net/css/browser/ 5 KB
2 KB 20ms
7ms Stylesheet
text/css 151.101.130.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://search-api.fie.futurecdn.net/css/browser/wp.min.css

Requested by

Host: search-api.fie.futurecdn.net
URL: https://search-api.fie.futurecdn.net/js/w/es6/mona.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9dc039d6499f245fa5df5ef87eec8135ef1afddd555566042560c89dc61b1d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
content-encoding: gzip
x-hawk-country
xkey: asset-type-fie-widgets
age: 153
x-ftr-backend-server: fievarnishprodwhite
x-hawk-area: DE
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-backend: fie-assets
x-ftr-cache-status: HIT
content-length: 1669
x-ftr-expires: Mon, 18 Apr 2022 17:34:56 GMT
x-ftr-balancer: hawk-proxy-185-113-25-40
x-cache: HIT, HIT
x-ftr-request-id: 00000000:DD8E_00000000:01BB_625D9C99_5630A:73B6
last-modified: Wed, 13 Apr 2022 13:10:44 GMT
x-timer: S1650304652.406154,VS0,VE1
etag: "6256cbd4-1310"
x-served-by: cache-lon11666-LON, cache-hhn4032-HHN
strict-transport-security: max-age=31557600
content-type: text/css
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
cache-control: max-age=1200, stale-if-error=172800, stale-while-revalidate=172800
accept-ranges: bytes
access-control-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 25ms
7ms Script
application/javascript 99.86.7.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/mobilenations1-network/pmk-201901001.3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-79.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 02:43:36 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 54844
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: ILcNKpSc3IK-V1AP6YvWmurXF_vqRH_tueCfpeewwAb1vUr3aV-XGg==

GET
H2 200 services Show response
g2.gumgum.com/zones/n6aekmb1/ 443 B
900 B 115ms
39ms XHR
application/json 63.32.132.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/zones/n6aekmb1/services?dp=https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware&pu=https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware&ogu=https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware&rf=https%3A%2F%2Ft.co%2F&r=3.87.12&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.87.12%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=9830&bf=fd6626bab39ab23d2a3370e8d8131bb318cf204d&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1650304652405&to=0&vpii=false&vph=1200&vpw=1600&gdprApplies=0
Requested by: Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.132.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-132-64.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 303b24f8da43f3f0e5f597e9cfb5fa670ab9ae8e315ab3259a630aaf3bac06c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
content-encoding: gzip
server: nginx
etag: W/"05efc38581521d8561a18aae451cff2b1"
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.windowscentral.com
access-control-allow-credentials: true
timing-allow-origin: *

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 387ms
95ms Image
image/gif 34.194.161.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1650304652418&plid=68474404&idsite=windowscentral.com&url=https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware&urlref=https%3A%2F%2Ft.co%2F&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware&sref=https%3A%2F%2Ft.co%2F&sts=1650304652415&slts=0&title=Microsoft+says+Windows+under+attack+from+Chinese+threat+actors+using+stealth+malware+%7C+Windows+Central&date=Mon+Apr+18+2022+17%3A57%3A32+GMT%2B0000+(GMT)&action=pageview&pvid=13143586&u=pid%3D29fc37ec5786319fedd890613fe99121
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-161-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 17:57:32 GMT
Cache-Control: no-cache
Last-Modified: Monday, 18-Apr-2022 17:57:32 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 204 pv Show response
api.btloader.com/ 0
96 B 151ms
115ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=J0YKDJzv&w=6519085645955072&o=5682682429177856&cv=2.9.157-1-g9c0fea6&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware&upapi=true
Requested by: Host: futureplc-com.videoplayerhub.com
URL: https://futureplc-com.videoplayerhub.com/galleryplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 18 Apr 2022 17:57:32 GMT
cache-control: no-cache, no-store, must-revalidate
vary: Origin
alt-svc: clear
via: 1.1 google

GET
H2 200 cmp2ui-en.js Show response
quantcast.mgr.consensu.org/tcfv2/38/ 226 KB
58 KB 21ms
21ms Script
text/javascript 2600:9000:225a:c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/38/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/38/cmp2.js?referer=www.windowscentral.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225a:c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7fd77c2a1954dc2b757a6b8245a264a0422a70161f9566d997bac242f47d5bbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 18:51:52 GMT
content-encoding: gzip
age: 169541
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Thu, 06 Jan 2022 15:09:37 GMT
server: AmazonS3
etag: W/"d2e44b7f9549a166eb2f13551350fe5e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 11928875e072fa46f6185840ed222a20.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: k_j_lJuS-7JIiRwPYQ_IRsAaisPuRlgVwJ1NudkNhcj-oOrWPMsJog==

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 1 KB
2 KB 127ms
30ms Script
application/javascript 108.128.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12542&ref=https%3A%2F%2Ft.co%2F&url=https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware&hn_ver=40&fid=3f853ca5-c093-4ff8-8455-efdca2ef7868

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12542/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.98.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-98-123.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b8354647b68c85bdd1b5be2b760db050033407a99a8ff951f9ae6fbde2763da0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 18 Apr 2022 17:57:32 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 1121
Expires: Tue, 22 Mar 2022 17:28:09 UTC

GET
H2 200 vendor-list-trimmed-v1.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 288 KB
34 KB 60ms
21ms XHR
application/json 2600:9000:225a:c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/38/cmp2.js?referer=www.windowscentral.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225a:c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c19896ac0a9f3d1f75b8dea30ed6dee1114b31efa7b0045a30b043152be802bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 03:00:36 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 53817
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 18 Apr 2022 03:00:32 GMT
server: AmazonS3
etag: W/"fedb004d7e74ce252287c73bf6c53cda"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 15d276defa1bb032a264992771fcf3e4.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: 9J3IjuHXfB0FkuOTea2JE61DKY9kQkusANyHoYRksQ6RPTLbsdcT2A==

GET
H2 200 hit.gif
uk-script.dotmetrics.net/ 43 B
1 KB 48ms
47ms Image
image/gif 18.66.2.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uk-script.dotmetrics.net/hit.gif?id=5257&url=https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware&dom=www.windowscentral.com&r=1650304652457&pvs=1&pvid=21ac95b7-39bd-4219-92d2-d6a3e4260bf1&c=false
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-26.txl50.r.cloudfront.net
Software: Kestrel /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
dotmetrics-hit-status: 01 OK
server: Kestrel
x-amz-cf-pop: TXL50-P1
x-cache: Miss from cloudfront
p3p: policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 634cb8ef257d85d9d03b5a4d492df944.cloudfront.net (CloudFront)
cache-control: no-cache
content-type: image/gif
x-amz-cf-id: -yKeoCcEsRItLU_RF5mh6GIvnhyHOfMdEaKCSTalWs3VajTYk8UxsA==

GET
H2 200 hit.gif
rm-script.dotmetrics.net/ 807 B
1 KB 97ms
18ms Image
image/gif 2600:9000:225f:3400:d:5ce3:a4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rm-script.dotmetrics.net/hit.gif?id=5257&url=https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware&dom=www.windowscentral.com&r=1650304652457&pvs=1&pvid=21ac95b7-39bd-4219-92d2-d6a3e4260bf1&c=false
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:3400:d:5ce3:a4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:10:33 GMT
via: 1.1 2a449514cebabcf6ab64b86d6a229cfe.cloudfront.net (CloudFront)
last-modified: Mon, 04 Apr 2022 10:59:12 GMT
server: AmazonS3
age: 2820
etag: "e4f758e6322c8f8abfa1f6eba71ee873"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=86400
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-length: 807
x-amz-cf-id: U3ZvfndNnImam-WvX_x9uQHVwcV0GtC2_0ADfsmBclaLjWPIkB_Dyg==

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 153 KB
36 KB 75ms
38ms XHR
application/json 2600:9000:225a:c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/38/cmp2.js?referer=www.windowscentral.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225a:c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f200bcf9261646775132617515f713dadddbc35b310b94026892463adda7dd1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 03:00:29 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 53824
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 18 Apr 2022 03:00:26 GMT
server: AmazonS3
etag: W/"22688d3780b37d282d121e93bd589f30"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 15d276defa1bb032a264992771fcf3e4.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: 4Fr4IAMnNylxCrPi0xWps7UXB2e_i796obiYsZSqHAfhJ7mv3SNYwQ==

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 2 B
101 B 46ms
8ms XHR
text/plain 3.121.92.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22uer8ZPXHG8WDU%22%2C%22domain%22%3A%22www.windowscentral.com%22%2C%22publisher%22%3A%22WindowsCentral%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.38%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22Ek5FunZkhCBk40VZyjTGxA%22%2C%22clientTimestamp%22%3A1650304652506%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-v9x95g2387oq8t6erfsl%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/38/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.92.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-92-52.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.windowscentral.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 18 Apr 2022 17:57:32 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 new Show response
g2.gumgum.com/assets/ 140 B
455 B 41ms
41ms XHR
application/json 63.32.132.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/assets/new?assets=%7B%22v%22%3A%221.1%22%2C%22pv%22%3A%22f68a328d-4152-457a-9c67-301eeebc64c7%22%2C%22r%22%3A%223.87.12%22%2C%22t%22%3A%22n6aekmb1%22%2C%22rf%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22fs%22%3Afalse%2C%22ce%22%3Atrue%2C%22p%22%3A%22https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware%22%2C%22a%22%3A%5B%7B%22i%22%3A1%2C%22u%22%3A%22https%3A%2F%2Fwww.windowscentral.com%2Fsites%2Fwpcentral.com%2Ffiles%2Fstyles%2Flarge_wm_brw%2Fpublic%2Ffield%2Fimage%2F2022%2F01%2Fmicrosoft-logo-2022.jpg%22%2C%22w%22%3A750%2C%22h%22%3A562%2C%22x%22%3A260%2C%22y%22%3A809%2C%22lt%22%3A%22none%22%2C%22af%22%3Afalse%2C%22prefetch%22%3Afalse%2C%22ia%22%3A%22Microsoft%20Logo%22%7D%5D%2C%22ac%22%3A%7B%7D%2C%22vp%22%3A%7B%22ii%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A1200%7D%2C%22sc%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22d%22%3A1%7D%2C%22tr%22%3A0.4%2C%22ogu%22%3A%22https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware%22%7D&bf=fd6626bab39ab23d2a3370e8d8131bb318cf204d&lt=1650304652562&to=0&gdprApplies=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.87.12%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=9830
Requested by: Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.132.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-132-64.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 77b95b2909fa96f94fd4f06410eabaf20e5174eb629b4bd567a827dc400e2f63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
content-encoding: gzip
server: nginx
etag: W/"0a924e22c611b5f7f7248f9a6f927c777"
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.windowscentral.com
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=8&c2=15039634&c3=9&c4=n6aekmb1&c7=https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware&c8=Mic...
https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=9&c4=n6aekmb1&c7=https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware&c8=Mi...

43 B
263 B

8ms
8ms

Image
image/gif

99.86.7.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=8&c2=15039634&c3=9&c4=n6aekmb1&c7=https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware&c8=Microsoft%20says%20Windows%20under%20attack%20from%20Chinese%20threat%20actors%20using%20stealth%20malware%20%7C%20Windows%20Central&c9=https%3A%2F%2Ft.co%2F&cv=2.0&cj=1&ns__t=1650304652560
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: H2
Server: 99.86.7.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-79.fra6.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 43
x-amz-cf-id: rSdwgAAPiHIjOZ1ykLFDAW7Hw5sG2WbBbwC2U35N6BURDymXhoyNdA==
x-cache: Miss from cloudfront
content-type: image/gif

Redirect headers

location: /p2?c1=8&c2=15039634&c3=9&c4=n6aekmb1&c7=https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware&c8=Microsoft%20says%20Windows%20under%20attack%20from%20Chinese%20threat%20actors%20using%20stealth%20malware%20%7C%20Windows%20Central&c9=https%3A%2F%2Ft.co%2F&cv=2.0&cj=1&ns__t=1650304652560
date: Mon, 18 Apr 2022 17:57:32 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 0
x-amz-cf-id: bhsL129KzIflPaEEs6sgxSZGRVuKKrbDIHT5CYguTZegpJYb-LIJ5w==
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D3f853ca5-c093-4ff8-8455-efdca2ef7868
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D3f853ca5-c093-4ff8-8455-efdca2ef7868
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B196D5AD-F18E-4F8C-8BA3-945CF0E41540&fid=3f853ca5-c093-4ff8-8455-efdca2ef7868

95 B
881 B

29ms
28ms

Image
image/png

108.128.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B196D5AD-F18E-4F8C-8BA3-945CF0E41540&fid=3f853ca5-c093-4ff8-8455-efdca2ef7868

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware

Protocol

HTTP/1.1

Server

108.128.98.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-98-123.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 18 Apr 2022 17:57:33 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Mon, 18 Apr 2022 17:57:33 UTC

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B196D5AD-F18E-4F8C-8BA3-945CF0E41540&fid=3f853ca5-c093-4ff8-8455-efdca2ef7868
date: Mon, 18 Apr 2022 15:32:50 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=3f853ca5-c093-4ff8-8455-efdca2ef7868
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=3f853ca5-c093-4ff8-8455-efdca2ef7868&google_tc=
https://s.cpx.to/ca.png?dsp=dbm&fid=3f853ca5-c093-4ff8-8455-efdca2ef7868&google_gid=CAESEC09SWs9AiPzwEPxzGjqcfI&google_cver=1

95 B
804 B

29ms
29ms

Image
image/png

108.128.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=3f853ca5-c093-4ff8-8455-efdca2ef7868&google_gid=CAESEC09SWs9AiPzwEPxzGjqcfI&google_cver=1

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware

Protocol

HTTP/1.1

Server

108.128.98.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-98-123.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 18 Apr 2022 17:57:32 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Mon, 18 Apr 2022 17:57:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=3f853ca5-c093-4ff8-8455-efdca2ef7868&google_gid=CAESEC09SWs9AiPzwEPxzGjqcfI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ 0
214 B 35ms
9ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=34010&puid=2542511ae5b6b27c&gdpr=0
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=0fkciot&ttd_tpi=1
https://s.cpx.to/sync?dsp_uid=63d3771c-222e-4fd3-97bb-8dc4e2b48710&dsp=TTD

95 B
876 B

49ms
30ms

Image
image/png

108.128.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=63d3771c-222e-4fd3-97bb-8dc4e2b48710&dsp=TTD

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware

Protocol

HTTP/1.1

Server

108.128.98.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-98-123.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 18 Apr 2022 17:57:32 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Mon, 18 Apr 2022 17:57:32 UTC

Redirect headers

pragma: no-cache
date: Mon, 18 Apr 2022 17:57:32 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.cpx.to/sync?dsp_uid=63d3771c-222e-4fd3-97bb-8dc4e2b48710&dsp=TTD
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 179

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D3f853ca5-c093-4ff8-8455-efdca2ef7868&gdpr=0
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=3f853ca5-c093-4ff8-8455-efdca2ef7868&gdpr=0&cklb=1

0
316 B

24ms
24ms

Image
text/plain

185.86.139.57
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=3f853ca5-c093-4ff8-8455-efdca2ef7868&gdpr=0&cklb=1
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: HTTP/1.1
Server: 185.86.139.57 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 17:57:32 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=3f853ca5-c093-4ff8-8455-efdca2ef7868&gdpr=0&cklb=1
pragma: no-cache
date: Mon, 18 Apr 2022 17:57:32 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12542%26ref%3Dhttps%253A%252F%252Ft.co%252F%26url%3Dhttps%253A%252F%252Fwww.windowscentral.com%252F...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12542%2526ref%253Dhttps%25253A%25252F%25252Ft.co%25252F%2526url%253Dh...
https://s.cpx.to/an_fire?app_nexus_uid=3034105167916977054&pid=12542&ref=https%3A%2F%2Ft.co%2F&url=https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-u...

95 B
865 B

30ms
30ms

Image
image/png

108.128.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=3034105167916977054&pid=12542&ref=https%3A%2F%2Ft.co%2F&url=https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware&hn_ver=40&fid=3f853ca5-c093-4ff8-8455-efdca2ef7868

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware

Protocol

HTTP/1.1

Server

108.128.98.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-98-123.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 18 Apr 2022 17:57:32 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Mon, 18 Apr 2022 17:57:32 UTC

Redirect headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 17:57:32 GMT
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 48246640-3475-4acf-adf2-e6370e14b90b
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=3034105167916977054&pid=12542&ref=https%3A%2F%2Ft.co%2F&url=https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware&hn_ver=40&fid=3f853ca5-c093-4ff8-8455-efdca2ef7868
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 400
Bad Request sync
pool.grid-data.bidswitch.net/ 43 B
244 B 569ms
138ms Image
image/gif 35.211.144.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by: Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.144.1 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 1.144.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 17:57:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 5BE0 24 KB
10 KB 8ms
8ms Script
application/javascript 2620:116:800d:21:fcb8:22d2:d390:5f1b
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: t.co
URL: https://t.co/uqY78Nqx6F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:32 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 25 Apr 2022 17:57:32 GMT

GET
H/1.1 200 9.gif
id5-sync.com/s/441/ 43 B
1009 B 41ms
13ms Image
image/gif 51.195.5.234
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/441/9.gif?puid=e_9d5a8874-d69a-4a6c-9477-d2484eb313cb&gdpr=1&gdpr_consent=

Requested by

Host: www.windowscentral.com
URL: https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.195.5.234 , France, ASN16276 (OVH, FR),

Reverse DNS

p36.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 17:57:31 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2 200 rules-p-00TsOkvHvnsZU.js Show response
rules.quantcount.com/ Frame 5BE0 3 B
430 B 10ms
10ms Script
application/javascript 2600:9000:2491:3600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-00TsOkvHvnsZU.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:3600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 06:20:26 GMT
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
age: 41827
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:30:30 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P7
accept-ranges: bytes
x-amz-cf-id: mPGj6HTWJYqhru_bGwuf_l8_648NyxXDz03ZuUbHf-lLkR-v8MLR9w==

GET
H2

200

rt=ifr Show response
bcp.crwdcntrl.net/5/ct=y/c=12464/rand=849272580/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/ Frame 4FCE
Redirect Chain

https://bcp.crwdcntrl.net/5/c=12464/rand=849272580/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr
https://bcp.crwdcntrl.net/5/ct=y/c=12464/rand=849272580/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr

163 B
403 B

51ms
51ms

Document
text/html

54.220.157.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=12464/rand=849272580/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/12464/cc.js?ns=_cc12464
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.157.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-157-118.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b

Request headers

Referer: https://www.windowscentral.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-length: 163
content-type: text/html;charset=utf-8
date: Mon, 18 Apr 2022 17:57:33 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-consent: absent
x-server: 10.45.13.42

Redirect headers

cache-control: no-cache
content-length: 0
date: Mon, 18 Apr 2022 17:57:33 GMT
expires: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=12464/rand=849272580/pv=y/int=%23OpR%2382438%23windowscentral%20%3A%20Total%20Site%20Traffic/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.45.13.144

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/10055482/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

6ms
6ms

Script
application/javascript

99.86.7.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol: H2
Server: 99.86.7.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-79.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:28:49 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 1726
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 3gV_YpfCvJ5Aa1vOWSNKvN_T1w9PydFYIvKknmNSCrs-ohItenI6Rw==

Redirect headers

location: /internal-cs/default/beacon.js
date: Mon, 18 Apr 2022 17:57:34 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 0
x-amz-cf-id: 7Y9pR3Wt8qixGCkyUskkT-pefhFg-ZPJ-ecHC8eQ9HMPoyts3S0j4A==
x-cache: Miss from cloudfront

GET
H2 204 b2
sb.scorecardresearch.com/ 0
187 B 8ms
7ms Image
text/plain 99.86.7.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=10055482&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=0&cs_cmp_id=10&cs_cmp_sv=38&cs_cmp_rt=0&cs_it=b2&cv=3.8.0.210223&ns__t=1650304654050&ns_c=UTF-8&c7=https%3A%2F%2Fwww.windowscentral.com%2Fmicrosoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware&c8=Microsoft%20says%20Windows%20under%20attack%20from%20Chinese%20threat%20actors%20using%20stealth%20malware%20%7C%20Windows%20Central&c9=https%3A%2F%2Ft.co%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-79.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windowscentral.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:57:34 GMT
via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: GQeEceWeJhpdukQ1Ue1VBxTDY4tbGcPqjdj8FKe7Y7O0PKI6oC_sdA==
x-cache: Miss from cloudfront

Verdicts & Comments Add Verdict or Comment

225 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-20 11:55:19	Name: muc Value: 5132b8fa-b8d2-4e00-a87a-dd23e09de808
.facebook.com/	1970-01-20 04:34:40	Name: fr Value: 0mjWxVqxotqyrwHSm..BiXaaL...1.0.BiXaaL.
.windowscentral.com/	1970-01-20 19:56:16	Name: _ga Value: GA1.2.1338041605.1650304652
.windowscentral.com/	1970-01-20 02:26:31	Name: _gid Value: GA1.2.912160996.1650304652
.www.windowscentral.com/	1970-01-20 11:10:40	Name: usprivacy Value: 1YNN
.windowscentral.com/	1970-01-20 02:25:04	Name: _gat Value: 1
.windowscentral.com/	1970-01-20 02:25:04	Name: _gat_global Value: 1
.servebom.com/	1970-01-20 11:10:40	Name: u Value: 8FD44CA0F32F459E964AEE176594A5E5
www.windowscentral.com/	1970-01-20 04:11:52	Name: h_id Value: 8FD44CA0F32F459E964AEE176594A5E5
www.windowscentral.com/	1970-01-20 02:25:06	Name: _tb_sess_r Value: https%3A//t.co/
www.windowscentral.com/	1970-01-20 02:25:06	Name: _tb_t_ppg Value: https%3A//www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware
.windowscentral.com/	1970-01-20 02:25:06	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.windowscentral.com/microsoft-says-windows-under-attack-chinese-threat-actors-using-stealth-malware%22%2C%22sref%22:%22https://t.co/%22%2C%22sts%22:1650304652415%2C%22slts%22:0}
.windowscentral.com/	1970-01-20 11:54:28	Name: _parsely_visitor Value: {%22id%22:%22pid=29fc37ec5786319fedd890613fe99121%22%2C%22session_count%22:1%2C%22last_session_ts%22:1650304652415}
uk-script.dotmetrics.net/	1970-01-20 02:35:09	Name: AWSALBCORS Value: XvJWiloMsZ7yrHzcqvuM5kUGT6j2Qm19yZVjRJ0TBKDMckFl7Uq4Xw6ztgLFKPvnHyNwfEGsCJAI1iR+jsqO2oyeIUBItd6W9n2m3AgQrnG+QjozNZ3xxAKnb4hR
.dotmetrics.net/	1970-01-20 11:10:40	Name: DotMetrics.DeviceKey Value: DeviceID=
.dotmetrics.net/	1970-01-20 11:10:40	Name: DotMetrics.UniqueUserIdentityCookie Value: UserID=e71e1df7-61cc-43bf-9ab8-bd3e555cc0ad&Created=04/18/2022 17:57:32&UserMode=0&guid=30201a7a-c5d1-47ac-a8f1-89b7dd5629bf&ver=1
.gumgum.com/	1970-01-20 11:10:40	Name: cs Value: true
.gumgum.com/	1970-01-20 03:08:16	Name: loc Value: SfolTs1ZIlPt4unIug7NGHTHprMos3ZuqTBxlXamrm-DLEfuWxE5ngEX7RFPf0ICryGo0tYTzsjZLCzzxDzpl5Tjkz6rKz9X
.gumgum.com/	1970-01-20 11:10:40	Name: vst Value: e_9d5a8874-d69a-4a6c-9477-d2484eb313cb
.scorecardresearch.com/	1970-01-20 19:41:52	Name: UID Value: 1D5b505129472f99aee06041650304652
.cpx.to/	1970-01-20 11:10:40	Name: cpSess Value: 2542511ae5b6b27c
.adnxs.com/	1970-01-20 04:34:40	Name: uuid2 Value: 3034105167916977054
.doubleclick.net/	1970-01-20 11:46:40	Name: IDE Value: AHWqTUn9Kc69uiGMhzY9uN6ID51s1fqofVGFgTXGqjiWXY1124fnJ-uLTZhCETG4WPs
.id5-sync.com/	1970-01-20 02:25:04	Name: cf Value:
.id5-sync.com/	1970-01-20 02:25:04	Name: cip Value:
.id5-sync.com/	1970-01-20 02:25:04	Name: cnac Value:
.id5-sync.com/	1970-01-20 02:25:04	Name: car Value:
.id5-sync.com/	1970-01-20 02:25:04	Name: gdpr Value:
.id5-sync.com/	1970-01-20 02:25:04	Name: callback Value:
.adsrvr.org/	1970-01-20 11:10:40	Name: TDID Value: 63d3771c-222e-4fd3-97bb-8dc4e2b48710
.cpx.to/	1970-01-20 11:10:40	Name: dsp_dbm Value: CAESEC09SWs9AiPzwEPxzGjqcfI#1650304652675
.adsrvr.org/	1970-01-20 11:10:40	Name: TDCPM Value: CAEYBSABKAIyCwio5djP9NvQOhAFOAE.
.cpx.to/	1970-01-20 11:10:40	Name: dsp_app_nexus Value: 3034105167916977054#1650304652719
.cpx.to/	1970-01-20 11:10:40	Name: dsp_TTD Value: 63d3771c-222e-4fd3-97bb-8dc4e2b48710#1650304652749
.smartadserver.com/	1970-01-20 11:53:52	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 11:53:52	Name: pbw Value: %24b%3d16100%3b%24o%3d11100
.smartadserver.com/	1970-01-20 11:53:52	Name: pid Value: 4462781117491967240
.pubmatic.com/	1970-01-20 04:34:40	Name: KTPCACOOKIE Value: true
.pubmatic.com/	1970-01-20 04:34:40	Name: KADUSERCOOKIE Value: B196D5AD-F18E-4F8C-8BA3-945CF0E41540
.cpx.to/	1970-01-20 11:10:40	Name: dsp_pubmatic Value: B196D5AD-F18E-4F8C-8BA3-945CF0E41540#1650304653231
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://pool.grid-data.bidswitch.net/sync?pid=42 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
a.teads.tv
ad-delivery.net
ads.servebom.com
adservice.google.com
adservice.google.de
api.btloader.com
audit-tcfv2.quantcast.mgr.consensu.org
bcp.crwdcntrl.net
bordeaux.futurecdn.net
btloader.com
c2.taboola.com
cdn.parsely.com
cdn.taboola.com
cm.g.doubleclick.net
connect.facebook.net
d1z2jf7jlzjs58.cloudfront.net
freyr.futurecdn.net
futureplc-com.videoplayerhub.com
g2.gumgum.com
id5-sync.com
image2.pubmatic.com
js.gumgum.com
match.adsrvr.org
ml314.com
p.cpx.to
p1.parsely.com
pool.grid-data.bidswitch.net
quantcast.mgr.consensu.org
rm-script.dotmetrics.net
rules.quantcount.com
s.cpx.to
sb.scorecardresearch.com
search-api.fie.futurecdn.net
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
sommelier.futurehybrid.tech
stats.g.doubleclick.net
sync.smartadserver.com
t.co
tags.crwdcntrl.net
test.quantcast.mgr.consensu.org
token.rubiconproject.com
uk-script.dotmetrics.net
unpkg.com
use.typekit.net
widget.perfectmarket.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.windowscentral.com
104.244.42.5
104.36.113.107
108.128.98.123
13.225.80.85
130.211.23.194
142.250.185.194
142.250.186.162
143.204.101.50
151.101.129.44
151.101.130.114
151.101.193.44
151.139.128.11
18.64.87.36
18.66.2.26
18.66.97.8
185.33.221.52
185.86.139.57
2.18.232.7
2600:9000:225a:c00:9:46dc:4700:93a1
2600:9000:225f:3400:d:5ce3:a4c0:93a1
2600:9000:238d:4e00:3:a4cd:8380:93a1
2600:9000:2491:3600:6:44e3:f8c0:93a1
2606:4700:20::681a:78b
2606:4700:20::ac43:4513
2606:4700:20::ac43:4acf
2606:4700::6810:7daf
2606:4700::6812:451
2606:4700::6812:bd37
2620:116:800d:21:fcb8:22d2:d390:5f1b
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82f::2002
2a00:1450:400c:c0c::9a
2a02:26f0:f7::5c7b:e053
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.121.92.52
3.33.220.150
34.111.234.236
34.194.161.83
35.211.144.1
51.195.5.234
52.215.1.116
52.50.139.7
54.220.157.118
63.32.132.64
69.173.144.165
99.86.7.79
00f51b719a573dfa2938413394e4b37664f52cb517a443b422d3bb2d4b2c7586
00f7d628d0c49b1b0d512c3c56d16cc8d0ac222e7437efea750b584083c053dd
067edf7df83e78af3ad8bd0b56325be772f837a5f9cb1f3c2d8a0f3d29da7f11
0bd4246cc88ea9a0f90dc318e0ff3c42b4ab6da779c6557f00ca1d5d404408fa
0df08e3ece6f39b3ab5126853be9ebe1219123e742136dec9d153452d5aa1159
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
0f507045398a529b76fa0de28f329699590b881503633f2cea95a87013359da6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12b6fd7add250b3e434d5a9c18270214db91b8c87ad8550eb77aff2780fdd5ff
17077ffaf689a4f07028a1d15ea2a54fd4189707578ed0b3acdfdda59aa0362d
1b4c22fb31bd965bc428138e49e4771d006b018b88237f9900ab3d35b2b5ad6b
1b9c957f00c749468844c08b973dc98f8cd6302fc2aa4c9f6380f84d6bcc21a3
1cf5396993e4b7b8e74c4bd348756f51104cc01ce20b5f7a193a45ec47574c63
1e29efc65ac0c1ae65a7a773507beb076bc946c0ffaade21298d1302cfa15901
25db43cdbafdfcb1e932d48d691a87835d88e898ef6817da85dba40cd3f7b2dc
26b19b50b1459f5c81dafdb46a5b5ec3930f77c1ce9f49df144351ced50f1256
2f03b278147f8f0bbfd56ebe73d183470ec71d18512c2d24bea55212bbe724e1
303b24f8da43f3f0e5f597e9cfb5fa670ab9ae8e315ab3259a630aaf3bac06c2
31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b
45b6640b10629fe0dcec64d3031726d9841d5504280f8be01f2d5ca2f31f5cdd
464b561ee00c86db1cddb80f2c9d6febbc2c1aa95f422fa73a4fb8ef7d5d5028
47574b2437bb834db5f02f5c5e4952fe1a2b6313348dd6cfbcecfaa579f704d6
47ee7c770102f566fd1b43746cb510d4beeac6838428d8e73c108ad34a942e62
5193e47e28655d2fc5b3dfc953deb76a214496204d95866998ddcd24f1700544
52ff2a623c77412b9c7f27ee7d24bd125b1e3dd37450c45fe373e0627824b9ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
577c6dfe3ebcb5435b28de78f9112774f8910e67e889aad87895daf6cd1a9f44
5d46dc72a7e91646d4867cd6689a12be02c5f9a56ad79795b8b95eca258e6e4f
5fc82d3fd2e62e9152b6dc727bc336fcba6f894cf835c6d6938e26c83ec4f7b0
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c21173e97cdde5579f5144813a24b7e406ad2a6a483da2cd18b864a8d2ecc40
6f200bcf9261646775132617515f713dadddbc35b310b94026892463adda7dd1
6f27ead86675e282e4ab4bb981cede9beab7ab1d2e849e42643654cca896c1e9
74d4fe26abff96aadb849dea507e94f1d944bfb805ef7e410b5024dea3f6ba44
75d893335a1d25db1bf02e25ab904d97a3af743128850d8566b93d197e56e9e9
77b95b2909fa96f94fd4f06410eabaf20e5174eb629b4bd567a827dc400e2f63
7fd77c2a1954dc2b757a6b8245a264a0422a70161f9566d997bac242f47d5bbc
87a05e266719cffcabe1f5b046d7e6c0b095a2f35723e3d00b41d001b5b02ff0
8bb75d5045112e96f213b110ad294dc8ff2b1607445c02e3cfbfd35fed8bfff3
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8e4f5f3bc3d6c472382dc6ae414a1d2558fc9fd1fe4ec4c7ae7d3adc8957d438
923590a665c884affc3b51c0948afa97b0e0b65724104ad1634915a3105f3b67
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9379485b510d404dc953c886c69acc421789b085804b6148d2f30be9f8ff0880
94fe2acdde59c996a475902afadf127e555e25fb6aae6f8f93914b318de3e19d
9dc039d6499f245fa5df5ef87eec8135ef1afddd555566042560c89dc61b1d0a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ad1cd9c9fd8f0eb0c9e41a7683654a834d6da5e3ba132f70096b7929e79eb298
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed98a9e46eb03e8f84c07f12241c32a436c87ebf56fc65d7d5ec14ae4f98bf4
b1371d0f926a79debf9bb4be641ae6600ad41e6b27b6cc007f9ec30257160ed0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b25590ed0eb80f9d4324448b2f2be99e6b7c73affaaed9625d1643826fe218c1
b8354647b68c85bdd1b5be2b760db050033407a99a8ff951f9ae6fbde2763da0
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c19896ac0a9f3d1f75b8dea30ed6dee1114b31efa7b0045a30b043152be802bb
c1c9d79d4c1f7434241f585d6cda795673e9a883999631e6889c46d6e01681b1
c84a5b9e09825082ba7b583fddf8abca5efbdd05eb7beb7d9e2abdfcebda332c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd058e51526b3cec4f24d62da25e068dddd98f10809f5f46cde0013c006d8607
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2f14c14f8b1cc9659e849b3db6b22410b5641152120e50e5a1292d78016016c
da03f140d305f2abdf496bdd3fad9cfed87a237cf09f6a2edcec58bc5a1f044d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd23f77e0f2633a6eb7eab764d98ab21a0ae46fe92d169262b52ffefd1dcf16c
dedf0005af46ab90d7b42e76026288fc5a2ba67ce8ffae805f22e971f358c55b
e233fa437ca8020631b91098a50cf0752b2c21e79bcaf08f088150f5a10ca0ee
e30fd585b3bc0653779f162eeea77fe028930fa0bb5f3fde1706c29a0f1c3ded
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d30c76f6c4f12662e2a140e5900c3f0a68776ed72f22d3fd626d6b9b7218d2
f42e1cd6c29e600d1e67f3a4a315f29d13875e15ec3c6413eb9b4ec76929b528
fab2e6b042ec3920ace988314188075cf130ec5c8f9892bc8cddf94ac4ed7294

www.windowscentral.com Open in urlscan Pro 2606:4700::6812:bd37 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

93 Requests

90 %HTTPS

39 %IPv6

39 Domains

52 Subdomains

45 IPs

6 Countries

1643 kBTransfer

6248 kBSize

41 Cookies

35 Outgoing links

Page URL History

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.windowscentral.com Open in urlscan Pro
2606:4700::6812:bd37 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

90 %
HTTPS

39 %
IPv6

39
Domains

52
Subdomains

45
IPs

6
Countries

1643 kB
Transfer

6248 kB
Size

41
Cookies

93 HTTP transactions
0 data transactions