www.zdnet.com Open in urlscan Pro
2.18.233.143 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Effective URL:
https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Submission: On September 13 via manual (September 13th 2019, 2:44:01 am UTC) from IN

Summary HTTP 372 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 60 IPs in 6 countries across 55 domains to perform 372 HTTP transactions. The main IP is 2.18.233.143, located in Ascension Island and belongs to AKAMAI-AS - Akamai Technologies, Inc., US. The main domain is www.zdnet.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on April 23rd 2019. Valid for: a year.

This is the only time www.zdnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2.18.233.143 2.18.233.143	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
47	2a04:4e42:3::444 2a04:4e42:3::444	54113 (FASTLY) (FASTLY - Fastly)
19	2a04:4e42:1b:... 2a04:4e42:1b::444	54113 (FASTLY) (FASTLY - Fastly)
1	184.30.221.201 184.30.221.201	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
5	104.111.214.229 104.111.214.229	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
37	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	13.35.253.127 13.35.253.127	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	3.226.5.56 3.226.5.56	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	216.58.210.6 216.58.210.6	15169 (GOOGLE) (GOOGLE - Google LLC)
1	35.190.38.167 35.190.38.167	15169 (GOOGLE) (GOOGLE - Google LLC)
1	46.51.201.190 46.51.201.190	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
6	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 12	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
27	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE - Google LLC)
14	152.199.23.241 152.199.23.241	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff12	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
4	2606:4700::68... 2606:4700::6810:a00d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4 16	34.247.144.106 34.247.144.106	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2606:4700:20:... 2606:4700:20::6819:a222	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
9	2606:4700::68... 2606:4700::6810:51a5	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	64.30.230.22 64.30.230.22	6623 (CBSI-1) (CBSI-1 - CBS Interactive Inc.)
3	184.31.90.90 184.31.90.90	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY - Fastly)
1	2600:9000:205... 2600:9000:2057:e000:18:1fcd:349:ca21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	34.233.109.111 34.233.109.111	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	34.200.61.129 34.200.61.129	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2 2	104.111.241.32 104.111.241.32	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
4 4	35.190.72.21 35.190.72.21	15169 (GOOGLE) (GOOGLE - Google LLC)
4 4	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
4 4	3.248.146.79 3.248.146.79	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4 6	54.93.117.16 54.93.117.16	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 4	52.208.212.211 52.208.212.211	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	23.99.128.52 23.99.128.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	2606:4700:20:... 2606:4700:20::6819:a322	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	52.49.176.73 52.49.176.73	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	54.77.236.71 54.77.236.71	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	3.212.241.161 3.212.241.161	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
5	37.252.173.27 37.252.173.27	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1 4	66.117.28.68 66.117.28.68	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
24	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY - Fastly)
2 2	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1 1	172.217.21.194 172.217.21.194	15169 (GOOGLE) (GOOGLE - Google LLC)
1 6	2.19.43.224 2.19.43.224	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:205... 2600:9000:2057:ba00:1d:8c8c:47c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 2	34.254.217.168 34.254.217.168	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	35.227.208.151 35.227.208.151	15169 (GOOGLE) (GOOGLE - Google LLC)
4	151.101.113.181 151.101.113.181	54113 (FASTLY) (FASTLY - Fastly)
1 1	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2001:4998:58:... 2001:4998:58:4904::7000	26101 (YAHOO-3) (YAHOO-3 - Oath Holdings Inc.)
2	151.101.12.134 151.101.12.134	54113 (FASTLY) (FASTLY - Fastly)
1	35.157.160.140 35.157.160.140	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
34	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
10	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
5	69.173.144.143 69.173.144.143	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
6	35.176.50.209 35.176.50.209	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	69.173.144.153 69.173.144.153	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
10	2a00:1450:401... 2a00:1450:4018:802::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
372	60

6 2.18.233.143 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-143.deploy.static.akamaitechnologies.com

www.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rev.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a04:4e42:3::444 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

zdnet1.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet2.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet4.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a04:4e42:1b::444 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

zdnet3.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.221.201 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-30-221-201.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.214.229 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-214-229.deploy.static.akamaitechnologies.com

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
684dd307.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5f651e70.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.127 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-127.fra6.r.cloudfront.net

native.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.226.5.56 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-226-5-56.compute-1.amazonaws.com

l.betrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.210.6 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.38.167 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 167.38.190.35.bc.googleusercontent.com

urs.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.51.201.190 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-46-51-201-190.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 152.199.23.241 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4a0:1338:28::c38a:ff12 (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

iicbsi-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:a00d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 34.247.144.106 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::6819:a222 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:51a5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api1.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.30.230.22 (Fremont, United States)

ASN6623 (CBSI-1 - CBS Interactive Inc., US)
PTR: phx2-dw-cbsi-xw-ext-lb.cnet.com

dw.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.31.90.90 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-31-90-90.deploy.static.akamaitechnologies.com

www.everestjs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

vidtech.cbsinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:e000:18:1fcd:349:ca21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.233.109.111 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-233-109-111.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.200.61.129 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-200-61-129.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.241.32 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-241-32.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.72.21 (Mountain View, United States) 4 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 21.72.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.201 (Ascension Island) 4 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.248.146.79 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-248-146-79.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.93.117.16 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-93-117-16.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.208.212.211 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-208-212-211.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.99.128.52 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: waws-prod-dm1-001.cloudapp.net

lightboxapi2.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::6819:a322 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

beacon.tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.49.176.73 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-49-176-73.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.236.71 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-77-236-71.eu-west-1.compute.amazonaws.com

cbsi.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.212.241.161 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-212-241-161.compute-1.amazonaws.com

saa.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.173.27 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.117.28.68 (United States) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.117.28.86 (United States) 2 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.194 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.19.43.224 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-43-224.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:ba00:1d:8c8c:47c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

cdn-magiclinks.trackonomics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.208.240 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

zn_3xebfjduss0srw5-cbs.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.217.168 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-254-217-168.eu-west-1.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.208.151 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 151.208.227.35.bc.googleusercontent.com

web-sdk.urbanairship.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.113.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.162 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4998:58:4904::7000 (United States)

ASN26101 (YAHOO-3 - Oath Holdings Inc., US)

ad.yieldmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

zdnet-1.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.160.140 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-160-140.eu-central-1.compute.amazonaws.com

www.summerhamster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cbsdfp5832910442.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.176.50.209 (London, United Kingdom)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-176-50-209.eu-west-2.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.153 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

beacon-eu2.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4018:802::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	cbsistatic.com zdnet1.cbsistatic.com zdnet2.cbsistatic.com zdnet3.cbsistatic.com zdnet4.cbsistatic.com	1005 KB
35	doubleclick.net 2 redirects ad.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net	376 KB
24	taboola.com cdn.taboola.com trc.taboola.com images.taboola.com	396 KB
21	moatads.com z.moatads.com geo.moatads.com px.moatads.com	1 MB
19	moatpixel.com cbsdfp5832910442.s.moatpixel.com	8 KB
19	rubiconproject.com ads.rubiconproject.com optimized-by.rubiconproject.com beacon-eu2.rubiconproject.com secure-assets.rubiconproject.com eus.rubiconproject.com	53 KB
19	googletagservices.com www.googletagservices.com	500 KB
18	googlesyndication.com tpc.googlesyndication.com Failed pagead2.googlesyndication.com	760 KB
18	ml314.com 4 redirects ml314.com in.ml314.com	32 KB
14	tiqcdn.com tags.tiqcdn.com	89 KB
11	gstatic.com csi.gstatic.com fonts.gstatic.com	14 KB
9	lightboxcdn.com www.lightboxcdn.com api1.lightboxcdn.com	160 KB
8	cbsi.com dw.cbsi.com saa.cbsi.com rev.cbsi.com	14 KB
8	viglink.com cdn.viglink.com api.viglink.com	57 KB
7	google.com 1 redirects adservice.google.com www.google.com	1 KB
7	google.de adservice.google.de www.google.de	1 KB
6	scorecardresearch.com 1 redirects sb.scorecardresearch.com	4 KB
6	everesttech.net 3 redirects pixel.everesttech.net cm.everesttech.net	3 KB
6	demdex.net 1 redirects dpm.demdex.net cbsi.demdex.net	4 KB
6	eyeota.net 4 redirects ps.eyeota.net	3 KB
6	zdnet.com www.zdnet.com urs.zdnet.com	194 KB
5	adnxs.com secure.adnxs.com	6 KB
4	perfectmarket.com widget.perfectmarket.com	94 KB
4	crwdcntrl.net 4 redirects sync.crwdcntrl.net	3 KB
4	mathtag.com 4 redirects pixel.mathtag.com	3 KB
4	rlcdn.com 4 redirects idsync.rlcdn.com	1 KB
3	facebook.net connect.facebook.net	119 KB
3	everestjs.net www.everestjs.net	8 KB
3	tru.am tru.am beacon.tru.am	14 KB
3	go-mpulse.net c.go-mpulse.net	57 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	facebook.com www.facebook.com	311 B
2	disqus.com zdnet-1.disqus.com	2 KB
2	imrworldwide.com 1 redirects secure-us.imrworldwide.com	851 B
2	casalemedia.com as-sec.casalemedia.com	1 KB
2	akstat.io 684dd307.akstat.io 5f651e70.akstat.io	708 B
2	bluekai.com 2 redirects tags.bluekai.com	2 KB
2	betrad.com l.betrad.com	240 B
1	jsdelivr.net cdn.jsdelivr.net	2 KB
1	googleapis.com fonts.googleapis.com	442 B
1	summerhamster.com www.summerhamster.com	181 B
1	yieldmanager.com ad.yieldmanager.com	341 B
1	googleadservices.com 1 redirects www.googleadservices.com	548 B
1	urbanairship.com web-sdk.urbanairship.com	17 KB
1	qualtrics.com zn_3xebfjduss0srw5-cbs.siteintercept.qualtrics.com	15 KB
1	trackonomics.net cdn-magiclinks.trackonomics.net	18 KB
1	azurewebsites.net lightboxapi2.azurewebsites.net	386 B
1	chartbeat.net ping.chartbeat.net	168 B
1	chartbeat.com static.chartbeat.com	14 KB
1	cbsinteractive.com vidtech.cbsinteractive.com	281 KB
1	akamaihd.net iicbsi-a.akamaihd.net	272 B
1	adsrvr.org match.adsrvr.org	536 B
1	sharethrough.com native.sharethrough.com	117 KB
1	indexww.com js-sec.indexww.com	26 KB
1	evidon.com c.evidon.com	431 B
372	55

	Domain	Requested by
27	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.zdnet.com
19	cbsdfp5832910442.s.moatpixel.com
19	www.googletagservices.com	www.zdnet.com securepubads.g.doubleclick.net rev.cbsi.com pagead2.googlesyndication.com
19	zdnet4.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com zdnet3.cbsistatic.com
19	zdnet3.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com zdnet3.cbsistatic.com
18	pagead2.googlesyndication.com	optimized-by.rubiconproject.com pagead2.googlesyndication.com
16	images.taboola.com	z.moatads.com
16	ml314.com	4 redirects tags.tiqcdn.com ml314.com www.zdnet.com z.moatads.com
15	zdnet2.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com zdnet3.cbsistatic.com
14	tags.tiqcdn.com	zdnet2.cbsistatic.com tags.tiqcdn.com
13	zdnet1.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com
11	z.moatads.com	securepubads.g.doubleclick.net
10	csi.gstatic.com	securepubads.g.doubleclick.net
8	www.lightboxcdn.com	www.zdnet.com www.lightboxcdn.com
6	geo.moatads.com	z.moatads.com
6	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
6	sb.scorecardresearch.com	1 redirects tags.tiqcdn.com cdn.taboola.com widget.perfectmarket.com
6	ps.eyeota.net	4 redirects www.zdnet.com
6	adservice.google.com	www.googletagservices.com pagead2.googlesyndication.com
6	adservice.google.de	www.googletagservices.com pagead2.googlesyndication.com
5	optimized-by.rubiconproject.com	ads.rubiconproject.com
5	ads.rubiconproject.com	www.zdnet.com
5	secure.adnxs.com	js-sec.indexww.com
5	www.zdnet.com	zdnet3.cbsistatic.com
4	trc.taboola.com	cdn.taboola.com
4	eus.rubiconproject.com	www.zdnet.com
4	px.moatads.com
4	beacon-eu2.rubiconproject.com	www.zdnet.com
4	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
4	cdn.taboola.com	zdnet2.cbsistatic.com cdn.taboola.com
4	pixel.everesttech.net	1 redirects
4	api.viglink.com	cdn.viglink.com
4	dpm.demdex.net	1 redirects www.zdnet.com tags.tiqcdn.com
4	sync.crwdcntrl.net	4 redirects
4	pixel.mathtag.com	4 redirects
4	idsync.rlcdn.com	4 redirects
4	dw.cbsi.com	tags.tiqcdn.com www.zdnet.com
4	cdn.viglink.com	tags.tiqcdn.com www.zdnet.com
3	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
3	saa.cbsi.com	tags.tiqcdn.com
3	www.everestjs.net	tags.tiqcdn.com www.everestjs.net
3	c.go-mpulse.net	www.zdnet.com c.go-mpulse.net zdnet1.cbsistatic.com
2	www.google-analytics.com	widget.perfectmarket.com
2	www.facebook.com	connect.facebook.net
2	zdnet-1.disqus.com	zdnet2.cbsistatic.com zdnet-1.disqus.com
2	secure-us.imrworldwide.com	1 redirects
2	cm.everesttech.net	2 redirects
2	as-sec.casalemedia.com	js-sec.indexww.com
2	cbsi.demdex.net	tags.tiqcdn.com
2	tags.bluekai.com	2 redirects
2	in.ml314.com	ml314.com
2	tru.am	tags.tiqcdn.com tru.am
2	l.betrad.com	www.zdnet.com
1	fonts.gstatic.com	www.lightboxcdn.com
1	cdn.jsdelivr.net	www.lightboxcdn.com
1	fonts.googleapis.com	www.lightboxcdn.com
1	secure-assets.rubiconproject.com	www.zdnet.com
1	rev.cbsi.com	www.zdnet.com
1	5f651e70.akstat.io	c.go-mpulse.net
1	www.summerhamster.com
1	ad.yieldmanager.com
1	www.google.de
1	www.google.com	1 redirects
1	www.googleadservices.com	1 redirects
1	web-sdk.urbanairship.com	zdnet3.cbsistatic.com
1	zn_3xebfjduss0srw5-cbs.siteintercept.qualtrics.com	tags.tiqcdn.com
1	cdn-magiclinks.trackonomics.net	tags.tiqcdn.com
1	cm.g.doubleclick.net	1 redirects
1	684dd307.akstat.io	zdnet1.cbsistatic.com
1	beacon.tru.am	tru.am
1	api1.lightboxcdn.com	www.lightboxcdn.com
1	lightboxapi2.azurewebsites.net	www.lightboxcdn.com
1	ping.chartbeat.net	www.zdnet.com
1	static.chartbeat.com	zdnet2.cbsistatic.com
1	vidtech.cbsinteractive.com	zdnet2.cbsistatic.com
1	iicbsi-a.akamaihd.net	tags.tiqcdn.com
1	match.adsrvr.org	js-sec.indexww.com
1	urs.zdnet.com	zdnet2.cbsistatic.com
1	ad.doubleclick.net	www.zdnet.com
1	native.sharethrough.com	www.zdnet.com
1	js-sec.indexww.com	www.zdnet.com
1	c.evidon.com	www.zdnet.com
0	tpc.googlesyndication.com Failed	securepubads.g.doubleclick.net
372	83

This site contains links to these domains. Also see Links.

Domain
www.zdnet.com.cn
www.zdnet.fr
www.zdnet.de
www.zdnet.co.kr
japan.zdnet.com
www.techrepublic.com
downloads.zdnet.com
simjacker.com
en.wikipedia.org
www.pcworld.com
blog.m-sec.net
www.youtube.com
www.cnet.com
popup.taboola.com
trf.greatviews.de
t1.tkzio.com
om.elvenar.com
sarawaktourism.com
www.mdm.de
marketing.net.brillen.de
www.aroundhome.de
www.gruener-fisher.de
cbsi.force.com
www.cbsinteractive.com
cbsi.secure.force.com
cbslnk.cbsileads.com
www.facebook.com
twitter.com
www.linkedin.com
legalterms.cbsinteractive.com
narratives.zdnet.com
academy.zdnet.com

Subject Issuer	Validity	Valid
www.cbs.com GeoTrust RSA CA 2018	`2019-04-23` - `2020-07-22`	a year	crt.sh
*.cbsistatic.com DigiCert SHA2 High Assurance Server CA	`2019-02-22` - `2021-02-26`	2 years	crt.sh
*.evidon.com DigiCert ECC Secure Server CA	`2019-02-01` - `2020-05-02`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2019-04-16` - `2020-06-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.sharethrough.com Go Daddy Secure Certificate Authority - G2	`2018-09-18` - `2019-11-17`	a year	crt.sh
l.betrad.com Go Daddy Secure Certificate Authority - G2	`2019-04-25` - `2021-06-24`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.zdnet.com DigiCert SHA2 High Assurance Server CA	`2017-12-12` - `2020-12-15`	3 years	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.google.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2017-10-25` - `2020-05-13`	3 years	crt.sh
a248.e.akamai.net DigiCert ECC Secure Server CA	`2018-10-18` - `2019-10-18`	a year	crt.sh
ssl418259.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
*.ml314.com Amazon	`2019-03-16` - `2020-04-16`	a year	crt.sh
ssl389962.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-11` - `2020-03-19`	6 months	crt.sh
ssl516460.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-24` - `2020-03-01`	6 months	crt.sh
*.cbsi.com DigiCert SHA2 High Assurance Server CA	`2017-11-07` - `2021-02-04`	3 years	crt.sh
www.everestjs.net DigiCert SHA2 Secure Server CA	`2018-10-15` - `2020-10-15`	2 years	crt.sh
vidtech.cbsinteractive.com DigiCert SHA2 High Assurance Server CA	`2018-12-13` - `2020-12-17`	2 years	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2019-04-10` - `2020-04-10`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2018-12-20` - `2020-01-01`	a year	crt.sh
*.eyeota.net Let's Encrypt Authority X3	`2019-07-11` - `2019-10-09`	3 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.azurewebsites.net DigiCert SHA2 Secure Server CA	`2019-07-22` - `2021-07-22`	2 years	crt.sh
viglink.com Amazon	`2019-02-09` - `2020-03-09`	a year	crt.sh
saa.cbsi.com DigiCert SHA2 High Assurance Server CA	`2019-06-23` - `2020-09-25`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-07-30` - `2020-07-25`	a year	crt.sh
*.everesttech.net DigiCert SHA2 Secure Server CA	`2017-04-13` - `2020-04-17`	3 years	crt.sh
*.scorecardresearch.com COMODO RSA Organization Validation Secure Server CA	`2018-11-28` - `2019-12-26`	a year	crt.sh
*.trackonomics.net Go Daddy Secure Certificate Authority - G2	`2018-12-22` - `2020-02-20`	a year	crt.sh
*.qualtrics.com DigiCert SHA2 Secure Server CA	`2018-10-08` - `2021-01-06`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-08-24` - `2019-10-19`	2 months	crt.sh
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2019-02-25` - `2020-02-25`	a year	crt.sh
*.urbanairship.com DigiCert ECC Secure Server CA	`2018-06-20` - `2020-06-24`	2 years	crt.sh
p.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-09-03` - `2021-02-22`	a year	crt.sh
www.google.de GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-06-27` - `2019-12-24`	6 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2018-03-28` - `2020-04-27`	2 years	crt.sh
*.summerhamster.com Let's Encrypt Authority X3	`2019-07-23` - `2019-10-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
moatads.com DigiCert ECC Secure Server CA	`2018-11-10` - `2020-02-09`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.moatads.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-06-10`	2 years	crt.sh
*.googleapis.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
ssl363648.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-04-06` - `2019-10-13`	6 months	crt.sh

This page contains 35 frames:

Primary Page: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Frame ID: 3FB29E00064C89151EEB7108F1B51683
Requests: 236 HTTP requests in this frame

Frame: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Frame ID: B1ECE44184C048440DCA87D700A1413C
Requests: 2 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/lightbox.js?cb=1568342624561&lv=1
Frame ID: 84D80DA9A6F6024B76F1ACFE6ECB55C3
Requests: 2 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/lclst/a1583f50-579b-41d0-8c4e-1cd1790d945c/ls.html?purl=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&vid=a1583f50-579b-41d0-8c4e-1cd1790d945c&se=0&prev=0&cb=637039077227986622
Frame ID: 5E0211E4223EBF8A5E6616461FF8AC82
Requests: 1 HTTP requests in this frame

Frame: https://cbsi.demdex.net/dest5.html?d_nsid=undefined
Frame ID: 2F1E3EF65EE13F7CF34B55A82EB20BA9
Requests: 1 HTTP requests in this frame

Frame: https://www.everestjs.net/static/pixel_details.html
Frame ID: F09A55347A506BCFA3B707BF7F074E46
Requests: 1 HTTP requests in this frame

Frame: https://cbsi.demdex.net/dest5.html?d_nsid=0
Frame ID: 8FFBD9949404707A856D0186C0BBC6E4
Requests: 1 HTTP requests in this frame

Frame: https://widget.perfectmarket.com/opt/tboptevent.html?v=2&a=u&d=%7B%22stp%22%3A%7B%22a%22%3A1%7D%7D
Frame ID: 6F5AC6E4C27ED9EBAF6F477A897A212A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJGXLz4YqSWAP_0qbBMeKci3QKRVnZDvJWpXAl1X7tJeTPrZpoxRMsPZHbhhaXozICZJjII717_peKco6dYxji1s0sI7OWulwy922hp8F-VWBSRSD4UuBDlOQv1bDoKt5Gz30E3jQPcVxfofnI2w6JlKh9Dmt5JWeiBwJh9F2ayx4wzdW95J8fxBrnQBGJlvndnTC_qwBbr1wbm9YNLTQ5ndqwwCtxcvlKybSuuPIKKyOlcH4MmsKihYjefqaJJ287v1mi0541&sig=Cg0ArKJSzH0E5oAD_CTkEAE&urlfix=1&adurl=
Frame ID: 719719A774383053EB9A33970B87084F
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOKITodHpwJV8lTgg5llYB4rzY5VvQBolJ5akLAg22n7Fd7pczz7A5XC8iz5gpdWB3EcoPjlP85Lg2JMGsq6EPGtfah1o8nCpq1ec-cOQN4JYgGvbnuVtip_Wy4r0z5bnayWwzcYPJiC-SwS0D8x47mRhbfS44_Kxm7WPepwNyexHjtzp8huw5ZPQKK6kpqYv0EKmY96_qfcHLm0JkuLgwoXzux49K-_6uNlhlSqNOE_Y5nzuq3Sajepvh0-DJf37TI5o&sig=Cg0ArKJSzCEnINXSn8hBEAE&urlfix=1&adurl=
Frame ID: 5FF1A13B91410B1E941053FBB3726188
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqw1hhJpwOBcl8KjxURKGVphybNB7Sr4mZdA_2IaLGPWDe0wQYz0qJsGQJ9YwGxRwtvDm3Xbm9W_Cnzn7sngzvfmDXXSiVI7feskro0IrBDGGtdH9rAAc9GOdgM1PVcp9Jufw_cpHJtoiaZmzo6d0Ssf92dtAQTMENbiD-rMyYNEJXNt25BQVNCH5g7Bsg4jOU-669eBlD6iRFaitl98p_4PAMBfyj392mlvDq66-t1OfcAeY16y8EdWirLDUPQuxHttA&sig=Cg0ArKJSzD0uD99OsIJ0EAE&urlfix=1&adurl=
Frame ID: 4F3DE6A1105932C65960C0DAC01FA640
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRDbz2Z4wTIyhOijReRc9vVNZw7pyqd7b3n_CBT2V6vMnEdlqMDW-XOaMt4KHhGxG0shlGKNYdxmJgsDmIydryNhtpNlL414TLo9kWkT1Q-mSTdAGFkO0WuBDFsAnpqNUbY8q7odzeDnR_Zn-SfmFI8kz50iHhxscMD0gHDhXz5tWEcM6ONl5kHcXm6eW1PQZmof5ErGJoqfKdFQ6EIsSAwH98QSZSi0f1KLuAUMkJlVWXn1JPLsQDuZi5xW-s21atWMQZuoLV&sig=Cg0ArKJSzGHbc0p5P3zjEAE&urlfix=1&adurl=
Frame ID: 3075A11FCD5C8CD1FEF4145708504AAD
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIvzLXbN_PWzWVPVDgG8x7fUEXUiKQWLKRsRVChPM2Fn4WrqU1P-MzRx9QOaf0UpP-aMDFdhInjFBP2OiE_LCkY-pRuwHnPZ7Tq5NIuKKuLG1q7n3hlixq4aHICpZYvsb8ezMfQFH76_Lg5cmR_XyFcfwrpU7cHifnNzAwpiEKnIaUMJQ_Bo_PbIwV3glsyy1HXgdeAMbnZpuI-F60iN7BNI7DCuaz-GFE12D06lLZz8gVOldISiuLSn70KnD3aCYYZKw&sig=Cg0ArKJSzHr0myPoJfwSEAE&urlfix=1&adurl=
Frame ID: CAEB8AE04297742C49E26C8DC1576469
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaKFfJbwmSZ6_59j9nODBKW9jdwaskYMP3W6vuG3_PprgoybqO2FIwtGGJbDfj31e_MZR0679OOR6NtUjrOAkO5BfvP2ZYgYYR2McDBCIEYSs3UY5wgv_VoTSgknco4vcPDoExFto7hLMAI5uGJVwl0YOYrUuJfQwEtVMzHb1dUExoqGvZAPK1SVIy9UQQOxivFSBk66d-LpPZ3S-eVi1vHogMhNQm2wyMV3TuUnu4FWEz1jjovn11JSRPVMmKTo7grLo&sig=Cg0ArKJSzFW2wLV7aypaEAE&urlfix=1&adurl=
Frame ID: 57E73E2E32C1EE8DF3AC21A62DBA422D
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkEtGiquCL6sYUmpSBybLbmZwWIbeae3xERFQjNRGMZbc3O0b2jB6g4AUFuyT-psE-HuyKSeJSJL3jLvtn0iJXlAqAnGcTLqCJ8Jg9zmbT0GEsGpQZmopKPZ3IB27ZhhOfwUMQi2lLIC2r9ff8v0UkZ-EVuCurCUnIl6gd89InbpBzoaXDXIh9keGpaBmBv1y4o0WnWR3lUng0bdAixz_NPqp9OGbHt-AY7CR-YnIEyuuetnqipiniiM8E7YC5TtPTYjEWIu0I&sig=Cg0ArKJSzD-rGvsevFONEAE&urlfix=1&adurl=
Frame ID: 8905E2C96A4D6FC3BDE5C2F67FA22934
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKb7Fy3423z9nhSVnJN1NxigQZzlEjJQiKcEQTgjKnWyp4Dh9P6zNudMH_pYcGrP03bUvc2YfaNOs1Jam2WYjV7odobBTE4Nf3w_sz8tx7uSENDeSCp6vpRAWlBlpYy-RjJhWq7swNEMKn081vJGvsDvT_DorXO6OIcXIbNMQcVVFAOdRrewUWHBbzETSRdVDF8szdQutLD3UFki4L07GSzZjKFObYpHt-AqWCNgOkRMWGEJayg_ixTI9VH99eoUqggJk&sig=Cg0ArKJSzNVHx3ZoRFeaEAE&urlfix=1&adurl=
Frame ID: 9807D9CEE7D136CEF4C779CD21527B2D
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbOGWRLrj6teRRvdKJ9mjgzNp6FJ7KUKCisD71ItKi_TivRKkvg0Tzshx69KJz3QQR4RiQ7QHZwvoUNTxNbNHx-Jbe5gpzzyGY4l8aupbcNb9sQ6tuyPr3l4vERY9p0Nj0QU7O_zL9F9FVbQuG74DDCTshzIjM4PRQQJARbwQqBoqSVUD2BYQ28bH1vyXCJeGwrgeoSFNdj01ZXNQuZTeydlNP1v_Y2S151nveIGsBehDSZV9_xrXI1b4955tkhw15GmB9GXkY&sig=Cg0ArKJSzI9X4ACcQkinEAE&urlfix=1&adurl=
Frame ID: 8EAE8B24A0F547A868DAB7D89B554914
Requests: 19 HTTP requests in this frame

Frame: https://widget.perfectmarket.com/opt/tboptevent.html?v=2&a=u&d=%7B%22stp%22%3A%7B%22v%22%3A1%7D%7D
Frame ID: DADC1075813A611F9857E89D4514A2EE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: C122953913EDDD16EC2636422E347446
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js
Frame ID: 93BD77E0A2081C91AA84F5F0DC05C744
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190911/r20190131/zrt_lookup.html
Frame ID: 333D9784925B208BBEC23E23FE944F43
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: A459E18670825086C4E673771CA43CF4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js
Frame ID: 71AB927080C10C070E81B5E2B6BD78AF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: A4DBACF0CD0C2AA991B6AE15220BB37C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js?cache=bust
Frame ID: 4D4A9B317880FFD3D3BF11A99FD6298C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: D8C98B664EB497889054D86D25845E52
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js
Frame ID: 9B72284CD32012E8CE2E3EBB981445C1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: CADBE0B8AC171DF675E743D0FC7623AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1991679624331369&output=html&h=90&slotname=3084619100&adk=2606246846&adf=3677162154&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&ea=0&flash=0&wgl=1&dt=1568342626964&bpp=38&bdt=516&fdt=304&idt=305&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4591683405755&frm=23&ife=5&pv=2&ga_vid=683431924.1568342626&ga_sid=1568342627&ga_hid=762429058&ga_fc=0&iag=3&icsg=10600&nhd=1&dssz=22&mdo=0&mso=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=393&biw=1585&bih=1200&isw=728&ish=90&ifk=3455273320&scr_x=0&scr_y=0&eid=21060548%2C21064506&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=4066913089&ifi=1&uci=1.f6mwf7l1i49y&fsb=1&dtd=324
Frame ID: 79C7E46ACE8BA81B65B6C66D3719A601
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1991679624331369&output=html&h=250&slotname=8385808081&adk=418362401&adf=3677162153&w=300&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&ea=0&flash=0&wgl=1&dt=1568342627005&bpp=17&bdt=547&fdt=301&idt=301&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4591683405755&frm=23&ife=5&pv=1&ga_vid=683431924.1568342626&ga_sid=1568342627&ga_hid=2041868166&ga_fc=0&iag=3&icsg=10600&nhd=1&dssz=22&mdo=0&mso=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1043&ady=513&biw=1585&bih=1200&isw=300&ish=250&ifk=2236649575&scr_x=0&scr_y=0&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=3832671437&ifi=1&uci=1.c4f1wy5xp0kw&fsb=1&dtd=306
Frame ID: 857523BB0AC87A197D042E56F48247A6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1991679624331369&output=html&h=250&slotname=8385808081&adk=418362401&adf=2269224024&w=300&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&ea=0&flash=0&wgl=1&dt=1568342627023&bpp=15&bdt=512&fdt=299&idt=299&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4591683405755&frm=23&ife=5&pv=1&ga_vid=683431924.1568342626&ga_sid=1568342627&ga_hid=983154670&ga_fc=0&iag=3&icsg=10600&nhd=1&dssz=22&mdo=0&mso=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1043&ady=1473&biw=1585&bih=1200&isw=300&ish=250&ifk=3689125805&scr_x=0&scr_y=0&eid=20040008&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=3832671437&ifi=1&uci=1.1n89if653jet&fsb=1&dtd=311
Frame ID: 98F5E3A862E77391C269FF3A00D376EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1991679624331369&output=html&h=90&slotname=3084619100&adk=2606246846&adf=2269224029&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&ea=0&flash=0&wgl=1&dt=1568342627039&bpp=23&bdt=507&fdt=324&idt=324&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4591683405755&frm=23&ife=5&pv=1&ga_vid=683431924.1568342626&ga_sid=1568342627&ga_hid=1681919322&ga_fc=0&iag=3&icsg=10600&nhd=1&dssz=22&mdo=0&mso=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=6640&biw=1585&bih=1200&isw=728&ish=90&ifk=2200508717&scr_x=0&scr_y=0&eid=21064381&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=4066913089&ifi=1&uci=1.g08yl44mf2zl&fsb=1&dtd=332
Frame ID: 0C8253E4EE70CCEB3891636A930763FD
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKkLvfxkZl5SyeUTKhIvpm_i0yKIUZocatMGGUm91-9D9hc5ddNBaD6Rm1HQ7xWX7y7xk6U40T_1YQUy6Xwqm577mztS9y7I4euzJa2-LiLgqJfUzhk3FQsCImYGOwirpv41qcQjvE5Yf0GPfU2SoJjBK7LINFqzuNuE0qaQE0FIucyoNk_b7fLD41rUjl9s3YCQr7Gnq_ZCk4PMsLgSCnQCfbmXvEdjEJU7TCk97k1mPfKrDFqa1IPaeDhzCUyWSDT3Nt0t6c&sig=Cg0ArKJSzFn5V3ELZaB9EAE&urlfix=1&adurl=
Frame ID: 704DD930608958D2138E38988F9E024E
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvN3AmlvnkB87OyN8Pe2NwH5Q3glGkC2DMiBXKMpeIGyQexmFRKFCgCOOn_Ms2hSM1CFyUxjRlt9MQHDrNIBfvS2VKdRd2NEsmRlBh9ohoQ8VpIyR8_t9BYUJLLTH6hIOhAh7Jfiz9iBgd6vg0c74rCHqtjPfKkylU91cTK4qFGygJU6qMFCgEbrfbCKw4Y-HNurMxlMKvyfL6JhEJ2Wnp-Envd6Axtc4n0GH69skGMuklh_kFJzXflDzErh83el5E5c8-rAoap&sig=Cg0ArKJSzBx0YKhZVAsUEAE&urlfix=1&adurl=
Frame ID: 50B4BE7C252E2E54B6A3C060DDCA92AF
Requests: 3 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/lightbox_builder.js?cb=637039077227986622
Frame ID: A279EB7A771FBC5AA1D73BBEFE773941
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-lea... HTTP 307
https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-lea... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:^[^\/]*\/\/[^\/]*viglink\.com\/api\/|vglnk\.js)/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

372
Requests

99 %
HTTPS

33 %
IPv6

55
Domains

83
Subdomains

60
IPs

6
Countries

5613 kB
Transfer

16247 kB
Size

30
Cookies

47 Outgoing links

These are links going to different origins than the main page.

URL: http://www.zdnet.com.cn/
Title: ZDNet China

Search URL Search Domain Scan URL

URL: http://www.zdnet.fr/
Title: ZDNet France

Search URL Search Domain Scan URL

URL: http://www.zdnet.de/
Title: ZDNet Germany

Search URL Search Domain Scan URL

URL: http://www.zdnet.co.kr/
Title: ZDNet Korea

Search URL Search Domain Scan URL

URL: http://japan.zdnet.com/
Title: ZDNet Japan

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/resource-library/whitepapers/
Title: White Papers

Search URL Search Domain Scan URL

URL: https://downloads.zdnet.com/
Title: Downloads

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/forums/
Title: TechRepublic Forums

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/resource-library/whitepapers/10-dangerous-app-vulnerabilities-to-watch-out-for-free-pdf/?ftag=CMG-01-10aaa1b
Title: 10 dangerous app vulnerabilities to watch out for (free PDF)

Search URL Search Domain Scan URL

URL: https://simjacker.com/
Title: in a report released today

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/SIM_Application_Toolkit
Title: SIM Toolkit (STK)

Search URL Search Domain Scan URL

URL: https://www.pcworld.com/article/246528/remote_sms_attack_can_force_mobile_phones_to_send_premiumrate_text_messages.html
Title: 1

Search URL Search Domain Scan URL

URL: http://blog.m-sec.net/2011/sim-toolkit-attack/
Title: 2

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=IoP-L6jSEcU
Title: How AI is used for facial recognition in surveillance cameras (ZDNet YouTube)

Search URL Search Domain Scan URL

URL: https://www.cnet.com/news/the-best-diy-home-security-systems-of-2019/?ftag=CMG-01-10aaa1b
Title: The best DIY home security systems of 2019 (CNET)

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/article/how-to-prevent-a-corporate-account-takeover/?ftag=CMG-01-10aaa1b
Title: How to prevent a Corporate Account Takeover (TechRepublic)

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=cbsinteractive-zdnet&utm_medium=referral&utm_content=alternating-thumbnails-a:ZDNETarticleDesktop/Tablet-Below%20Article%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://trf.greatviews.de/cl?m315=c&q=UuUhGp3Jm7uQbNkxXx5Lkkjg&pscode=01_100_42648_1020_2187_0007_00_AFsite_cbsinteractive-zdnet_cid_209251377ID_GV00ID
Title: Parship

Search URL Search Domain Scan URL

URL: http://t1.tkzio.com/79486565-9dc3-4cb9-a5d2-386e839879ee?site=cbsinteractive-zdnet&title=So+viel+sollte+ein+neues+H%C3%B6rger%C3%A4t+wirklich+kosten&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa037148b1ca3de50f4e272c9c54ba82d.png&campaign=DE_HearTech_Desktop_V1&utm_content=274742312&conversionname=HearingAidConversion&click_id=CjA1NWYxMzVhMi0zYTNlLTRlNjMtYTUzZi1iYzA0NDAzNDI0MDctdHVjdDQ3NDg3ZTMSGDZobWVkaWFnbWJoLXJlZmluYW5jZS1zYw
Title: HearTech

Search URL Search Domain Scan URL

URL: https://om.elvenar.com/ox/de/?ref=tab_de_dach&&external_param=41267791&pid=cbsinteractive-zdnet&bid=41267791
Title: Elvenar - Free Online Game

Search URL Search Domain Scan URL

URL: https://sarawaktourism.com/story/bizarre-wildlife-found-in-the-jungles-of-exotic-borneo/?utm_source=taboola&utm_medium=nativead&utm_campaign=vsc
Title: Sarawak Tourism

Search URL Search Domain Scan URL

URL: https://www.mdm.de/dop?sku=G_1429070113_1429080112_1429090111&wk=1832490&campaign=Dis/taboola/nkg&utm_source=taboola&utm_medium=display&utm_campaign=nkg&utm_source=taboola&utm_medium=referral
Title: MDM Deutsche Münze

Search URL Search Domain Scan URL

URL: https://marketing.net.brillen.de/ts/i4861472/tsc?amc=dis.brillende.44231.353452.134590.desktop_cid=1631708_aid=142655990&smc5=CjA1NWYxMzVhMi0zYTNlLTRlNjMtYTUzZi1iYzA0NDAzNDI0MDctdHVjdDQ3NDg3ZTMSDGJyaWxsZW5kZS1zYw&tst=!!TIMESTAMP!!
Title: brillen.de

Search URL Search Domain Scan URL

URL: https://www.aroundhome.de/immobilienverkauf/gruender/?utm_content=20190813_hausverkauf_rm_tv&prid=566&plmt=cbsinteractive-zdnet&utm_term=1039694&click_id=CjA1NWYxMzVhMi0zYTNlLTRlNjMtYTUzZi1iYzA0NDAzNDI0MDctdHVjdDQ3NDg3ZTMSH2Fyb3VuZGhvbWUtaW1tb2JpbGllbnZlcmthdWYtc2M&meco=de&utm_medium=dis_pn&utm_source=taboola&utm_campaign=immobilienverkauf-taboola-desktop-180619%7C566-dis_pn-de-5
Title: Aroundhome

Search URL Search Domain Scan URL

URL: https://www.gruener-fisher.de/anfrage-immobilienstudie-blase.html?gfi=TABRON1EI5AE05VYDNXX&utm_source=Taboola&utm_medium=referral&utm_campaign=RON_Desktop_RE&utm_term=cbsinteractive-zdnet&utm_content=Immobilienblase%3F+5+Signale%2C+die+jeder+Investor+kennen+muss.
Title: Grüner Fisher Investments eBook

Search URL Search Domain Scan URL

URL: http://cbsi.force.com/CBSi/zdnetcommunityfaq
Title: Community Guidelines

Search URL Search Domain Scan URL

URL: http://www.cbsinteractive.com/legal/cbsi/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://cbsi.secure.force.com/CBSi/articles/FAQ/Privacy-Policy?categories=CBS_Interactive%3AmPrivacy&template=template_mobilePrivacy&referer=mobileprivacy.com&data=&cfs=default
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://cbsi.secure.force.com/CBSi/articles/FAQ/mThird-Party-Social-Networking-Services?template=template_mobilepp&referer=mobilepp.com&data=&cfs=default
Title: Video Services Policy

Search URL Search Domain Scan URL

URL: https://cbslnk.cbsileads.com/redir?edition=en&ursuid=&devicetype=desktop&pagetype=article&assettitle=simjacker+attack+exploited+in+the+wild+to+track+users+for+at+least+two+years&assettype=content_article&topicguid=&viewguid=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&docid=33165532&promo=2150&ftag_cd=LGN22ef1e6&spotname=right-rail&destUrl=https%3A%2F%2Fwww.techrepublic.com%2Fresource-library%2Fwhitepapers%2Fthe-4-benefits-of-vpn-elimination%2F%3Fpromo%3D2150%26ftag%3DLGN22ef1e6%26cval%3Dright-rail%26source%3Dzdnet&ctag=medc-right-rail&siteId=2&rsid=cnetzdnetglobalsite&sl=en&sc=eu&assetguid=81519379-5999-445f-9b22-a4fd17b255ab&q=&cval=33165532;2150&ttag=&bhid=
Title: The 4 Benefits of VPN Elimination

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/resource-library/company/akamai/
Title: Akamai

Search URL Search Domain Scan URL

URL: https://cbslnk.cbsileads.com/redir?edition=en&ursuid=&devicetype=desktop&pagetype=article&assettitle=simjacker+attack+exploited+in+the+wild+to+track+users+for+at+least+two+years&assettype=content_article&topicguid=&viewguid=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&docid=33165277&promo=2150&ftag_cd=LGN22ef1e6&spotname=right-rail&destUrl=https%3A%2F%2Fwww.techrepublic.com%2Fresource-library%2Fwhitepapers%2Fmidterm-elections-2018-how-7-states-are-fighting-cybersecurity-threats-from-russia-and-other-attackers-free-pdf%2F%3Fpromo%3D2150%26ftag%3DLGN22ef1e6%26cval%3Dright-rail%26source%3Dzdnet&ctag=medc-right-rail&siteId=2&rsid=cnetzdnetglobalsite&sl=en&sc=eu&assetguid=81519379-5999-445f-9b22-a4fd17b255ab&q=&cval=33165277;2150&ttag=&bhid=
Title: Midterm elections 2018: How 7 states are fighting cybersecurity threats from Russia and other attackers (free PDF)

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/resource-library/company/techrepublic/
Title: TechRepublic

Search URL Search Domain Scan URL

URL: https://cbslnk.cbsileads.com/redir?edition=en&ursuid=&devicetype=desktop&pagetype=article&assettitle=simjacker+attack+exploited+in+the+wild+to+track+users+for+at+least+two+years&assettype=content_article&topicguid=&viewguid=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&docid=33167549&promo=2150&ftag_cd=LGN22ef1e6&spotname=right-rail&destUrl=https%3A%2F%2Fwww.techrepublic.com%2Fresource-library%2Fwhitepapers%2Fa-guide-for-customer-identity-and-access-management-build-vs-buy%2F%3Fpromo%3D2150%26ftag%3DLGN22ef1e6%26cval%3Dright-rail%26source%3Dzdnet&ctag=medc-right-rail&siteId=2&rsid=cnetzdnetglobalsite&sl=en&sc=eu&assetguid=81519379-5999-445f-9b22-a4fd17b255ab&q=&cval=33167549;2150&ttag=&bhid=
Title: A Guide for Customer Identity and Access Management - Build vs. Buy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/ZDNet/5953112932
Title:

Search URL Search Domain Scan URL

URL: http://twitter.com/zdnet
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/zdnet-com
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCr9QWb5RKLfaunjKHJZAdQQ
Title:

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/cookies
Title: Cookies

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/adchoice
Title: Ad Choice

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/eula
Title: Mobile User Agreement

Search URL Search Domain Scan URL

URL: http://narratives.zdnet.com/
Title: Sponsored Narratives

Search URL Search Domain Scan URL

URL: https://cbsi.secure.force.com/CBSi/knowledgehome?referer=zdnet.com
Title: Site Assistance

Search URL Search Domain Scan URL

URL: https://academy.zdnet.com/
Title: ZDNet Academy

Search URL Search Domain Scan URL

URL: https://www.cbsinteractive.com/legal/cbsi/privacy-policy/cookies-and-beacons
Title: cookie policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/ HTTP 307
https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://tags.bluekai.com/site/20486?limit=0&id=5978151496924874953&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=5978151496924874953%26eid=50056 HTTP 302
https://ml314.com/csync.ashx?fp=CFdRvx9999O7D7%2B5&person_id=5978151496924874953&eid=50056

Request Chain 82

https://idsync.rlcdn.com/395886.gif?partner_uid=5978151496924874953 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTNTk3ODE1MTQ5NjkyNDg3NDk1MxAAGg0I4ITs6wUSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=64c0e48ef5250cf8ad4cf1b8944bad1fd51a58c8c6fc2557e91ba856ce6b7df7f4cb09cee1a4f8eb&person_id=5978151496924874953&eid=50082

Request Chain 83

https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151496924874953%26eid=50220 HTTP 302
https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151496924874953%26eid=50220&mm_bnc&mm_bct&UUID=4d4a5d7a-fa49-4b00-bb74-bcba35b3816e HTTP 302
https://ml314.com/csync.ashx?fp=4d4a5d7a-fa49-4b00-bb74-bcba35b3816e&person_id=5978151496924874953&eid=50220

Request Chain 84

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151496924874953 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151496924874953 HTTP 302
https://ml314.com/csync.ashx?fp=58b9d6588b3c171ce28e3ba62fd75c42&eid=50146&person_id=5978151496924874953

Request Chain 85

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2BISm-B4LbrRc6DcegwkzflSPxALXnFvwyqXnfjt-pkI&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil HTTP 302
https://ml314.com/csync.ashx?fp=2BISm-B4LbrRc6DcegwkzflSPxALXnFvwyqXnfjt-pkI&person_id=5978151496924874953&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil HTTP 302
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil

Request Chain 86

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=5978151496924874953&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=5978151496924874953&redir=

Request Chain 110

https://pixel.everesttech.net/4083/gr?ev_gb=0&url=https%3A%2F%2Fwww.everestjs.net%2Fstatic%2Fpixel_details.html%23google%3D__EFGCK__%26gsurfer%3D__EFGSURFER__%26optout%3D__EFOPTOUT__%26throttleCookie%3D__EFSYNC__%26time%3D__EFTIME__ HTTP 302
https://www.everestjs.net/static/pixel_details.html

Request Chain 135

https://cm.everesttech.net/cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WFhzQ1lRQUFCWWMxRVRuQA HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESEKz2RpwjgIlLoQrA0GOtDXI&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 137

https://sb.scorecardresearch.com/b?c1=2&c2=3005086&ns__t=1568342625823&ns_c=UTF-8&c8=Simjacker%20attack%20exploited%20in%20the%20wild%20to%20track%20users%20for%20at%20least%20two%20years%20%7C%20ZDNet&c7=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005086&ns__t=1568342625823&ns_c=UTF-8&c8=Simjacker%20attack%20exploited%20in%20the%20wild%20to%20track%20users%20for%20at%20least%20two%20years%20%7C%20ZDNet&c7=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&c9=

Request Chain 141

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-304254h&cg=0&cc=1&si=https%3A//www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/&rp=&ts=compact&rnd=1568342625827 HTTP 302
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-304254h&cg=0&cc=1&si=https%3A//www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/&rp=&ts=compact&rnd=1568342625827&ja=1

Request Chain 161

https://www.googleadservices.com/pagead/conversion/1036174608/?label=pXjaCJ6m6gcQkIqL7gM&guid=ON&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036174608/?label=pXjaCJ6m6gcQkIqL7gM&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=YgJ7XZuwDdSBgQeaz7egDg&random=2088525817&sscte=1&crd=&gtd= HTTP 302
https://www.google.com/pagead/1p-user-list/1036174608/?label=pXjaCJ6m6gcQkIqL7gM&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2088525817&crd=&is_vtc=1&random=2241193360 HTTP 302
https://www.google.de/pagead/1p-user-list/1036174608/?label=pXjaCJ6m6gcQkIqL7gM&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2088525817&crd=&is_vtc=1&random=2241193360&ipr=y

Request Chain 363

https://tags.bluekai.com/site/20486?limit=0&id=5978151496927227932&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=5978151496927227932%26eid=50056 HTTP 302
https://ml314.com/csync.ashx?fp=shH4%2Fy9999OMD7%2B5&person_id=5978151496927227932&eid=50056

Request Chain 364

https://idsync.rlcdn.com/395886.gif?partner_uid=5978151496927227932 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTNTk3ODE1MTQ5NjkyNzIyNzkzMhAAGg0I5YTs6wUSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=&person_id=5978151496927227932&eid=50082

Request Chain 365

https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151496927227932%26eid=50220 HTTP 302
https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151496927227932%26eid=50220&mm_bnc&mm_bct&UUID=58ac5d7a-f9c1-4d00-9671-5a916a29a550 HTTP 302
https://ml314.com/csync.ashx?fp=58ac5d7a-f9c1-4d00-9671-5a916a29a550&person_id=5978151496927227932&eid=50220

Request Chain 366

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151496927227932 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151496927227932 HTTP 302
https://ml314.com/csync.ashx?fp=58b9d6588b3c171ce28e3ba62fd75c42&eid=50146&person_id=5978151496927227932

Request Chain 367

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=24o83Qynrw-4q4BdY0t_YBkpFbHRpAm7O6wAFNZD08dw&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil HTTP 302
https://ml314.com/csync.ashx?fp=24o83Qynrw-4q4BdY0t_YBkpFbHRpAm7O6wAFNZD08dw&person_id=5978151496927227932&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil HTTP 302
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil

372 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Redirect Chain

http://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

473 KB
110 KB

170ms
151ms

Document
text/html

2.18.233.143
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.143 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a2-18-233-143.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

2b4961c0dc85fd990d071d7cbd27dcdee4f0912a14bc9a2af5df2f06eb56d95d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.zdnet.com
:scheme: https
:path: /article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: nginx
cache-control: max-age=5400, private
x-tx-id: 6694676a-9e11-436f-92bb-92dc9948328c
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
expires: Fri, 13 Sep 2019 03:08:39 GMT
last-modified: Fri, 13 Sep 2019 01:38:39 GMT
content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://www.zdnet.com
content-type: text/html; charset=UTF-8
content-encoding: gzip
accept-ranges: bytes
content-length: 111263
date: Fri, 13 Sep 2019 02:43:43 GMT
set-cookie: fly_device=desktop; expires=Fri, 20-Sep-2019 02:43:43 GMT; path=/; domain=.zdnet.com; secure fly_geo={"countryCode": "de"}; expires=Fri, 20-Sep-2019 02:43:43 GMT; path=/; domain=.zdnet.com; secure fly_preferred_edition=eu; path=/; domain=.zdnet.com; secure fly_default_edition=eu; path=/; domain=.zdnet.com; secure
vary: Accept-Encoding, User-Agent
strict-transport-security: max-age=63072000; includeSubDomains; preload

Redirect headers

Location: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Non-Authoritative-Reason: HSTS

GET
H2 200 main-a8666d73c7-rev.css
zdnet1.cbsistatic.com/fly/1802-fly/css/core/ 357 KB
65 KB 33ms
6ms Stylesheet
text/css 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/1802-fly/css/core/main-a8666d73c7-rev.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

1186c32d6e1164efd9ca97ef49c4e2bd0eff1c61d650bac38c3bc7d01d2b8c72

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58403
status: 200
vary: Accept-Encoding
content-length: 65687
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Sep 2019 10:22:12 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7a1c54-592bc"
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2019 10:30:19 GMT

GET
H2 200 controls-8011bb0799-rev.css
zdnet2.cbsistatic.com/fly/css/video/htmlPlayerControls/ 41 KB
7 KB 35ms
6ms Stylesheet
text/css 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/css/video/htmlPlayerControls/controls-8011bb0799-rev.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a1dc62195a78ed0cfecd916f04549f453c13a90f6d8d67dfc1ce2195ccb20e33

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58403
status: 200
vary: Accept-Encoding
content-length: 6556
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Sep 2019 10:22:25 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7a1c61-a561"
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2019 10:30:19 GMT

GET
H2 200 catalin-cimpanu.jpg
zdnet3.cbsistatic.com/hub/i/r/2018/08/21/a59867e9-8d75-40af-a87c-690638f8afa4/thumbnail/40x40/e9e4d21a35e101b1402c656cf979114c/ 910 B
1 KB 31ms
6ms Image
image/jpeg 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2018/08/21/a59867e9-8d75-40af-a87c-690638f8afa4/thumbnail/40x40/e9e4d21a35e101b1402c656cf979114c/catalin-cimpanu.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ba2fa15976662b87f31dccdd53d415b927f2118760fdafc4ac21dd2c1b234ff3

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
x-content-type-options: nosniff
age: 5042052
status: 200
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 910
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Sep 2018 02:32:23 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jul 2020 18:08:02 GMT

GET
H2 200 simjacker-attack.png
zdnet4.cbsistatic.com/hub/i/2019/09/12/729cfdfd-7784-460e-a37e-054d376095a0/6853500b875d4b32ff8d3ec96dbcb76f/ 28 KB
29 KB 26ms
6ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/2019/09/12/729cfdfd-7784-460e-a37e-054d376095a0/6853500b875d4b32ff8d3ec96dbcb76f/simjacker-attack.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0c12cb658ae34dbdf2e5e849a56b76b6c7713689e2604cc310e426610f58cec9

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47576
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 28900
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "169365fcecf3129b71419171602664ff"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 01-verizon.png
zdnet4.cbsistatic.com/hub/i/r/2019/06/19/6cc9e67e-fde8-4a57-93bc-12578fac2750/thumbnail/170x128/2959174e2a6917b3d1e8639c57708fd2/ 15 KB
15 KB 7ms
7ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/06/19/6cc9e67e-fde8-4a57-93bc-12578fac2750/thumbnail/170x128/2959174e2a6917b3d1e8639c57708fd2/01-verizon.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

9c9976c3979def37b27a2bad7ae40a18493dd4ebcc8025b3561f9684e049c283

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274998
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 15286
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "cbb35954885076becb80ddc715b63713"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 02-uber.png
zdnet3.cbsistatic.com/hub/i/r/2019/06/19/3484f3b8-ec48-44fe-9969-a677f26bd931/thumbnail/170x128/4ef46d2fb14757836fceeb4f522dbc6a/ 13 KB
12 KB 6ms
6ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2019/06/19/3484f3b8-ec48-44fe-9969-a677f26bd931/thumbnail/170x128/4ef46d2fb14757836fceeb4f522dbc6a/02-uber.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0ab2fa9fb2d0de3bb97b0b5a23c0bfc001d31593fe74c242571c9ba5c2b376ae

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4174691
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 12595
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "73d4d7b15bfefa13c4a035fa16bb99ed"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 03-paypal.png
zdnet3.cbsistatic.com/hub/i/r/2019/06/20/f60c36f5-305c-4265-a49d-7018d9b99531/thumbnail/170x128/1e3bc22b865e697cb0e63b136161cc1f/ 11 KB
11 KB 11ms
7ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2019/06/20/f60c36f5-305c-4265-a49d-7018d9b99531/thumbnail/170x128/1e3bc22b865e697cb0e63b136161cc1f/03-paypal.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

c1528ade9fc17bdb868a4529c2c54731789ad1f5c4457a54695bad196c66737f

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4168402
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 10838
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "0d2f28fbfb3c845930a1cba0672950b1"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 04-shopify.png
zdnet4.cbsistatic.com/hub/i/r/2019/06/20/2216eae5-b19f-4fe1-be3f-1e30c22b23ad/thumbnail/170x128/336a06f126e017c3d77a88699f013d77/ 11 KB
11 KB 31ms
27ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/06/20/2216eae5-b19f-4fe1-be3f-1e30c22b23ad/thumbnail/170x128/336a06f126e017c3d77a88699f013d77/04-shopify.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

da4cf718493f202a897e5c45d8fab79f2c58f699cfcac05c1eae987e0739a83c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1983931
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 11148
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "9f1d5659d5880fb427f6e04ae500fc25"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 05-twitter.png
zdnet2.cbsistatic.com/hub/i/r/2019/06/20/ae7f1b32-6d7b-4037-bf75-1d5a4ce97fb0/thumbnail/170x128/5ffd04c1128486d78dffa8204fec5568/ 11 KB
11 KB 11ms
8ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2019/06/20/ae7f1b32-6d7b-4037-bf75-1d5a4ce97fb0/thumbnail/170x128/5ffd04c1128486d78dffa8204fec5568/05-twitter.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

7798765928be995a2248ee8a346670e6da510bee8cdad6e357dd3b5fc6677f5c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4166958
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 10846
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "daecf755df5b1d637033bb29b319c39a"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 beehive-cropped.jpg
zdnet3.cbsistatic.com/hub/i/r/2019/05/29/0db35423-5b73-4b46-aab4-2df719c8651b/thumbnail/170x128/2c57a00a222943cd16da21b43b853171/ 6 KB
5 KB 11ms
8ms Image
image/jpeg 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2019/05/29/0db35423-5b73-4b46-aab4-2df719c8651b/thumbnail/170x128/2c57a00a222943cd16da21b43b853171/beehive-cropped.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

77cbfc1b6dd1f22f70c6448c0755c40d9203ecf80c617895a9935565981d9b9c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7245
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 5557
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "7d3d5bcad324d3edc08e40738e663554"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 istock-1126779135.jpg
zdnet3.cbsistatic.com/hub/i/r/2019/09/12/ae3d7689-f726-47a3-a065-4bcf86a47de8/thumbnail/170x128/d7e1ad2dbbdba5e7ef42a636ef965963/ 10 KB
9 KB 8ms
5ms Image
image/jpeg 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2019/09/12/ae3d7689-f726-47a3-a065-4bcf86a47de8/thumbnail/170x128/d7e1ad2dbbdba5e7ef42a636ef965963/istock-1126779135.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

fe2255e2e70ac6ef64e3873fb73ed5cd8a957ca7fc00355e041069a904b6f377

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24395
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 9337
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "097fdff1eefae7180f5ec716a83dd3a3"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 msauthenticatorcloudbackup.jpg
zdnet4.cbsistatic.com/hub/i/r/2019/09/12/a2fb9aec-b5f7-4187-9c01-dfcfa6a2452a/thumbnail/170x128/64fe69064e5a171c69ba287419dd68a9/ 4 KB
4 KB 12ms
9ms Image
image/jpeg 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/09/12/a2fb9aec-b5f7-4187-9c01-dfcfa6a2452a/thumbnail/170x128/64fe69064e5a171c69ba287419dd68a9/msauthenticatorcloudbackup.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ab5d41a2e1ab58cb21919cc930f8f4840f44196bff32c1c14962b9ba8f2015f1

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25321
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 4439
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "80c94c09453dfe07681fde78e769353f"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sandboxie.png
zdnet3.cbsistatic.com/hub/i/r/2019/09/12/8206a4a8-191e-4b3c-bd8b-7b0d9bdc1bf1/thumbnail/170x128/c17e684e4a3c8901b42fab28acb5e1e8/ 15 KB
15 KB 22ms
19ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2019/09/12/8206a4a8-191e-4b3c-bd8b-7b0d9bdc1bf1/thumbnail/170x128/c17e684e4a3c8901b42fab28acb5e1e8/sandboxie.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

af7846155cf04065544b824a60dbc66f1adb852b1c120fce18ebab9b1b33c185

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26549
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 15289
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "f02b3153b7cd94c63d06aca54cb1e6e6"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 istock-958122884.jpg
zdnet2.cbsistatic.com/hub/i/r/2019/06/24/8979a44d-c4ff-4b71-98c9-47077920c3d0/thumbnail/170x128/37b1394b3d94e1ba01a50cb76c65755c/ 10 KB
9 KB 12ms
10ms Image
image/jpeg 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2019/06/24/8979a44d-c4ff-4b71-98c9-47077920c3d0/thumbnail/170x128/37b1394b3d94e1ba01a50cb76c65755c/istock-958122884.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

917cf9c26937a1463b36e8f38119a6448c29b5f04c4044e10e6900136a77ec89

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31394
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 9289
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "e64c9ec33f19c7de745bd6b6d1a7a86e"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 screenshot-2019-09-10-at-14-35-47.png
zdnet1.cbsistatic.com/hub/i/r/2019/09/10/e61adeda-14eb-4a1f-80f7-e43430c6c28d/thumbnail/170x128/640dbe74705d0d7591a41acff8673ff2/ 41 KB
41 KB 9ms
7ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2019/09/10/e61adeda-14eb-4a1f-80f7-e43430c6c28d/thumbnail/170x128/640dbe74705d0d7591a41acff8673ff2/screenshot-2019-09-10-at-14-35-47.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a7a95f26e699ec6c560ebffb24aa05d95d1691c07a1222299d65c60f4af96761

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38589
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 41647
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "a7e3a8dde26508f6ace8f51f4634197b"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 screenshot-2019-09-12-at-14-09-12.png
zdnet1.cbsistatic.com/hub/i/r/2019/09/12/cba13830-f8c9-4cc3-a4ba-c44f69e95aa5/thumbnail/170x128/586db8eaa699d459528cf5c5a7d230ef/ 38 KB
38 KB 9ms
6ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2019/09/12/cba13830-f8c9-4cc3-a4ba-c44f69e95aa5/thumbnail/170x128/586db8eaa699d459528cf5c5a7d230ef/screenshot-2019-09-12-at-14-09-12.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

8c774fc6dc04700209e0a86246303eae26279cb59d9e85235d34450db1382aa1

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44274
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 38653
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "9be4d22ce19d25b5e31f97d0a69d7d0a"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 screenshot-2019-09-12-at-11-56-05.png
zdnet4.cbsistatic.com/hub/i/r/2019/09/12/531ebc14-472e-499e-b17d-6445f94ac599/thumbnail/170x128/7d0d68a706be0cbdaa27fea2e2290ed9/ 37 KB
37 KB 11ms
9ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/09/12/531ebc14-472e-499e-b17d-6445f94ac599/thumbnail/170x128/7d0d68a706be0cbdaa27fea2e2290ed9/screenshot-2019-09-12-at-11-56-05.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

8aad7f3a1006ed9a5f1d31bf2eb96de209f5ccecb129a519cf65d7f580b018b1

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51898
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 38152
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "f8f284860cf10ebddfd2e2c31241f9af"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 istock-woman-stressed-out-at-cyberattack.jpg
zdnet1.cbsistatic.com/hub/i/r/2019/06/24/bad9f6d2-babc-448b-b5dd-9144631a0b99/thumbnail/170x128/68a9b6760a9a238626ce495a1355dc6e/ 10 KB
10 KB 28ms
26ms Image
image/jpeg 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2019/06/24/bad9f6d2-babc-448b-b5dd-9144631a0b99/thumbnail/170x128/68a9b6760a9a238626ce495a1355dc6e/istock-woman-stressed-out-at-cyberattack.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

b60d2b6fbd6ad485b5b6e09a49750db86101655632d2b0162c8a2bfcf5328860

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55578
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 10082
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "40c0cefb6fc4c2f2892648f76473bbda"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 require-2.1.2.js Show response
zdnet2.cbsistatic.com/fly/1802-fly/js/libs/ 16 KB
6 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/1802-fly/js/libs/require-2.1.2.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

f96f203f5605c9f56e7f6f97caf6ea84f122872ec3c5ac1f9037a1b508c706ee

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58404
status: 200
vary: Accept-Encoding
content-length: 6305
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Sep 2019 10:22:09 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7a1c51-3f09"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2019 10:30:19 GMT

GET
H2 200 evidon-sitenotice-tag.js Show response
zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/ 69 KB
14 KB 11ms
9ms Script
application/javascript 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/evidon-sitenotice-tag.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

8998e68f9bb1686ca1e03fcf3f0d6ea669c32d1f3554aeea809f1b1824ff6625

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260365
status: 200
vary: Accept-Encoding
content-length: 13960
x-xss-protection: 1; mode=block
last-modified: Mon, 09 Sep 2019 08:42:42 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d761082-1134e"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Sep 2019 02:22:49 GMT

GET
H2 200 country.js Show response
c.evidon.com/geo/ 260 B
431 B 44ms
7ms Script
application/x-javascript 184.30.221.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.30.221.201 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a184-30-221-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f9784f57729f84391b084eed9e944e048f771129d65e9b58f34095fdfba86473

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
content-encoding: gzip
last-modified: Wed, 30 May 2018 22:23:16 GMT
server: Apache
status: 200
etag: "c1e367d098d326049811561575dbda4a:1527718996"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 165

GET
H2 200 snthemes.js Show response
zdnet3.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/ 94 KB
8 KB 13ms
11ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/snthemes.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

39f0e13a96fd029965b5b5fd3504853b6fe6ded07b4dd8862a0e033be626e655

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 492719
status: 200
vary: Accept-Encoding
content-length: 7763
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Sep 2019 14:20:31 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d6fc82f-177f3"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Sep 2019 09:51:44 GMT

GET
H2 200 settings.js Show response
zdnet4.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/ 33 KB
2 KB 8ms
6ms Script
application/javascript 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/settings.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ad7ed17bf4c8d9dd2511e7254670822d0f90c8fb89187f860cfbcb91821abc84

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174072
status: 200
vary: Accept-Encoding
content-length: 1669
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Sep 2019 14:04:37 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d77ad75-828e"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Sep 2019 02:22:30 GMT

GET
DATA 200
OK truncated
/ 917 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 mag-white01.png
zdnet4.cbsistatic.com/fly/1568283574-fly/bundles/zdnetcss/images/core/ 1 KB
1 KB 14ms
5ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/fly/1568283574-fly/bundles/zdnetcss/images/core/mag-white01.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://zdnet1.cbsistatic.com/fly/1802-fly/css/core/main-a8666d73c7-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58538
status: 200
vary: Accept-Encoding
content-length: 936
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Sep 2019 18:15:26 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7939be-4f1"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2019 10:26:33 GMT

GET
H2 200 Raleway-Bold.woff2
zdnet1.cbsistatic.com/bundles/zdnetcss/fonts/raleway/ 51 KB
51 KB 27ms
6ms Font
application/octet-stream 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/bundles/zdnetcss/fonts/raleway/Raleway-Bold.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

9db8bd3e641dc88d54edf476a148e75e29b4e8ccd040cb340404d557578dcfbd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://zdnet1.cbsistatic.com/fly/1802-fly/css/core/main-a8666d73c7-rev.css
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
x-content-type-options: nosniff
age: 4452692
status: 200
vary: Accept-Encoding
content-length: 52212
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Jul 2019 09:13:41 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d36cfc5-cbf4"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jul 2020 12:03:46 GMT

GET
H2 200 Raleway-Light.woff2
zdnet1.cbsistatic.com/bundles/zdnetcss/fonts/raleway/ 50 KB
51 KB 27ms
6ms Font
application/octet-stream 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/bundles/zdnetcss/fonts/raleway/Raleway-Light.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

6de73873dd441f953668e77030299f082e0f3e6335bf944d88d44978162e6609

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://zdnet1.cbsistatic.com/fly/1802-fly/css/core/main-a8666d73c7-rev.css
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
x-content-type-options: nosniff
age: 5042209
status: 200
vary: Accept-Encoding
content-length: 51608
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Jul 2019 08:38:39 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d2d8d0f-c998"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jul 2020 18:06:51 GMT

GET
H2 200 Raleway-Regular.woff2
zdnet1.cbsistatic.com/bundles/zdnetcss/fonts/raleway/ 50 KB
50 KB 41ms
21ms Font
application/octet-stream 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/bundles/zdnetcss/fonts/raleway/Raleway-Regular.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

66ef1b7581d8ef7b82bfe2ca363a612a479d89b808e2241f68d3e8c75f4f06d4

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://zdnet1.cbsistatic.com/fly/1802-fly/css/core/main-a8666d73c7-rev.css
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
x-content-type-options: nosniff
age: 1202021
status: 200
vary: Accept-Encoding
content-length: 51572
x-xss-protection: 1; mode=block
last-modified: Thu, 29 Aug 2019 19:30:36 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d6827dc-c974"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Aug 2020 04:43:37 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 en.js Show response
zdnet2.cbsistatic.com/fly/js/libs/evidon/translations/ 311 KB
14 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/libs/evidon/translations/en.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/evidon-sitenotice-tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

caab9bbec165591d5214448b624dae44a3cbc575721ba71da2f7130bbbcbc6dc

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 604183
status: 200
vary: Accept-Encoding
content-length: 14353
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Sep 2019 14:23:09 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d6fc8cd-4ddff"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2019 02:49:31 GMT

GET
H2 200 logo.png
zdnet1.cbsistatic.com/fly/1568283574-fly/bundles/zdnetcss/images/core/ 4 KB
4 KB 6ms
5ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/fly/1568283574-fly/bundles/zdnetcss/images/core/logo.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://zdnet1.cbsistatic.com/fly/1802-fly/css/core/main-a8666d73c7-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58538
status: 200
vary: Accept-Encoding
content-length: 4128
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Sep 2019 18:15:26 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7939be-1009"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2019 10:26:33 GMT

GET
H2 200 vendorlist.js Show response
zdnet2.cbsistatic.com/fly/js/libs/evidon/ 113 KB
51 KB 8ms
6ms Script
application/javascript 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/libs/evidon/vendorlist.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/evidon-sitenotice-tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

eb07b53d262575cef96004e2be725ac235db39262e9bb8466a2a9b85cf532aa8

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 601806
status: 200
vary: Accept-Encoding
content-length: 52305
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Sep 2019 14:23:09 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d6fc8cd-1c3b9"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2019 03:33:38 GMT

GET
H2 200 main.default.js Show response
zdnet3.cbsistatic.com/fly/1802-fly/js/ 209 KB
70 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/1802-fly/js/main.default.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1802-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

fbb26cae740a8b9006ec97fef51427770ef98b2ec043928254af38a56d9ae11b

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58403
status: 200
vary: Accept-Encoding
content-length: 70852
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Sep 2019 10:22:11 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7a1c53-343bf"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2019 10:30:21 GMT

GET
H/1.1 200
OK ls-zdnet.js Show response
js-sec.indexww.com/ht/ 85 KB
26 KB 33ms
12ms Script
text/javascript 2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/ls-zdnet.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 57e1e8e64fe95a0acc0822d690633b9450b26919fcedc32958ebcf7d39393181

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:44 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Sep 2019 02:35:52 GMT
Server: Apache
ETag: "da1d49-15269-592661cdcc317"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3327
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 26184
Expires: Fri, 13 Sep 2019 03:39:11 GMT

GET
H/1.1 200
OK YZ2TK-PC7PJ-K64DL-L53CR-P2G4E Show response
c.go-mpulse.net/boomerang/ Frame B1EC 187 KB
55 KB 40ms
23ms Script
application/javascript 104.111.214.229
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.229 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-229.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:44 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Cache-Control: max-age=604800, s-maxage=604800
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Timing-Allow-Origin: *

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 41 KB
13 KB 53ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ce138e490f32cd41276c6425da7421d8c917ed0b90430b1abea775134e30e89b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "277 / 436 of 1000 / last-modified: 1568323759"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 13176
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:44 GMT

GET
H2 200 sfp.js Show response
native.sharethrough.com/assets/ 413 KB
117 KB 143ms
118ms Script
application/javascript 13.35.253.127
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://native.sharethrough.com/assets/sfp.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-127.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c20d204fda0257be992a31867075cd51dbb5428c57e7805ee2fe4a1f08daf500

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 12 Sep 2019 20:53:19 GMT
content-encoding: gzip
last-modified: Thu, 12 Sep 2019 20:31:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=3600
x-amz-cf-id: qA7wSQr5OhcbJaQDlWb8MS2YofKv0RzkVfWsqbz5kkgSXJ6QCISP6w==
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
expires: Thu, 12 Sep 2019 21:31:33 GMT

GET
H2 200 evidon-banner.js Show response
zdnet2.cbsistatic.com/fly/js/libs/evidon/ 8 KB
2 KB 7ms
6ms Script
application/javascript 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/libs/evidon/evidon-banner.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/evidon-sitenotice-tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

c649aaa88ce29f86caa50dc08e1745c9783e049656ff2d5a93ef813b7f0c662a

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14093
status: 200
vary: Accept-Encoding
content-length: 2440
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Sep 2019 10:22:04 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7a1c4c-1faf"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2019 22:40:17 GMT

GET
H2 204 18863
l.betrad.com/site/v3/425/3445/3/1/2/2/ 0
120 B 292ms
97ms Image
text/plain 3.226.5.56
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/site/v3/425/3445/3/1/2/2/18863?consent=1
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.5.56 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-226-5-56.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 200 ;ord=1568342624276
ad.doubleclick.net/ddm/ad/hrmohcvbd/kbsbj/jkuopjndj/ozaoz/vq/ 43 B
491 B 42ms
15ms Image
image/gif 216.58.210.6
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/ad/hrmohcvbd/kbsbj/jkuopjndj/ozaoz/vq/;ord=1568342624276?

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.6 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 urs.js Show response
urs.zdnet.com/sdk/ 50 KB
50 KB 266ms
119ms Script
application/javascript 35.190.38.167
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://urs.zdnet.com/sdk/urs.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1802-fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.38.167 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 167.38.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ffaeeea8b8a09eda9e1eb2f2dc2c9ae055afb7fdbd4d88f57f324f8cad1d4ac5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
via: 1.1 google
last-modified: Thu, 07 Feb 2019 14:05:56 GMT
etag: "5c5c3b44-c7f5"
content-type: application/javascript
status: 200
accept-ranges: bytes
alt-svc: clear
content-length: 51189

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
536 B 94ms
28ms XHR
application/json 46.51.201.190
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184216
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/ls-zdnet.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.201.190 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-46-51-201-190.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: dec2988627e11707df1136d964c33b9106da43631b14be03523ed837c7874bcd

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
x-aspnet-version: 4.0.30319
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zdnet.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sun, 13 Oct 2019 02:43:44 GMT

GET
H2 204 18863
l.betrad.com/site/v3/425/3445/3/4/2/2/ 0
120 B 214ms
97ms Image
text/plain 3.226.5.56
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/site/v3/425/3445/3/4/2/2/18863?consent=1
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.5.56 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-226-5-56.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 200 scrolling-mpu-22779a851e-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 956 B
602 B 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/scrolling-mpu-22779a851e-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1802-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

4d565f67641c732365c3180ec1e37c7a987825faad3e8632de8a07a9101feedd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123758
status: 200
vary: Accept-Encoding
content-length: 491
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Sep 2019 14:07:29 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d77ae21-3bc"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Sep 2019 16:21:06 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
476 B 29ms
14ms Script
application/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
323 B 16ms
15ms Script
application/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019090501.js Show response
securepubads.g.doubleclick.net/gpt/ 159 KB
59 KB 35ms
15ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090501.js?21064570

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

1f948056b50b22854611638a2a293c1f4eb05e9b72c29b2e3f41eefabd789788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Sep 2019 13:05:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 59665
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:44 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 93 KB
19 KB 35ms
9ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1802-fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FC3) /
Resource Hash: 11786d0c519ee1ff5ca0ba0d699539e29b05c7273834da0954b3609025ad8303

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
last-modified: Wed, 04 Sep 2019 18:05:01 GMT
server: ECAcc (frc/8FC3)
etag: "744360132"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
content-length: 19347
expires: Fri, 13 Sep 2019 02:48:44 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame B1EC 2 KB
1 KB 53ms
37ms XHR
application/json 104.111.214.229
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&d=www.zdnet.com&t=5227809&v=1.571.0&if=&sl=0&si=65onb8yai3m-NaN&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,LOGN&acao=
Requested by: Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.229 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-229.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e4a8fcf5063d5f40b9c608a2d93ba2e852b9c3462b71c21ceb7a12f195d47b10

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:44 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 694

GET
H/1.1 200
OK isInternalUser.js Show response
iicbsi-a.akamaihd.net/common/js/esi/ 22 B
272 B 195ms
23ms Script
application/x-javascript 2a01:4a0:1338:28::c38a:ff12
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://iicbsi-a.akamaihd.net/common/js/esi/isInternalUser.js?cb=cbsiInternal
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff12 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0f91e664ba993207337dbd5b1ab9f156c5f579d99d9b2e1315706815deadd0ae

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:44 GMT
Cache-Control: max-age=133080
Server: AkamaiNetStorage
Connection: keep-alive
ETag: "fb25287978f1b619e801f164a2dfd9ea:1473886414"
Content-Length: 22
Content-Type: application/x-javascript

GET
H2 200 vglnk.js Show response
cdn.viglink.com/api/ 78 KB
27 KB 65ms
22ms Script
text/javascript 2606:4700::6810:a00d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viglink.com/api/vglnk.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27a1b8a51741d0473ab2eab70188657fd20d755ba84e0b3e6a51e6f94d7e3a4b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1489731
cf-ray: 5156c67b39d659fa-VIE
status: 200
content-length: 27531
x-amz-id-2: eDK221dk774em4I6DMckLF57cozzz5yxbbsqbNOpYqfEO21OTmL1ZPH68Dxg4rRcOhYmJd75OLE=
last-modified: Mon, 29 Jul 2019 20:54:38 GMT
server: cloudflare
etag: "bdefbb6abea5b94d18f16f50ec3ebaae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: CFF6D417906FF967
cache-control: public, max-age=1800
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 13 Sep 2019 03:13:44 GMT

GET
H2 200 utag.1779.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 3 KB
2 KB 13ms
12ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1779.js?utv=ut4.43.201812051842
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F23) /
Resource Hash: cd5e6512fdbb698425174148dba05f72357a3b1944413f8812c55c4025d3d562

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2016 20:43:57 GMT
server: ECAcc (frc/8F23)
etag: "392561602"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1785
expires: Sat, 28 Sep 2019 02:43:44 GMT

GET
H2 200 utag.1782.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 2 KB
1 KB 9ms
9ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1782.js?utv=ut4.43.201810291720
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F14) /
Resource Hash: 791b7ff5657f9c41e24adaa1f6f5a4dc51046d292b25b01a5a8d152ff4a951ac

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
last-modified: Mon, 29 Oct 2018 17:20:42 GMT
server: ECAcc (frc/8F14)
etag: "3447796852"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1071
expires: Sat, 28 Sep 2019 02:43:44 GMT

GET
H2 200 utag.1787.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 142 KB
48 KB 13ms
12ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1787.js?utv=ut4.43.201909041804
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F9A) /
Resource Hash: 95ec4dea002be118a633dc5070c23358d10e179ad3de44f23ac97578c6971df7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
last-modified: Wed, 04 Sep 2019 18:05:01 GMT
server: ECAcc (frc/8F9A)
etag: "3504427907"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 48569
expires: Sat, 28 Sep 2019 02:43:44 GMT

GET
H2 200 utag.1790.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 2 KB
934 B 27ms
27ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1790.js?utv=ut4.43.201805241512
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F10) /
Resource Hash: 10113bad06fefd5698a45480ffaedd421c6e06f9dbd0d1c772b7128bbea0842d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2016 14:31:10 GMT
server: ECAcc (frc/8F10)
etag: "2267415266"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 872
expires: Sat, 28 Sep 2019 02:43:44 GMT

GET
H2 200 utag.1791.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 2 KB
1 KB 27ms
26ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1791.js?utv=ut4.43.201805241512
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F39) /
Resource Hash: 7eae865fd7c820936603897a072b7ddd77b2c74e8022160fd19792291a63fac8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2016 14:31:10 GMT
server: ECAcc (frc/8F39)
etag: "3334871598"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1196
expires: Sat, 28 Sep 2019 02:43:44 GMT

GET
H2 200 utag.1792.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 4 KB
2 KB 26ms
26ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1792.js?utv=ut4.43.201805241512
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FF4) /
Resource Hash: dabf73474662398f4f686a1b3103542f53384dd6241e6ac13f8ba535c6372aff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
last-modified: Thu, 28 Jul 2016 14:28:47 GMT
server: ECAcc (frc/8FF4)
etag: "2022868805"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1664
expires: Sat, 28 Sep 2019 02:43:44 GMT

GET
H2 200 utag.1797.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 2 KB
969 B 9ms
9ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1797.js?utv=ut4.43.201805241512
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F7F) /
Resource Hash: 3ff065de0d90b0510727a72c173d05652c30967c5e6561dbf1d82fa077cabb22

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
last-modified: Wed, 25 Jan 2017 20:07:58 GMT
server: ECAcc (frc/8F7F)
etag: "1907756232"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 883
expires: Sat, 28 Sep 2019 02:43:44 GMT

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
103 B 23ms
23ms Image
image/gif 2606:4700::6810:a00d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=1&rn=7.515848676534027
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
cf-cache-status: HIT
age: 12
cf-ray: 5156c67b89e559fa-VIE
status: 200
content-length: 43
x-amz-id-2: 7zuEfQ4DpkW+9tJkXi8rP8iettvh+76JESNEiC2oce55OzYsGCX5L7L3JH9FaLiL2fA40c84AC0=
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 17C4A8DE225C39CC
cache-control: max-age=15, must-revalidate
accept-ranges: bytes
content-type: image/gif

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
265 B 22ms
21ms Image
image/gif 2606:4700::6810:a00d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=2&rn=7.515848676534027
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
cf-cache-status: HIT
age: 12
cf-ray: 5156c67b89e659fa-VIE
status: 200
content-length: 43
x-amz-id-2: 7zuEfQ4DpkW+9tJkXi8rP8iettvh+76JESNEiC2oce55OzYsGCX5L7L3JH9FaLiL2fA40c84AC0=
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 17C4A8DE225C39CC
cache-control: max-age=15, must-revalidate
accept-ranges: bytes
content-type: image/gif

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 26 KB
12 KB 127ms
29ms Script
application/javascript 34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?1382019
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1782.js?utv=ut4.43.201810291720
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 390a28be2ca4bcea5b71fe050295281a1a8fc99175690cdd62de378190400acb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Sep 2019 09:24:26 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=24041
Connection: keep-alive
Content-Length: 11933
Expires: Fri, 13 Sep 2019 09:24:26 GMT

GET
H2 200 cbsinteractive.js Show response
tru.am/scripts/custom/ 3 KB
1 KB 262ms
205ms Script
text/javascript 2606:4700:20::6819:a222
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/custom/cbsinteractive.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1797.js?utv=ut4.43.201805241512
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:a222 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 885fb8b9c3d2738bd627def3899f26d4d42641bbb868cc99d1fbc16f0ed9f4c6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: AEnB2UpqwmOoVn183WG-bHMgZOMg7mxr7nz5IjR9ZKUDBRi4Dng6n9IfkC4Rdx407FJusnA2yowcRfLYzERmy3NYuP6Y_Oqimw
x-goog-storage-class: REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Tue, 30 Apr 2019 19:32:26 GMT
server: cloudflare
etag: W/"c486c91d1321adf59073588524182108"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=9gbW7g==, md5=xIbJHRMhrfWQc1iFJBghCA==
x-goog-generation: 1556652746634603
cache-control: public, max-age=86400
x-goog-stored-content-length: 2725
cf-ray: 5156c67be8df5a0c-VIE
expires: Sat, 14 Sep 2019 02:43:44 GMT

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/ Frame 84D8 326 B
547 B 65ms
17ms Script
application/javascript 2606:4700::6810:51a5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/lightbox.js?cb=1568342624561&lv=1
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 77bf6cf55ca271a4182754c87d95727d80838cc8cbf3fd0b4bcb8e7345fc1b4c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 31650
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-ray: 5156c67bede5cbac-VIE

GET
H/1.1 200
OK ds.js Show response
dw.cbsi.com/js/cbsi/ 18 KB
7 KB 501ms
162ms Script
application/javascript 64.30.230.22
CBS Interactive Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://dw.cbsi.com/js/cbsi/ds.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1790.js?utv=ut4.43.201805241512
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.30.230.22 Fremont, United States, ASN6623 (CBSI-1 - CBS Interactive Inc., US),
Reverse DNS: phx2-dw-cbsi-xw-ext-lb.cnet.com
Software: Apache/2.4.25 /
Resource Hash: d696da403b0169c2191d0ec0b0fcdaa85487b21b19fd58f4b1fb5b9edf40b153

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Sep 2017 19:06:40 GMT
Server: Apache/2.4.25
ETag: "1917-55916dc13f000"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200, s-maxage=1800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=80, max=844
Content-Length: 6423
Expires: Fri, 13 Sep 2019 03:13:44 GMT

GET
H/1.1 200
OK st.v3.js Show response
www.everestjs.net/static/ 25 KB
7 KB 46ms
9ms Script
application/x-javascript 184.31.90.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everestjs.net/static/st.v3.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.90.90 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a184-31-90-90.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3624e97a6a4f6fb481369929e579039d00be03b0a2e5d1f5f961c44dfd98940c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Aug 2019 09:05:18 GMT
Server: Apache
ETag: "1ff0663-624a-58fe7d2af0fea"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=66404
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7175
Expires: Fri, 13 Sep 2019 21:10:28 GMT

GET
H/1.1 200
OK anonc.js Show response
dw.cbsi.com/ 73 B
620 B 492ms
163ms Script
application/javascript 64.30.230.22
CBS Interactive Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://dw.cbsi.com/anonc.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1787.js?utv=ut4.43.201909041804
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.30.230.22 Fremont, United States, ASN6623 (CBSI-1 - CBS Interactive Inc., US),
Reverse DNS: phx2-dw-cbsi-xw-ext-lb.cnet.com
Software: Apache/2.4.25 /
Resource Hash: 59a8417809bc205c37696ecd2f9b9c9ef704f24f4537e40c9d9cf8238774e448

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:44 GMT
Server: Apache/2.4.25
Etag: Wx8YkV17AmBjGIEhQk4.1.dw_anonc
P3P: CP="CAO DSP COR CURa ADMa DEVa PSAa PSDa IVAi IVDi CONi OUR OTRi IND PHY ONL UNI FIN COM NAV INT DEM STA"
Cache-control: private, max-age=43200, s-max-age=0
Connection: Keep-Alive
Content-Type: application/javascript
Keep-Alive: timeout=80, max=649
Content-Length: 73
Expires: Mon, 05 Jan 1970 12:12:12 GMT

GET
H2 200 article-11f1dcc08f-rev.js Show response
zdnet4.cbsistatic.com/fly/js/pages/ 163 KB
46 KB 8ms
8ms Script
application/javascript 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/js/pages/article-11f1dcc08f-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1802-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

277c3b1aa9849ea281525d0d823264cf6f245eebc87636cd03b587214f79f6cb

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296842
status: 200
vary: Accept-Encoding
content-length: 46654
x-xss-protection: 1; mode=block
last-modified: Mon, 09 Sep 2019 08:46:30 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d761166-28b5f"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Sep 2019 16:16:21 GMT

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/ Frame 84D8 739 KB
124 KB 19ms
19ms Script
application/javascript 2606:4700::6810:51a5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=637039077235229344
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/lightbox.js?cb=1568342624561&lv=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7bc2ad7ae7eed240bdba54adbc2fd6203ee5f6e2f98a13a6193dec1d45cc18a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: CXIxOSrQQ/L2LXBU6uAwoQ==
age: 31649
cf-polished: origSize=1166536
status: 200
last-modified: Thu, 12 Sep 2019 17:55:23 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: e3620cdd-501e-013a-3993-695037000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 5156c67c0e07cbac-VIE
expires: Sat, 12 Sep 2020 02:43:44 GMT

GET
H2 200 CBSI-PLAYER.js Show response
vidtech.cbsinteractive.com/uvpjs/0.42.297/ 1 MB
281 KB 33ms
7ms Script
application/javascript 151.101.114.133
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://vidtech.cbsinteractive.com/uvpjs/0.42.297/CBSI-PLAYER.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1802-fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1df152c5f79010dd701eceeabbf5fae49f8b375b625f2a5d7f8a8fbe11b92f2b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
age: 1363230
x-cache: HIT, HIT
status: 200
content-length: 286838
x-amz-id-2: RwwFGuUUYSmg+vS1RPbj1H+B+E4B5kk+hAIhfVWu1wwqvEQprJmMgLypyIoahKVQxKzIbjF04sE=
x-served-by: cache-dca17739-DCA, cache-hhn4051-HHN
last-modified: Fri, 01 Feb 2019 18:20:56 GMT
server: AmazonS3
x-timer: S1568342625.693797,VS0,VE1
etag: "eb5dd4ed3dcb7641ebbcb604d7ddb038"
vary: Accept-Encoding
x-amz-request-id: B6CFBFBA531CA0E6
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 7403, 1

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 35 KB
14 KB 27ms
7ms Script
application/x-javascript 2600:9000:2057:e000:18:1fcd:349:ca21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1802-fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:e000:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 99fd27cd410417b5633d3fc37196751afc4b3f9ffa5853dedb73cfcb3e810d7c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:05:05 GMT
content-encoding: gzip
last-modified: Thu, 01 Aug 2019 01:56:46 GMT
server: nginx
age: 2319
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: kpyNAM7sNuZFYfbY0TM2iCvJWZlH0othoFxPerwk7Z3aP91ibW7MEQ==
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
expires: Fri, 13 Sep 2019 04:05:05 GMT

GET
H2 200 mpulse-1.0.2.js Show response
zdnet1.cbsistatic.com/fly/js/libs/ 12 KB
5 KB 7ms
5ms Script
application/javascript 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1802-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

763fa0bd7eff816d0a5f8c3e4075f9173a5cebf51a1e2c0d1174f841de10b9dd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 563055
status: 200
vary: Accept-Encoding
content-length: 4877
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Sep 2019 14:23:11 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d6fc8cf-2fdf"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2019 14:19:29 GMT

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 906 B
1 KB 36ms
35ms Script
application/javascript 34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=50070&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&pv=1568342624697_iu4dp128d&bl=en-us&cb=4515099&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D%5BPersonID%5D%26redir%3D&ht=&d=&dc=&si=1568342624697_iu4dp128d&cid=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1382019
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 97e6789565e852c207f8f03970146971a063cb8d41313be4fcdb5bfd12d762ee

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:44 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 521
Expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ 20 B
698 B 481ms
176ms Script
application/javascript 34.233.109.111
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=1382019
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1382019
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.109.111 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-233-109-111.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:44 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 138
Expires: Sat, 14 Sep 2019 02:43:45 GMT

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 16ms
15ms Stylesheet
text/css 2606:4700::6810:51a5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637039077227986622
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=637039077235229344
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 31645
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
status: 200
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: 00a06310-b01e-003f-3893-69e21d000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 5156c67c9eadcbac-VIE
expires: Sat, 12 Sep 2020 02:43:44 GMT

GET
H2 200 ls.html
www.lightboxcdn.com/lclst/a1583f50-579b-41d0-8c4e-1cd1790d945c/ Frame 5E02 0
0 17ms
16ms Document
text/html 2606:4700::6810:51a5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/lclst/a1583f50-579b-41d0-8c4e-1cd1790d945c/ls.html?purl=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&vid=a1583f50-579b-41d0-8c4e-1cd1790d945c&se=0&prev=0&cb=637039077227986622
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=637039077235229344
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: www.lightboxcdn.com
:scheme: https
:path: /lclst/a1583f50-579b-41d0-8c4e-1cd1790d945c/ls.html?purl=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&vid=a1583f50-579b-41d0-8c4e-1cd1790d945c&se=0&prev=0&cb=637039077227986622
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
accept-encoding: gzip, deflate, br
cookie: __cfduid=d53d0d0d6bbd501ab5f5e9f9c6f8f52c71568342624
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Response headers

status: 200
date: Fri, 13 Sep 2019 02:43:44 GMT
content-type: text/html
content-md5: xa1/rdPe0J6SwxlD7atkzw==
last-modified: Thu, 12 Sep 2019 17:55:22 GMT
x-ms-request-id: ff6304f2-601e-0072-0299-6924ff000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
cf-cache-status: HIT
age: 29031
expires: Sat, 12 Sep 2020 02:43:44 GMT
cache-control: public, max-age=31536000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5156c67caeb7cbac-VIE
content-encoding: br

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
256 B 17ms
16ms Image
image/gif 2606:4700::6810:51a5
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1568342624727&h=www.zdnet.com&e=p&u=40913
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 13 Sep 2019 02:43:44 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 589351
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
status: 200
content-length: 35
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 48b7eafb-401e-010c-457d-f6fd65000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5156c67c9eb3cbac-VIE
cf-bgj: imgq:85

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/v2/ 2 KB
1 KB 38ms
37ms XHR
application/json 104.111.214.229
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/v2/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&t=1568342624762&s=1ab8aa82ef059329567f5349fa83acf29f1dd8c68596e767e0921540baecf828
Requested by: Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.229 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-229.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a3affe1d9dee7d86c2ba779234d2dcb904f88c2180d2f3cb77aa598ebaea6b95

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:44 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 735

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 293ms
96ms Image
image/gif 34.200.61.129
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=zdnet.com&p=%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&u=qRA7CCC6qy5DOEyQ&d=zdnet.com&g=65713&g0=security&g1=catalin%20cimpanu&n=1&f=00001&c=0&x=0&m=0&y=6767&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1114&t=Bu_wA3C4nLGOBa2U-PCDAKOjBU6VXT&V=116&i=Simjacker%20attack%20exploited%20in%20the%20wild%20to%20track%20users%20for%20at%20least%20two%20years%20%7C%20ZDNet&tz=-120&_acct=anon&sn=1&sv=CKQHEkCE8-ImDLRttw89BpEB4UnN8&sd=1&im=067b2ff3&_
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.61.129 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-200-61-129.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Fri, 13 Sep 2019 02:43:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://tags.bluekai.com/site/20486?limit=0&id=5978151496924874953&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=5978151496924874953%26eid=50056
https://ml314.com/csync.ashx?fp=CFdRvx9999O7D7%2B5&person_id=5978151496924874953&eid=50056

43 B
312 B

29ms
28ms

Image
image/gif

34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=CFdRvx9999O7D7%2B5&person_id=5978151496924874953&eid=50056
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:44 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Fri, 13 Sep 2019 22:43:45 GMT

Redirect headers

Location: https://ml314.com/csync.ashx?fp=CFdRvx9999O7D7%2B5&person_id=5978151496924874953&eid=50056
Date: Fri, 13 Sep 2019 02:43:45 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 1125
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=5978151496924874953
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTNTk3ODE1MTQ5NjkyNDg3NDk1MxAAGg0I4ITs6wUSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=64c0e48ef5250cf8ad4cf1b8944bad1fd51a58c8c6fc2557e91ba856ce6b7df7f4cb09cee1a4f8eb&person_id=5978151496924874953&eid=50082

43 B
312 B

36ms
34ms

Image
image/gif

34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=64c0e48ef5250cf8ad4cf1b8944bad1fd51a58c8c6fc2557e91ba856ce6b7df7f4cb09cee1a4f8eb&person_id=5978151496924874953&eid=50082
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:44 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Fri, 13 Sep 2019 22:43:45 GMT

Redirect headers

date: Fri, 13 Sep 2019 02:43:45 GMT
via: 1.1 google
status: 307
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=64c0e48ef5250cf8ad4cf1b8944bad1fd51a58c8c6fc2557e91ba856ce6b7df7f4cb09cee1a4f8eb&person_id=5978151496924874953&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151496924874953%26eid=50220
https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151496924874953%26eid=50220&mm_bnc&mm_bct&UUID=4d4a5d7a-fa49-4b00-bb74-bcba35b3816e
https://ml314.com/csync.ashx?fp=4d4a5d7a-fa49-4b00-bb74-bcba35b3816e&person_id=5978151496924874953&eid=50220

43 B
312 B

50ms
29ms

Image
image/gif

34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=4d4a5d7a-fa49-4b00-bb74-bcba35b3816e&person_id=5978151496924874953&eid=50220
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:44 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Fri, 13 Sep 2019 22:43:44 GMT

Redirect headers

Date: Fri, 13 Sep 2019 02:43:44 GMT
Server: MT3 1710 796a9e3 master cdg-pixel-x6
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://ml314.com/csync.ashx?fp=4d4a5d7a-fa49-4b00-bb74-bcba35b3816e&person_id=5978151496924874953&eid=50220
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Fri, 13 Sep 2019 02:43:43 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151496924874953
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151496924874953
https://ml314.com/csync.ashx?fp=58b9d6588b3c171ce28e3ba62fd75c42&eid=50146&person_id=5978151496924874953

43 B
312 B

29ms
28ms

Image
image/gif

34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=58b9d6588b3c171ce28e3ba62fd75c42&eid=50146&person_id=5978151496924874953
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:44 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Fri, 13 Sep 2019 22:43:45 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:45 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location: https://ml314.com/csync.ashx?fp=58b9d6588b3c171ce28e3ba62fd75c42&eid=50146&person_id=5978151496924874953
Cache-Control: no-cache
X-Server: 10.45.31.42
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2BISm-B4LbrRc6DcegwkzflSPxALXnFvwyqXnfjt-pkI&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil
https://ml314.com/csync.ashx?fp=2BISm-B4LbrRc6DcegwkzflSPxALXnFvwyqXnfjt-pkI&person_id=5978151496924874953&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil

70 B
237 B

12ms
12ms

Image
image/gif

54.93.117.16
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.93.117.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-93-117-16.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:45 GMT
Cache-control: private
Content-Length: 70
Content-Type: image/gif

Redirect headers

Date: Fri, 13 Sep 2019 02:43:44 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Cache-Control: private
Connection: keep-alive
Content-Length: 168
Expires: Fri, 13 Sep 2019 22:43:45 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=5978151496924874953&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=5978151496924874953&redir=

42 B
776 B

37ms
36ms

Image
image/gif

52.208.212.211
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=5978151496924874953&redir=
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.212.211 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-208-212-211.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v042-0f59f1b19.edge-irl1.demdex.com 5.59.0.20190904135845 3ms (+0ms)
Pragma: no-cache
X-TID: 16pfHkv6QiA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
X-TID: sOlPdlYERQw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=5978151496924874953&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ta-pagesocial-sdk.js Show response
tru.am/scripts/ 35 KB
12 KB 25ms
24ms Script
application/javascript 2606:4700:20::6819:a222
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by: Host: tru.am
URL: https://tru.am/scripts/custom/cbsinteractive.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:a222 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b8d8ef7fec86e16424f0c6be7f0471a0c29256e074e1336d92876ddb4bc09ff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Apr 2019 03:51:14 GMT
server: cloudflare
age: 4755
etag: W/"942d5ae1e512ccdf18813550428dd002"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
cf-ray: 5156c67db9445a0c-VIE
expires: Sat, 14 Sep 2019 02:43:44 GMT

GET
H/1.1 200
OK z Show response
lightboxapi2.azurewebsites.net/z9l/40913/www.zdnet.com/jsonp/ 220 B
386 B 541ms
128ms Script
application/javascript 23.99.128.52
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi2.azurewebsites.net/z9l/40913/www.zdnet.com/jsonp/z?cb=1568342624946&callback=jQuery171006896915678843119_1568342624715&_=1568342624947
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=637039077235229344
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.128.52 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-dm1-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fcd743c4396657d1ced9aebf85631f63a0be4db70cc7dd078b4209f36949b062

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:45 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Length: 220
Content-Type: application/javascript

GET
H2 200 z.gif Show response
api1.lightboxcdn.com/z9u/LIewXglgNlCGD0BWAdABgAQApiwMYQDsAXEAZwAsBudASWIFMp0dd0B5AZXQA10BGVAH0-AFkGIAlOgCCAB1lR6AdXoAjANIQiSAMwB2ZDoBsWdQAkAKsAAyAGnRQIAa3roA4vVxOQUgMLkAJxAAW3p4PRE0Qz0AJgBOZD4jOPQO... 183 B
578 B 51ms
20ms XHR
application/javascript 2606:4700::6810:51a5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api1.lightboxcdn.com/z9u/LIewXglgNlCGD0BWAdABgAQApiwMYQDsAXEAZwAsBudASWIFMp0dd0B5AZXQA10BGVAH0-AFkGIAlOgCCAB1lR6AdXoAjANIQiSAMwB2ZDoBsWdQAkAKsAAyAGnRQIAa3roA4vVxOQUgMLkAJxAAW3p4PRE0Qz0AJgBOZD4jOPQOWAAzWACIXQNjIA__XZX/z.gif
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=637039077235229344
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dd787044f07fb551657e198707ea27bfddcf6cf53bd6e8bf5efd6322a5273cba

Request headers

Accept: */*
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 57688
x-powered-by: ASP.NET
status: 200
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
cf-ray: 5156c67e2e30cb9c-VIE
expires: Sat, 14 Sep 2019 02:43:44 GMT

POST
H2 200 beacon Show response
beacon.tru.am/ 0
333 B 189ms
145ms Fetch 2606:4700:20::6819:a322
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.tru.am/beacon
Requested by: Host: tru.am
URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:a322 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:45 GMT
via: 1.1 google
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, private, max-age=0
cf-ray: 5156c67e583bcbc0-VIE
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 266 B
946 B 124ms
37ms XHR
text/javascript 52.49.176.73
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.176.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-49-176-73.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 873d3cce55ed4e7b80754144eacce20aa2c789ef95187b32aedfc0efa8de7d48

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:44 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 266
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
1 KB 33ms
33ms XHR
application/json 52.208.212.211
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/id?d_visid_ver=2.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=10D31225525FF5790A490D4D%40AdobeOrg&d_nsid=0&ts=1568342625092
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1787.js?utv=ut4.43.201909041804
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.212.211 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-208-212-211.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a5727f7f8eb4b910f6bf7aae7a2e71a97dad9b8af073d11686899047641a5350

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v042-0ceaf95f4.edge-irl1.demdex.com 5.59.0.20190904135845 3ms (+1ms)
Pragma: no-cache
Content-Encoding: gzip
X-TID: klmzCb8vQ10=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 674
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
140 B 7ms
7ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=cbsi/zdnetglobalsite/201909041804&cb=1568342625094
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FE9) /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
last-modified: Thu, 14 Apr 2016 16:59:33 GMT
server: ECAcc (frc/8FE9)
etag: "2243872957"
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Fri, 13 Sep 2019 02:53:45 GMT

GET
H/1.1 200
OK c.gif
dw.cbsi.com/clear/ 42 B
346 B 156ms
155ms Image
image/gif 64.30.230.22
CBS Interactive Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dw.cbsi.com/clear/c.gif?rsid=cnetzdnetglobalsite&sid=2&siteid=2&pagetype=article&assetguid=81519379-5999-445f-9b22-a4fd17b255ab&assettitle=simjacker%20attack%20exploited%20in%20the%20wild%20to%20track%20users%20for%20at%20least%20two%20years&assettype=content_article&pubdate=2019-09-12%2013%3A30%3A00&viewguid=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&devicetype=desktop&sitetype=responsive%20web&author=catalin%20cimpanu&authorid=85fd8691-f525-4ea2-a601-af296f629f7f&topicguid=113c25b6-ec91-11e3-95d2-02911863765e&topic=security&topicbrcrm=security&ts=1568342625097&ld=www.zdnet.com&ldc=d9af0c65-a4f3-49da-826e-cf1fe305cb8c&brwinsz=1600x1200&brscrsz=1600x1200&brlang=en-US&tcset=utf8&im=dsjs&clgf=Wx8YkV17AmBjGIEhQk4&srcurl=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&title=Simjacker%20attack%20exploited%20in%20the%20wild%20to%20track%20users%20for%20at%20least%20two%20years%20%7C%20ZDNet
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.30.230.22 Fremont, United States, ASN6623 (CBSI-1 - CBS Interactive Inc., US),
Reverse DNS: phx2-dw-cbsi-xw-ext-lb.cnet.com
Software: Apache/2.4.25 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:45 GMT
Server: Apache/2.4.25
Vary: *
Content-Type: image/gif
Cache-control: no-cache, must-revalidate, no-transform
Connection: Keep-Alive
Keep-Alive: timeout=80, max=717
Content-Length: 42
Expires: Mon, 05 Jan 1970 12:12:12 GMT

GET
H/1.1 200
OK Cookie set dest5.html
cbsi.demdex.net/ Frame 2F1E 0
0 153ms
30ms Document
text/html 54.77.236.71
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cbsi.demdex.net/dest5.html?d_nsid=undefined
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1787.js?utv=ut4.43.201909041804
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.236.71 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-77-236-71.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: cbsi.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Accept-Encoding: gzip, deflate, br
Cookie: demdex=91968686126970491593988974272362630121
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Tue, 10 Sep 2019 14:26:35 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=91968686126970491593988974272362630121;Path=/;Domain=.demdex.net;Expires=Wed, 11-Mar-2020 02:43:45 GMT;Max-Age=15552000
Vary: Accept-Encoding, User-Agent
X-TID: tnKsUZgQQBY=
Content-Length: 2764
Connection: keep-alive

GET
H/1.1 200
OK id Show response
saa.cbsi.com/ 90 B
713 B 597ms
253ms XHR
application/x-javascript 3.212.241.161
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://saa.cbsi.com/id?d_visid_ver=2.3.0&d_fieldgroup=A&mcorgid=10D31225525FF5790A490D4D%40AdobeOrg&mid=92206603316675576953966584980069617297&ts=1568342625133
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1787.js?utv=ut4.43.201909041804
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.241.161 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-212-241-161.compute-1.amazonaws.com
Software: Omniture DC /
Resource Hash: ebedf2b7f0af84ca09415b0956752054e4f54b504774a9af896fc3a3e68fd491

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 13 Sep 2019 02:43:45 GMT
Server: Omniture DC
xserver: www470
Vary: Origin
X-C: ms-6.9.1
P3P: CP="This is not a P3P policy"
Access-Control-Allow-Origin: https://www.zdnet.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 90

GET
H/1.1 204
No Content / Show response
684dd307.akstat.io/ 0
354 B 57ms
33ms XHR
image/gif 104.111.214.229
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd307.akstat.io/?h.pg=article&when=1568342625160&t_other=custom4%7C195&d=zdnet.com&h.key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&h.d=zdnet.com&h.cr=77abdbfeccd2b7b8cc7ccaf5d908588de0e2cb0b&h.t=1568342624782&http.initiator=api&rt.start=api&rt.si=dbeda69e-21a9-49d5-8182-7115de422042&rt.ss=1568342625847&rt.sl=0&api=1&api.v=2&api.l=js&api.lv=0.0.1

Requested by

Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.214.229 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-214-229.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:45 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Fri, 13 Sep 2019 02:43:45 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 76 B
521 B 32ms
32ms XHR
text/javascript 52.49.176.73
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.176.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-49-176-73.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 2d2a11b295b37fae106b4c6e8cacec5e02d1d5f7e3531f534e61559620c8eb6f

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:45 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 76
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 99 B
1 KB 45ms
16ms XHR
application/javascript 37.252.173.27
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=11834629&size=728x90&callback=headertag.AppNexusHtb.adResponseCallback&callback_uid=VvmlI5aP&psa=0&promo_sizes=970x250&referrer=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/ls-zdnet.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

1c3d0669318ff3ec26e076a333d498305880abb1d3979cce3dc6d76dd7b0b91e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
X-Proxy-Origin: 185.151.58.116; 185.151.58.116; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.203:80
AN-X-Request-Uuid: d9b8beaf-0bf9-477c-8a5e-6d30ca8b9167
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 99
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 99 B
1 KB 45ms
17ms XHR
application/javascript 37.252.173.27
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=11834625&size=300x250&callback=headertag.AppNexusHtb.adResponseCallback&callback_uid=odFj0lis&psa=0&referrer=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/ls-zdnet.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

49a69ce951361847c8b120003eb204a50416416359e1533cd42f9d3d80b8741f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
X-Proxy-Origin: 185.151.58.116; 185.151.58.116; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.186:80
AN-X-Request-Uuid: 57b044ea-7a51-415a-8834-fd5f700eeaf2
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 99
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 99 B
1 KB 46ms
18ms XHR
application/javascript 37.252.173.27
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=11834627&size=300x250&callback=headertag.AppNexusHtb.adResponseCallback&callback_uid=sjReSfQv&psa=0&referrer=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/ls-zdnet.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

149a54b1fc172a28f228290f63997d855af2a8ef05c418645c7ed29b54a91a5b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
X-Proxy-Origin: 185.151.58.116; 185.151.58.116; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.173:80
AN-X-Request-Uuid: e930416b-5ec7-4b3c-ab59-d693c3f9e83b
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 99
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 99 B
1 KB 45ms
16ms XHR
application/javascript 37.252.173.27
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=11834631&size=300x250&callback=headertag.AppNexusHtb.adResponseCallback&callback_uid=1oqf9OuD&psa=0&promo_sizes=300x600&referrer=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/ls-zdnet.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

7cdf807d33246f24e85dfe3465ba722856eb39499fa38ac79e4c87b787071d46

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
X-Proxy-Origin: 185.151.58.116; 185.151.58.116; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.116:80
AN-X-Request-Uuid: b99e0501-4855-4e98-b2b7-fcd883660559
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 99
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 99 B
1 KB 45ms
17ms XHR
application/javascript 37.252.173.27
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=11834632&size=728x90&callback=headertag.AppNexusHtb.adResponseCallback&callback_uid=vF9DjddV&psa=0&promo_sizes=970x250&referrer=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/ls-zdnet.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

8af0a57740a2f260ec70c48eecdec9c13a10efdad98179ba7fb815d071e156aa

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
X-Proxy-Origin: 185.151.58.116; 185.151.58.116; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.107:80
AN-X-Request-Uuid: 091c40f3-2ddd-4a34-8dd7-daf41d39c259
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 99
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 66 B
943 B 192ms
176ms XHR
text/javascript 2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?v=7.2&s=182823&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A60160942%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22202%22%2C%22siteID%22%3A%22182829%22%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22220%22%2C%22siteID%22%3A%22183316%22%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22209%22%2C%22siteID%22%3A%22182828%22%7D%2C%22id%22%3A%223%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22210%22%2C%22siteID%22%3A%22182826%22%7D%2C%22id%22%3A%224%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22208%22%2C%22siteID%22%3A%22182824%22%7D%2C%22id%22%3A%225%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22222%22%2C%22siteID%22%3A%22182825%22%7D%2C%22id%22%3A%226%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22219%22%2C%22siteID%22%3A%22183315%22%7D%2C%22id%22%3A%227%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22201%22%2C%22siteID%22%3A%22182823%22%7D%2C%22id%22%3A%228%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%226bf75372-e8b5-4b34-a6cc-310a96339600%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222019-09-13T02%3A43%3A44%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/ls-zdnet.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 516f266d5e4d60288112d71933eb858097eefa7b15ead2a339d2d6140805449b

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:45 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 86
Expires: Fri, 13 Sep 2019 02:43:45 GMT

GET
H2 200 utag.1775.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 26 KB
9 KB 12ms
12ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1775.js?utv=ut4.43.201909041804
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FF9) /
Resource Hash: 0f4176807e149be9c6cc0e583699fffe630cccb37e57242ce5a7b1f7d63d859d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:44 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2016 20:41:55 GMT
server: ECAcc (frc/8FF9)
etag: "1112944691+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 8960
expires: Sat, 28 Sep 2019 02:43:44 GMT

GET
H2 200 utag.277.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 2 KB
947 B 13ms
13ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.277.js?utv=ut4.43.201909041804
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F15) /
Resource Hash: 0e13cd6845611f0c419398a75b85ba014a7fffb1b9e9575c2e1b4cfefebd0017

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2016 20:43:58 GMT
server: ECAcc (frc/8F15)
etag: "461771432"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 863
expires: Sat, 28 Sep 2019 02:43:45 GMT

GET
H2 200 utag.1772.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 2 KB
1021 B 18ms
18ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1772.js?utv=ut4.43.201909041804
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F31) /
Resource Hash: e482ba089d973ca257acfd70b2d7541447d5d333449b106d5c3dffebe322566a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2016 20:43:58 GMT
server: ECAcc (frc/8F31)
etag: "4198895974"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 959
expires: Sat, 28 Sep 2019 02:43:45 GMT

GET
H2 200 utag.1796.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 8 KB
3 KB 13ms
13ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1796.js?utv=ut4.43.201909041804
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FB7) /
Resource Hash: 9337d4f2ef8a00759da573e178e302712fec944ac54cfd808f48c526b9816d3b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
last-modified: Mon, 28 Nov 2016 15:09:53 GMT
server: ECAcc (frc/8FB7)
etag: "931235332"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2762
expires: Sat, 28 Sep 2019 02:43:45 GMT

GET
H2 200 utag.1810.js Show response
tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/ 2 KB
1 KB 12ms
12ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1810.js?utv=ut4.43.201909041804
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F9D) /
Resource Hash: 07178558c596bc2fe33d99750a349d5413fa4571fc778cefbe4f4f367404f6d6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
last-modified: Mon, 08 Jul 2019 17:22:10 GMT
server: ECAcc (frc/8F9D)
etag: "4274102907"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 988
expires: Sat, 28 Sep 2019 02:43:45 GMT

GET
H/1.1

200
OK

pixel_details.html
www.everestjs.net/static/ Frame F09A
Redirect Chain

https://pixel.everesttech.net/4083/gr?ev_gb=0&url=https%3A%2F%2Fwww.everestjs.net%2Fstatic%2Fpixel_details.html%23google%3D__EFGCK__%26gsurfer%3D__EFGSURFER__%26optout%3D__EFOPTOUT__%26throttleCook...
https://www.everestjs.net/static/pixel_details.html

0
0

7ms
7ms

Document
text/html

184.31.90.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everestjs.net/static/pixel_details.html
Requested by: Host: www.everestjs.net
URL: https://www.everestjs.net/static/st.v3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.90.90 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a184-31-90-90.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: www.everestjs.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Response headers

Server: Apache
Last-Modified: Tue, 04 Oct 2011 16:14:21 GMT
ETag: "8623-a6-4ae7b62583140"
Accept-Ranges: bytes
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 146
Cache-Control: max-age=64057
Expires: Fri, 13 Sep 2019 20:31:22 GMT
Date: Fri, 13 Sep 2019 02:43:45 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Date: Fri, 13 Sep 2019 02:43:45 GMT
Server: Apache
Set-Cookie: everest_session_v2=XXsCYQAABYc1ETn@; path=/; domain=.everesttech.net everest_g_v2=g_surferid~XXsCYQAABYc1ETn@; path=/; domain=.everesttech.net; expires=Sat, 07-Aug-2021 13:23:45 GMT
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://www.everestjs.net/static/pixel_details.html#google=XXsCYQAABYc1ETn@&gsurfer=XXsCYQAABYc1ETn@&optout=0&throttleCookie=&time=20190913024345
Content-Length: 345
Keep-Alive: timeout=15, max=990257
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 / Show response
www.zdnet.com/components/breaking-news/xhr/ 1 KB
1 KB 152ms
152ms XHR
application/json 2.18.233.143
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/components/breaking-news/xhr/?slug=breaking-news-banner

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/1802-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.143 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a2-18-233-143.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3d14abd3048f0e77ff64ace93cbfe3ef48584bd0570bf7303b3bbf5ea0ffab6f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding, User-Agent
content-length: 515
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 Sep 2019 01:14:01 GMT
server: nginx
x-frame-options: SAMEORIGIN
date: Fri, 13 Sep 2019 02:43:45 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-tx-id: 01a338c8-57cc-494f-a749-02ea84970539
content-type: application/json
access-control-allow-origin: https://www.zdnet.com
cache-control: max-age=5400, private
accept-ranges: bytes
expires: Fri, 13 Sep 2019 02:44:01 GMT

GET
H2 200 disqus-count-5922ea1c53-rev.js Show response
zdnet2.cbsistatic.com/fly/js/components/ 406 B
401 B 6ms
5ms Script
application/javascript 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/components/disqus-count-5922ea1c53-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1802-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

b8c15c61feffdfe68b168cf2ac8cf58867f38547da3b15d7971a75c44f16bc26

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 559919
status: 200
vary: Accept-Encoding
content-length: 270
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Sep 2019 14:23:05 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d6fc8c9-196"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2019 15:11:46 GMT

GET
H2 200 simjacker-attack-wild.jpg
zdnet4.cbsistatic.com/hub/i/2019/09/12/b6d52cd7-6945-4938-8c09-7dbc220cb443/34a9d00e10a5a575a622bcf19cee0b16/ 75 KB
64 KB 11ms
11ms Image
image/jpeg 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/2019/09/12/b6d52cd7-6945-4938-8c09-7dbc220cb443/34a9d00e10a5a575a622bcf19cee0b16/simjacker-attack-wild.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

3814ce906a839379e349f083d1b330fb3893227199626e0a6bb4a417239aec6a

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47567
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 65442
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "662a151f5da6058a83f78d6d2206ecbd"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 simjacker-victims.png
zdnet4.cbsistatic.com/hub/i/2019/09/12/eff82fe6-1b25-46d0-bef4-2c5dc58f7982/b13740bfb35a6b57adf1417788207814/ 26 KB
26 KB 6ms
6ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/2019/09/12/eff82fe6-1b25-46d0-bef4-2c5dc58f7982/b13740bfb35a6b57adf1417788207814/simjacker-victims.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0c042726aad611dc0974008c4b702ec1ab74bd9a1e9943c1258fef9956f7b1e6

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47567
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 26153
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "eac2949b8b90be506f77db750ef05417"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 image-gallery-modal-e49526b449-rev.js Show response
zdnet1.cbsistatic.com/fly/js/components/ 5 KB
2 KB 6ms
6ms Script
application/javascript 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/components/image-gallery-modal-e49526b449-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1802-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

f5b52ad70c5d645388b52d2fadaf8a5311aee9a01436866ab9b3e2c5f02e1c22

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325815
status: 200
vary: Accept-Encoding
content-length: 1909
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Sep 2019 14:23:05 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d6fc8c9-13d0"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Sep 2019 08:13:31 GMT

GET
H2 200 06-intel.png
zdnet4.cbsistatic.com/hub/i/r/2019/06/20/e9c14ebf-b511-4725-b6ce-621dc6da232d/thumbnail/170x128/dcf44c742e8ed3620dcb4716f96722d6/ 9 KB
9 KB 12ms
9ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/06/20/e9c14ebf-b511-4725-b6ce-621dc6da232d/thumbnail/170x128/dcf44c742e8ed3620dcb4716f96722d6/06-intel.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

24e337424cb73e0a532bd8013638aa73079dd95446ec1f7406644b917f977ece

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4161142
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 9155
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "1b356667c9a682f8b0215d9d16d286fe"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 07-airbnb.png
zdnet4.cbsistatic.com/hub/i/r/2019/06/20/5fa78f82-c140-44e3-ab9a-06d07fe54cc7/thumbnail/170x128/f81cbd7de882e757e3eda15bacf3b50c/ 11 KB
11 KB 13ms
10ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/06/20/5fa78f82-c140-44e3-ab9a-06d07fe54cc7/thumbnail/170x128/f81cbd7de882e757e3eda15bacf3b50c/07-airbnb.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

de1070c0a09e10deca1324e6acbf32906096aae9dfbed8bfdaef2970fcdbe25f

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4180796
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 11069
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "6cb993c8fa82ad11ff71fad64d213a72"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 08-ubiquiti.png
zdnet2.cbsistatic.com/hub/i/r/2019/06/20/294ec80f-9f4f-45f2-b281-9886330f77f0/thumbnail/170x128/fd92f735cc5a916fa38cd4d337f640f0/ 11 KB
11 KB 10ms
7ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2019/06/20/294ec80f-9f4f-45f2-b281-9886330f77f0/thumbnail/170x128/fd92f735cc5a916fa38cd4d337f640f0/08-ubiquiti.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

010d0f22539421bb342a069ef90d92e78be007c7e35c98fb8d631d831b96881b

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4068671
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 10845
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "f06edc8ab534b2c7ecbd4c2051d9cb1e"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 09-valve.png
zdnet1.cbsistatic.com/hub/i/r/2019/06/20/729d125f-6308-4465-bfbc-2ce9488da8c6/thumbnail/170x128/9169587c28d6882ef99244e62210f265/ 11 KB
10 KB 9ms
6ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2019/06/20/729d125f-6308-4465-bfbc-2ce9488da8c6/thumbnail/170x128/9169587c28d6882ef99244e62210f265/09-valve.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

d030b82de019e85ea0136865086e36f945fd601dac17c266ad8b55f46df42e28

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4056426
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 10555
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "9b972ab65a176d0a3aabf71ea0c01ffc"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 10-gitlab.png
zdnet1.cbsistatic.com/hub/i/r/2019/06/20/bbf4be25-a115-4e8a-ab6c-2be69510ff93/thumbnail/170x128/98f8cb1fddf543665726b10003308f16/ 12 KB
12 KB 8ms
6ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2019/06/20/bbf4be25-a115-4e8a-ab6c-2be69510ff93/thumbnail/170x128/98f8cb1fddf543665726b10003308f16/10-gitlab.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

6ec18584135e8bbd5e0ca6d92569f347ba4046aefc14bba7856d6d3d4f8edd64

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 360156
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 12016
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "43904aa51d7dce2190fcebed0eed1409"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 disqus-loader-db6fae9369-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 1 KB
774 B 6ms
5ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/disqus-loader-db6fae9369-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1802-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

4bb0f33f40b38593e1cba1c8b2f15703d33753bbd80f30511dd9c464a959afe7

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334948
status: 200
vary: Accept-Encoding
content-length: 642
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Sep 2019 14:23:05 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d6fc8c9-580"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Sep 2019 05:39:12 GMT

GET
H2 200 screen-shot-2016-12-09-at-2-04-38-pm-2.png
zdnet3.cbsistatic.com/hub/i/r/2016/12/09/9db97787-51ce-41a7-9e47-c5916b0d3294/thumbnail/70x53/413bebf57742fb89ff38602d0f41b850/ 11 KB
11 KB 12ms
7ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2016/12/09/9db97787-51ce-41a7-9e47-c5916b0d3294/thumbnail/70x53/413bebf57742fb89ff38602d0f41b850/screen-shot-2016-12-09-at-2-04-38-pm-2.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

f46d40bf061892a5c2b8eccde5afa89377d576c9bfb637644b9e700b680d141d

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14798
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 10906
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "e7fdeae58bfddf97dba9f1f67abf5921"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sandboxie.png
zdnet3.cbsistatic.com/hub/i/r/2019/09/12/8206a4a8-191e-4b3c-bd8b-7b0d9bdc1bf1/thumbnail/70x53/e94e973f16f88e4c56074311329f5248/ 4 KB
5 KB 11ms
6ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2019/09/12/8206a4a8-191e-4b3c-bd8b-7b0d9bdc1bf1/thumbnail/70x53/e94e973f16f88e4c56074311329f5248/sandboxie.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

6609393ea122a21291adb391b0e2569df37c08df6e9dc4a0a23718ddfa0c6426

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26490
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 4463
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "bfd2308e9e75263970f8079115edebbd"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 chromebook-chrome-os.jpg
zdnet4.cbsistatic.com/hub/i/r/2019/09/12/4aa9f799-3ebe-4d49-a6f2-2d1f6a76cc9e/thumbnail/70x53/2674dfc8b438f0d4f54827128bf1d349/ 1 KB
1 KB 13ms
8ms Image
image/jpeg 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/09/12/4aa9f799-3ebe-4d49-a6f2-2d1f6a76cc9e/thumbnail/70x53/2674dfc8b438f0d4f54827128bf1d349/chromebook-chrome-os.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

cc190ad5473e1b98d51458ba31301e56906c662735d69abadf68c1b1a02cabda

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58950
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 1278
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "a0833c8a1817526ac555f8d67727caf6"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 eyeidentityistock-516982188.jpg
zdnet2.cbsistatic.com/hub/i/r/2019/05/14/8c170afa-5e76-4707-ac69-5207fda59a51/thumbnail/70x53/121186b577085f3c438d051d9cdc5a67/ 5 KB
5 KB 13ms
7ms Image
image/jpeg 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2019/05/14/8c170afa-5e76-4707-ac69-5207fda59a51/thumbnail/70x53/121186b577085f3c438d051d9cdc5a67/eyeidentityistock-516982188.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

f1c890ea7aa0d881683105690adb6f46341f5b5fce216462df68841a38aa5906

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98902
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 4521
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "d903e9608cfbf08910611e4346a0ba44"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
www.zdnet.com/newsletter/xhr/widget-login/ 2 KB
2 KB 336ms
334ms XHR
application/json 2.18.233.143
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/newsletter/xhr/widget-login/?topic=security

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/1802-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.143 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a2-18-233-143.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b7a80bd63ac8a650149f398a9802cf9e6ab4b69570180d4be4139ee2c6593729

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding, User-Agent
content-length: 727
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: SAMEORIGIN
date: Fri, 13 Sep 2019 02:43:46 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-tx-id: 99c7d812-16b4-4f37-b240-c07cd62638f9
content-type: application/json
access-control-allow-origin: https://www.zdnet.com
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Fri, 13 Sep 2019 02:43:46 GMT

POST
H2 200 / Show response
www.zdnet.com/m3d0s1/xhr/right-rail/ 11 KB
3 KB 428ms
427ms XHR
application/json 2.18.233.143
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/m3d0s1/xhr/right-rail/

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/1802-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.143 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a2-18-233-143.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

6daddeffc56c0e5fbcf31b35ec7a48626941ef47711020f7a48155dcc747f22e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding, User-Agent
content-length: 1716
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: SAMEORIGIN
date: Fri, 13 Sep 2019 02:43:46 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-tx-id: 885f18c9-2269-444b-aa35-054020407bf2
content-type: application/json
access-control-allow-origin: https://www.zdnet.com
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Fri, 13 Sep 2019 02:43:46 GMT

GET
H2 200 front-door-carousel-56427878d9-rev.js Show response
zdnet1.cbsistatic.com/fly/js/components/ 5 KB
2 KB 6ms
5ms Script
application/javascript 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/components/front-door-carousel-56427878d9-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1802-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

5ecc6a93ec2939faa8dbf80084346c7d940f5a2181ee69343810da52902eb92d

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 563054
status: 200
vary: Accept-Encoding
content-length: 1564
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Sep 2019 14:23:05 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d6fc8c9-124a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2019 14:19:31 GMT

GET
H2 200 urban-airship-29ae327ed0-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 1 KB
1 KB 6ms
5ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/urban-airship-29ae327ed0-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1802-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

fa33d1db535d783b0baf4e74bdc7ce9e54633f87a03669b2803e567088d64ccb

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196246
status: 200
vary: Accept-Encoding
content-length: 827
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Sep 2019 14:07:29 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d77ae21-514"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Sep 2019 20:12:59 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
1 KB 35ms
35ms XHR
application/json 52.208.212.211
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/id?d_visid_ver=2.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=10D31225525FF5790A490D4D%40AdobeOrg&d_nsid=0&d_mid=92206603316675576953966584980069617297&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%012EBD8130852CEE18-600009DAE007EDA3&ts=1568342625806
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1787.js?utv=ut4.43.201909041804
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.212.211 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-208-212-211.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1a397f2c64334b78a494a2c41b1c8713738b8dfd9db55cb2bddb097207598659

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v042-04ebb8102.edge-irl1.demdex.com 5.59.0.20190904135845 5ms (+1ms)
Pragma: no-cache
Content-Encoding: gzip
X-TID: t8jvPmgNTKY=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 675
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 advertisement-d41d8cd98f-rev.js Show response
zdnet2.cbsistatic.com/fly/js/utils/ 0
264 B 6ms
5ms Script
application/javascript 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/utils/advertisement-d41d8cd98f-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1802-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
x-content-type-options: nosniff
age: 156772
status: 200
vary: Accept-Encoding
content-length: 0
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Sep 2019 14:07:46 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d77ae32-0"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Sep 2019 07:10:53 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/cbsinteractive-zdnet/ 84 KB
19 KB 24ms
7ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cbsinteractive-zdnet/loader.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1802-fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bbab7355d5aa551c9f5152fac15aa857d1e352242440ce6911a4e8eef321500

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: U8wN2az2a8oXD_Oos5M5xV5YnT4Twwju
content-encoding: gzip
etag: "df80d9c3040bf21067053575df545fac"
age: 108
x-cache: HIT
status: 200
content-length: 18765
x-amz-id-2: TFTvVlYzYxDxuEzrPlj4vkfPHhvwYH2fWAZkz+FBxVBDewfnnBrfYayOAel+vdN4tWN7vfMuZjc=
x-served-by: cache-hhn4045-HHN
last-modified: Wed, 11 Sep 2019 14:50:51 GMT
server: AmazonS3
x-timer: S1568342626.831034,VS0,VE1
date: Fri, 13 Sep 2019 02:43:45 GMT
vary: Accept-Encoding
x-amz-request-id: 8B32C10FD489ACD0
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 25
x-cache-hits: 1

GET
H/1.1 200
OK 4083-12969.js Show response
www.everestjs.net/dl/4083/ 484 B
664 B 8ms
7ms Script
application/x-javascript 184.31.90.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everestjs.net/dl/4083/4083-12969.js
Requested by: Host: www.everestjs.net
URL: https://www.everestjs.net/static/st.v3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.90.90 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a184-31-90-90.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1d4d518e1da495fb6d6d8b3d86bba79d7597b61b466e71c45cdb09ed79659c53

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Nov 2013 14:23:10 GMT
Server: Apache
ETag: "4a5a49-1e4-4ec011a776f80"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=15542
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 288
Expires: Fri, 13 Sep 2019 07:02:47 GMT

GET
H/1.1 200
OK v
pixel.everesttech.net/4083/ 128 B
716 B 16ms
14ms Image
image/png 66.117.28.68
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/4083/v?ev___loc=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&ev___ref=%2F%2F
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 66.117.28.68 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:45 GMT
Last-Modified: Wed, 19 Oct 2016 22:11:25 GMT
Server: Apache
ETag: "443742-80-53f3f17013d40"
Vary: Cookie
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=15, max=990255
Content-Length: 128

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/
Redirect Chain

https://cm.everesttech.net/cm
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WFhzQ1lRQUFCWWMxRVRuQA
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESEKz2RpwjgIlLoQrA0GOtDXI&google_cver=1
https://pixel.everesttech.net/1x1

128 B
407 B

32ms
13ms

Image
image/png

66.117.28.68
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 66.117.28.68 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Last-Modified: Wed, 19 Oct 2016 22:11:25 GMT
Server: Apache
ETag: "9c38d7-80-53f3f17013d40"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=981449
Content-Length: 128

Redirect headers

Date: Fri, 13 Sep 2019 02:43:45 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://pixel.everesttech.net/1x1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H/1.1 200
OK cs.js Show response
sb.scorecardresearch.com/c2/3005086/ 0
400 B 29ms
8ms Script
application/x-javascript 2.19.43.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/c2/3005086/cs.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1775.js?utv=ut4.43.201909041804
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-43-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:45 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2011 23:11:26 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=259200
Connection: keep-alive
Content-Length: 20
Expires: Mon, 16 Sep 2019 02:43:45 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005086&ns__t=1568342625823&ns_c=UTF-8&c8=Simjacker%20attack%20exploited%20in%20the%20wild%20to%20track%20users%20for%20at%20least%20two%20years%20%7C%20Z...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005086&ns__t=1568342625823&ns_c=UTF-8&c8=Simjacker%20attack%20exploited%20in%20the%20wild%20to%20track%20users%20for%20at%20least%20two%20years%20%7C%20...

0
248 B

7ms
7ms

Image
text/plain

2.19.43.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005086&ns__t=1568342625823&ns_c=UTF-8&c8=Simjacker%20attack%20exploited%20in%20the%20wild%20to%20track%20users%20for%20at%20least%20two%20years%20%7C%20ZDNet&c7=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&c9=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-43-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:46 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=3005086&ns__t=1568342625823&ns_c=UTF-8&c8=Simjacker%20attack%20exploited%20in%20the%20wild%20to%20track%20users%20for%20at%20least%20two%20years%20%7C%20ZDNet&c7=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&c9=
Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:45 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cbs_zQTp2H_zdnet.js Show response
cdn-magiclinks.trackonomics.net/client/static/v2/ 95 KB
18 KB 44ms
9ms Script
text/javascript 2600:9000:2057:ba00:1d:8c8c:47c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/cbs_zQTp2H_zdnet.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1810.js?utv=ut4.43.201909041804
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:ba00:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash: 735dd6528ef8dd97886865a6ff4a0387d6cebab544c6288c8ba2169b1858c392

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Sep 2019 17:31:01 GMT
content-encoding: gzip
last-modified: Wed, 21 Aug 2019 10:15:58 GMT
server: Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
age: 32964
status: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: s7XxKbTwoLiWPAC6-_jPqi3IE1qQ9A3PNjaDT-leW9fnuVpbBMONOA==
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)

GET
H2 200 / Show response
zn_3xebfjduss0srw5-cbs.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 60 KB
15 KB 53ms
24ms Script
application/javascript 104.17.208.240
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://zn_3xebfjduss0srw5-cbs.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_3xeBFJDuSs0SRW5&Q_LOC=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.277.js?utv=ut4.43.201909041804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

661582515dd231f99fdd37d11c1237a8e001ab99b898dc1430ac2f73f718098c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 266179
cf-polished: origSize=62037
status: 200
edge-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-bgj: minify
server: cloudflare
x-powered-by: Express
etag: W/"f255-UCA7wINInts3OI0TBl6iZ+HnnBg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 5156c6839b03c2d6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 121 KB
31 KB 9ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 31604
x-xss-protection: 0
pragma: public
x-fb-debug: XftEdnZ83x1R+AfBGRMpJzG7WcNilXlNlp8w32zVfmEK9T0qS2QSLitWF2nQsj5cvMJ8HF5WMRTDzODimPfINw==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Fri, 13 Sep 2019 02:43:45 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

m
secure-us.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-304254h&cg=0&cc=1&si=https%3A//www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/&rp=&ts=comp...
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-304254h&cg=0&cc=1&si=https%3A//www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/&rp=&ts=comp...

44 B
332 B

33ms
33ms

Image
image/gif

34.254.217.168
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-304254h&cg=0&cc=1&si=https%3A//www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/&rp=&ts=compact&rnd=1568342625827&ja=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.217.168 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-254-217-168.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:46 GMT
server: nginx
status: 200
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:45 GMT
server: nginx
status: 302
location: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-304254h&cg=0&cc=1&si=https%3A//www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/&rp=&ts=compact&rnd=1568342625827&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 simjacker-victims.png
zdnet4.cbsistatic.com/hub/i/2019/09/12/eff82fe6-1b25-46d0-bef4-2c5dc58f7982/b13740bfb35a6b57adf1417788207814/ 26 KB
26 KB 9ms
8ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/2019/09/12/eff82fe6-1b25-46d0-bef4-2c5dc58f7982/b13740bfb35a6b57adf1417788207814/simjacker-victims.png

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/1802-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0c042726aad611dc0974008c4b702ec1ab74bd9a1e9943c1258fef9956f7b1e6

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47567
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 26153
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "eac2949b8b90be506f77db750ef05417"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sandboxie.png
zdnet3.cbsistatic.com/hub/i/r/2019/09/12/8206a4a8-191e-4b3c-bd8b-7b0d9bdc1bf1/thumbnail/70x53/e94e973f16f88e4c56074311329f5248/ 4 KB
4 KB 6ms
5ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2019/09/12/8206a4a8-191e-4b3c-bd8b-7b0d9bdc1bf1/thumbnail/70x53/e94e973f16f88e4c56074311329f5248/sandboxie.png

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/1802-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

6609393ea122a21291adb391b0e2569df37c08df6e9dc4a0a23718ddfa0c6426

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26490
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 4463
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "bfd2308e9e75263970f8079115edebbd"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2016/12/09/9db97787-51ce-41a7-9e47-c5916b0d3294/thumbnail/70x53/413bebf57742fb89ff38602d0f41b850/screen-shot-2016-12-09-at-2-04-38-pm-2.png

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/1802-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

f46d40bf061892a5c2b8eccde5afa89377d576c9bfb637644b9e700b680d141d

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14798
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 10906
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "e7fdeae58bfddf97dba9f1f67abf5921"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 eyeidentityistock-516982188.jpg
zdnet2.cbsistatic.com/hub/i/r/2019/05/14/8c170afa-5e76-4707-ac69-5207fda59a51/thumbnail/70x53/121186b577085f3c438d051d9cdc5a67/ 5 KB
4 KB 9ms
4ms Image
image/jpeg 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2019/05/14/8c170afa-5e76-4707-ac69-5207fda59a51/thumbnail/70x53/121186b577085f3c438d051d9cdc5a67/eyeidentityistock-516982188.jpg

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/1802-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

f1c890ea7aa0d881683105690adb6f46341f5b5fce216462df68841a38aa5906

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98902
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 4521
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "d903e9608cfbf08910611e4346a0ba44"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2019/09/12/4aa9f799-3ebe-4d49-a6f2-2d1f6a76cc9e/thumbnail/70x53/2674dfc8b438f0d4f54827128bf1d349/chromebook-chrome-os.jpg

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/1802-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

cc190ad5473e1b98d51458ba31301e56906c662735d69abadf68c1b1a02cabda

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58950
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 1278
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "a0833c8a1817526ac555f8d67727caf6"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 144 KB
16 KB 466ms
462ms XHR
text/plain 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2371167116442290&correlator=2616931419724068&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21064570%2C21062818&vrg=2019090501&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190913&iu_parts=8264%2Cuk-zdnet%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=7x7%7C5x5%2C1x1%2C728x90%7C970x66%7C970x250%2C300x250%7C300x600%7C300x1050%2C320x50%7C11x11%2C300x250%2C300x250%2C641x321%2C728x90%7C970x66%7C970x250%2C371x771&fluid=0%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0&ists=256&prev_scp=pos%3Dnav%7C%7Cpos%3Dtop%7Cpos%3Dtop%7Cpos%3Dtop%26strnativekey%3D8ec3a4f3%7Cpos%3Dmiddle%7Cpos%3Dbottom%7Cpos%3Dtop%7Cpos%3Dbottom%7Cpos%3Dtop&eri=1&cust_params=buyingcycle%3Ddiscover%26topic%3Dsecurity%252Cmobile-os%252Csmartphones%252Cphones%252Cnetworking%26mfr%3Dapple%252Csamsung%252Cmotorola%252Cgoogle%252Cstk%252Czte%252Chuawei-technologies-co-ltd%26pid%3Datandt-sim-card%252Cfellowes-browser%252Csamsung%252Capple%26tag%3Dsamsung%252Capple%252Cmotorola%252Chuawei%252Cgoogle%252Czte%26prodtype%3Dcards%252Cphone%26device%3Ddesktop%26ptype%3Darticle%26cid%3Dnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%26env%3Dprod%26firstpg%3D1%26vguid%3D6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64%26session%3Da%26subses%3D6&cookie_enabled=1&bc=31&abxe=1&lmt=1568338719&dt=1568342625849&dlt=1568342623865&idt=563&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933%2C0%2C-12245933%2C-12245933%2C208%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933&adys=-12245933%2C87%2C-12245933%2C-12245933%2C1690%2C-12245933%2C-12245933%2C-12245933%2C-12245933%2C-12245933&adks=3150487470%2C214795166%2C4244305695%2C1417548548%2C1329845298%2C2206170071%2C1202754446%2C2710049972%2C1382001979%2C1682329115&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&dssz=81&icsg=0&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x6777%7C1585x0%7C1585x0%7C370x0%7C770x11%7C370x0%7C370x250%7C770x5702%7C1210x0%7C370x0&msz=7x7%7C1585x0%7C688x105%7C300x280%7C770x11%7C300x280%7C300x280%7C641x361%7C728x130%7C371x771&ga_vid=683431924.1568342626&ga_sid=1568342626&ga_hid=1493840228&fws=132%2C4%2C132%2C132%2C4%2C132%2C132%2C132%2C132%2C132&ohw=1585%2C1585%2C1585%2C1585%2C1585%2C1585%2C1585%2C1585%2C1585%2C1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090501.js?21064570

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

cd18ff5ab573c16846ea10b95f33c2b1e329fc0246f9e7f8ccfe90a7322c5e88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15424
x-xss-protection: 0
google-lineitem-id: 4745699004,-2,253246569,253246569,4745189935,253246569,253246569,4745327422,253246569,4825966980
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138245072116,-2,75374362809,75375443409,138239344181,138271463546,138271735246,138239368367,138271463540,138247024569
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019090501.js Show response
securepubads.g.doubleclick.net/gpt/ 63 KB
24 KB 15ms
15ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090501.js?21064570

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090501.js?21064570

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

4021f17f04d1808610fd53096d9a57e97d86a7d8c94cd86b970640c4f99a70c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Sep 2019 13:05:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 24375
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:46 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 0
0

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/2019/09/12/b6d52cd7-6945-4938-8c09-7dbc220cb443/34a9d00e10a5a575a622bcf19cee0b16/simjacker-attack-wild.jpg

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/1802-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

3814ce906a839379e349f083d1b330fb3893227199626e0a6bb4a417239aec6a

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47567
status: 200
content-transfer-encoding: binary
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 65442
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "662a151f5da6058a83f78d6d2206ecbd"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 fly-disqus-count-1f604770a3-rev.js Show response
zdnet2.cbsistatic.com/fly/js/components/ 882 B
585 B 6ms
5ms Script
application/javascript 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/components/fly-disqus-count-1f604770a3-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1802-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

b2ab8784d5ca4bc5e4e1990ba55c6d9f041b8fe8cf41ad9afa37bc1c3dd12756

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332499
status: 200
vary: Accept-Encoding
content-length: 460
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Sep 2019 14:23:05 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d6fc8c9-372"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Sep 2019 06:22:06 GMT

GET
H/1.1 200
OK Cookie set dest5.html
cbsi.demdex.net/ Frame 8FFB 0
0 32ms
31ms Document
text/html 54.77.236.71
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cbsi.demdex.net/dest5.html?d_nsid=0
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1787.js?utv=ut4.43.201909041804
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.236.71 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-77-236-71.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: cbsi.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Accept-Encoding: gzip, deflate, br
Cookie: demdex=91968686126970491593988974272362630121; dextp=269-1-1568342625307|477-1-1568342625409|771-1-1568342625510|22052-1-1568342625611|30646-1-1568342625716|121998-1-1568342625821|127444-1-1568342625922
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Tue, 10 Sep 2019 14:30:01 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=91968686126970491593988974272362630121;Path=/;Domain=.demdex.net;Expires=Wed, 11-Mar-2020 02:43:46 GMT;Max-Age=15552000
Vary: Accept-Encoding, User-Agent
X-TID: njbFSxzsTQA=
Content-Length: 2764
Connection: keep-alive

GET
H/1.1 200
OK s66241147078879 Show response
saa.cbsi.com/b/ss/cnetzdnetglobalsite/10/JS-2.3.0/ 2 KB
2 KB 187ms
187ms Script
application/x-javascript 3.212.241.161
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://saa.cbsi.com/b/ss/cnetzdnetglobalsite/10/JS-2.3.0/s66241147078879?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=13%2F8%2F2019%204%3A43%3A46%205%20-120&d.&nsid=0&jsonv=1&.d&mid=92206603316675576953966584980069617297&aid=2EBD8130852CEE18-600009DAE007EDA3&aamlh=6&ce=UTF-8&ns=cbsinteractive&pageName=zdnet%3A%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&g=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&cc=USD&ch=editorial&server=www.zdnet.com&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=zdnet&v1=zdnet&h1=editorial%7Carticle&c2=D%3Dv2&v2=eu&l2=113c25b6-ec91-11e3-95d2-02911863765e%7C10cdea3b-ec91-11e3-95d2-02911863765e%7C1147b242-ec91-11e3-95d2-02911863765e&c3=D%3Dv3&v3=responsive%20web%7Cdesktop&l3=85fd8691-f525-4ea2-a601-af296f629f7f&c4=D%3Dv4&c5=D%3Dv5&v5=cnetzdnetglobalsite&c6=D%3Dv6&v6=editorial%7Carticle&c7=D%3Dv7&v7=D%3Dg&c8=D%3Dv8&v8=Simjacker%20attack%20exploited%20in%20the%20wild%20to%20track%20users%20for%20at%20least%20two%20years%20%7C%20ZDNet&c9=D%3DUser-Agent&c10=D%3Dv10&v10=article&c11=D%3Dv11&v15=not%20authenticated%7Canon&c20=D%3Dv20&v20=simjacker%20attack%20exploited%20in%20the%20wild%20to%20track%20users%20for%20at%20least%20two%20years&c22=D%3Dv22&v22=content_article&c23=D%3Dv23&v23=113c25b6-ec91-11e3-95d2-02911863765e&c24=D%3Dv24&v24=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&c25=D%3Dv25&c26=D%3Dv26&c28=D%3Dv28&c30=D%3Dv30&v30=81519379-5999-445f-9b22-a4fd17b255ab&c31=D%3Dv31&c33=D%3Dv33&c34=D%3Dv34&c35=D%3Dv35&v35=Wx8YkV17AmBjGIEhQk4&c44=D%3Dv44&v44=zdnet&c50=D%3Dv50&c51=D%3Dv51&c52=D%3Dv52&c53=D%3Dv53&c54=D%3Dv54&c65=D%3Dv65&v65=discover&c69=D%3Dv69&v85=false&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=10D31225525FF5790A490D4D%40AdobeOrg&AQE=1
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1787.js?utv=ut4.43.201909041804
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.241.161 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-212-241-161.compute-1.amazonaws.com
Software: Omniture DC /
Resource Hash: 077dfe27379ee21a165147f5ec9be6ee8505bcdce68c0620ac038d0732268b77

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-AAM-TID: aMOtxBehR2g=
Date: Fri, 13 Sep 2019 02:43:46 GMT
X-C: ms-6.9.1
P3P: CP="This is not a P3P policy"
Connection: keep-alive
Content-Length: 1598
DCS: dcs-prod-irl1-v042-0da8af1d0.edge-irl1.demdex.com 5.59.0.20190904135845 7ms (+2ms)
Pragma: no-cache
Last-Modified: Sat, 14 Sep 2019 02:43:46 GMT
Server: Omniture DC
xserver: www494
ETag: "3367990143883182080-5837098178088319949"
Vary: *
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Expires: Thu, 12 Sep 2019 02:43:46 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
337 B 35ms
10ms XHR
text/plain 2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=182823&u=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/ls-zdnet.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:46 GMT
Server: Apache
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Fri, 13 Sep 2019 02:43:46 GMT

GET
H2 200 ua-sdk.min.js Show response
web-sdk.urbanairship.com/notify/v1/ 78 KB
17 KB 58ms
13ms Script
application/javascript 35.227.208.151
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://web-sdk.urbanairship.com/notify/v1/ua-sdk.min.js
Requested by: Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/js/components/urban-airship-29ae327ed0-rev.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 35.227.208.151 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 151.208.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e59c8c655db8c097ed0067789aeb44ed58f25f8c68a5772bbb3f1fdc18e5e336

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:41:50 GMT
content-encoding: gzip
x-goog-meta-goog-reserved-file-mtime: 1556302399
age: 116
x-guploader-uploadid: AEnB2UrnR2omT5Nxt1wTDPxKpjlDh1UhhdWtwZolNDmpvnA___-Ppfa8otl52p4sAR-UrI-hy5xVdYYAVuFSo8fFe2XaYuGQ1A
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 16960
last-modified: Fri, 26 Apr 2019 18:13:21 GMT
server: UploadServer
etag: "251defdc0ecc8a3bad8ae4cf9aab1923"
vary: Accept-Encoding
x-goog-hash: crc32c=A7yEjg==, md5=JR3v3A7MijutiuTPmqsZIw==
x-goog-generation: 1556302401249893
cache-control: public, max-age=300
x-goog-stored-content-length: 16960
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 13 Sep 2019 02:46:50 GMT

GET
H2 200 show-hide-1.0-7dc26ff326-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 2 KB
845 B 6ms
5ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/show-hide-1.0-7dc26ff326-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1802-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

f92514f4e39c16da9037f964148a09a79419744b77d611860ffc81c86aeace0a

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59762
status: 200
vary: Accept-Encoding
content-length: 710
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Sep 2019 18:17:57 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d793a55-7a5"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2019 10:07:44 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 10ms
7ms Script
application/x-javascript 2.19.43.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/cbsinteractive-zdnet/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-43-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Sat, 14 Sep 2019 02:43:46 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/cbsinteractive-zdnet/ 13 KB
5 KB 31ms
6ms Script
binary/octet-stream 151.101.113.181
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/cbsinteractive-zdnet/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/cbsinteractive-zdnet/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.181 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d1eab2e9d5b36e1297db68599d3e9c3df71869a0863fb261972b93e919d7af1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: rwr9L97XovW8QPypI62jHvd7E2HiNZm2
content-encoding: gzip
etag: "fc0de48a0976cde02ddee0bd49a81832"
age: 310
x-cache: HIT, HIT
status: 200
content-length: 4742
x-amz-id-2: 3m4ozmImbbsGQiBonJe2XNc09km3KzQwD5GLrrMfV0+ONLQL25HRbUvJOO3vSD+p9niYdM2EFtY=
x-served-by: cache-lax8638-LAX, cache-hhn4059-HHN
last-modified: Thu, 20 Oct 2016 17:48:07 GMT
server: AmazonS3
x-timer: S1568342626.199621,VS0,VE0
date: Fri, 13 Sep 2019 02:43:46 GMT
vary: Accept-Encoding,,
x-amz-request-id: 45D2E8320DAF3E82
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: binary/octet-stream
x-cache-hits: 1, 1

GET
H2 200 impl.20190911-24-RELEASE.js Show response
cdn.taboola.com/libtrc/ 393 KB
111 KB 7ms
7ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20190911-24-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/cbsinteractive-zdnet/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 079c6baf748d3b543bd11d58558f93c92619dfc023b34b66a1c3648a4f01feee

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: Blzyav7I7Fqr90naydKIw6WeS8AJ8pk2
content-encoding: gzip
etag: "46435c29fa55e5bb182a8089f8899af1"
age: 52
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 113770
x-amz-id-2: TpwWJhvTI2hPC4MqvfN6kcPHT+HJbADzqUA74zo+2QRKfb2VA14qMvLQnsDazZSdOLTYf5jCbYo=
x-served-by: cache-hhn4045-HHN
last-modified: Wed, 11 Sep 2019 13:41:59 GMT
server: AmazonS3
x-timer: S1568342626.177332,VS0,VE0
date: Fri, 13 Sep 2019 02:43:46 GMT
vary: Accept-Encoding
x-amz-request-id: F64D595A7D85A57A
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 72
x-cache-hits: 92

GET
H2 200 309391486091569 Show response
connect.facebook.net/signals/config/ 307 KB
78 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/309391486091569?v=2.9.4&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

d44c1c3b519cd0b390eb41352d8f3e522e4ed7eac8bc5cf475638985a9c4af16

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 79752
x-xss-protection: 0
pragma: public
x-fb-debug: bW+H9/UwzPlDYvv8/wEAPhJLgX3WxNFI6B0bMLAowrgCafaabW7Re4ncqSKYd82HMnvu88uhHB5NpTe04o5cOw==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Fri, 13 Sep 2019 02:43:46 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1036174608/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1036174608/?label=pXjaCJ6m6gcQkIqL7gM&guid=ON&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036174608/?label=pXjaCJ6m6gcQkIqL7gM&guid=ON&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=YgJ7XZuwDdSBgQ...
https://www.google.com/pagead/1p-user-list/1036174608/?label=pXjaCJ6m6gcQkIqL7gM&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2088525817&crd=&is_vtc=1&random=2241193360
https://www.google.de/pagead/1p-user-list/1036174608/?label=pXjaCJ6m6gcQkIqL7gM&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2088525817&crd=&is_vtc=1&random=2241193360&ipr=y

42 B
110 B

21ms
21ms

Image
image/gif

2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1036174608/?label=pXjaCJ6m6gcQkIqL7gM&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2088525817&crd=&is_vtc=1&random=2241193360&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1036174608/?label=pXjaCJ6m6gcQkIqL7gM&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2088525817&crd=&is_vtc=1&random=2241193360&ipr=y
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel
ad.yieldmanager.com/ 0
341 B 358ms
117ms Image
text/plain 2001:4998:58:4904::7000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldmanager.com/pixel?id=2447099&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:4998:58:4904::7000 , United States, ASN26101 (YAHOO-3 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
X-Content-Type-Options: nosniff
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK s
pixel.everesttech.net/4083/ 128 B
716 B 18ms
13ms Image
image/png 66.117.28.68
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/4083/s?s=12969
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 66.117.28.68 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Last-Modified: Wed, 19 Oct 2016 22:11:25 GMT
Server: Apache
ETag: "1433c2-80-53f3f17013d40"
Vary: Cookie
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=15, max=997573
Content-Length: 128

GET
H2 200 vglnk.js Show response
cdn.viglink.com/api/ 78 KB
27 KB 22ms
21ms Script
text/javascript 2606:4700::6810:a00d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viglink.com/api/vglnk.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27a1b8a51741d0473ab2eab70188657fd20d755ba84e0b3e6a51e6f94d7e3a4b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1489733
cf-ray: 5156c685db9e59fa-VIE
status: 200
content-length: 27531
x-amz-id-2: eDK221dk774em4I6DMckLF57cozzz5yxbbsqbNOpYqfEO21OTmL1ZPH68Dxg4rRcOhYmJd75OLE=
last-modified: Mon, 29 Jul 2019 20:54:38 GMT
server: cloudflare
etag: "bdefbb6abea5b94d18f16f50ec3ebaae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: CFF6D417906FF967
cache-control: public, max-age=1800
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 13 Sep 2019 03:13:46 GMT

GET
H/1.1 200
OK 0.6227106103112333
saa.cbsi.com/b/ss/cbsib2bleadgen/1/G.4--NS/ 43 B
519 B 103ms
97ms Image
image/gif 3.212.241.161
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saa.cbsi.com/b/ss/cbsib2bleadgen/1/G.4--NS/0.6227106103112333?AQB=1&ce=UTF%2D8&events=event66&v0=ftag_cd:LGN22ef1e6&v2=en&v3=desktop&v4=right-rail&v5=zdnet&v10=article&v20=simjacker+attack+exploited+in+the+wild+to+track+users+for+at+least+two+years&v22=content_article&v23=&v24=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&v30=81519379-5999-445f-9b22-a4fd17b255ab&v60=33165532,33165277,33167549&v64=2150&v69=&c0=D%3Dv0&c2=D%3Dv2&c3=D%3Dv3&c4=D%3Dv4&c5=D%3Dv5&c10=D%3Dv10&c20=D%3Dv20&c22=D%3Dv22&c23=D%3Dv23&c24=D%3Dv24&c30=D%3Dv30&c60=D%3Dv60&c64=D%3Dv64&c69=D%3Dv69&pe=lnk_o&pev2=medusa_impression&vid=201909132-leadgen-zdnet&mid=90240133173074011141898988208131324462&aid=2D535D450507F28B-40000106A0001145&AQE=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.241.161 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-212-241-161.compute-1.amazonaws.com
Software: Omniture DC /
Resource Hash: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:46 GMT
Last-Modified: Sat, 14 Sep 2019 02:43:46 GMT
Server: Omniture DC
xserver: www77
ETag: "3367990143883182080-6776766979053296164"
Vary: *
X-C: ms-6.9.1
P3P: CP="This is not a P3P policy"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 12 Sep 2019 02:43:46 GMT

GET
H/1.1 200
OK e.gif
dw.cbsi.com/levt/ria/ 43 B
369 B 156ms
155ms Image
image/gif 64.30.230.22
CBS Interactive Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dw.cbsi.com/levt/ria/e.gif?rsid=cnetzdnetglobalsite&sid=2&siteid=2&pagetype=article&assetguid=81519379-5999-445f-9b22-a4fd17b255ab&assettitle=simjacker%20attack%20exploited%20in%20the%20wild%20to%20track%20users%20for%20at%20least%20two%20years&assettype=content_article&pubdate=2019-09-12%2013%3A30%3A00&viewguid=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&devicetype=desktop&sitetype=responsive%20web&author=catalin%20cimpanu&authorid=85fd8691-f525-4ea2-a601-af296f629f7f&topicguid=113c25b6-ec91-11e3-95d2-02911863765e&topic=security&topicbrcrm=security&s8=cnetzdnetglobalsite&v23=cnetzdnetglobalsite&v19=article&v17=113c25b6-ec91-11e3-95d2-02911863765e&v20=81519379-5999-445f-9b22-a4fd17b255ab&v16=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&riaevent=impression&comptyp=spot&mapp=medusa_app&objtyp=medusa&eventt=log&v18=security&comp=ucwc&ts=1568342626218&tcset=utf8&im=dsjs&title=Simjacker%20attack%20exploited%20in%20the%20wild%20to%20track%20users%20for%20at%20least%20two%20years%20%7C%20ZDNet&srcurl=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.30.230.22 Fremont, United States, ASN6623 (CBSI-1 - CBS Interactive Inc., US),
Reverse DNS: phx2-dw-cbsi-xw-ext-lb.cnet.com
Software: Apache/2.4.25 /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:46 GMT
Server: Apache/2.4.25
Vary: *
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate, no-transform
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=80, max=689
Content-Length: 43
Expires: Fri, 23 Jan 1970 12:12:12 GMT

GET
H/1.1 200
OK count.js Show response
zdnet-1.disqus.com/ 1 KB
1 KB 32ms
8ms Script
application/javascript 151.101.12.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet-1.disqus.com/count.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1802-fly/js/libs/require-2.1.2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 2365389
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 15 Aug 2019 20:14:29 GMT
Server: nginx
ETag: "5d55bd25-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Expires: Sun, 15 Sep 2019 17:40:37 GMT

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ 0
248 B 10ms
7ms Image
text/plain 2.19.43.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1568342626274&ns_c=UTF-8&cv=3.1&c8=Simjacker%20attack%20exploited%20in%20the%20wild%20to%20track%20users%20for%20at%20least%20two%20years%20%7C%20ZDNet&c7=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&c9=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-43-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:46 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 35 KB
10 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fb-trip-id: 420120009
pragma: public
x-fb-debug: lrSMFewDYBoa9X18mPwB5HY+XKlpqQIW1mDsWkCF2IuAn4UOnx8zVHom4CbsIr3fUwWBJYgLCapR6UG0iWsK1w==
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: DENY
date: Fri, 13 Sep 2019 02:43:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=1200
vary: Accept-Encoding
content-length: 10218
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bcn
www.summerhamster.com/ 43 B
181 B 40ms
7ms Image
image/gif 35.157.160.140
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.summerhamster.com/bcn?fe=1568342626310&y=2.0.1105&elg=189264924&flg=68&x=zzz.cgqhw.frp%2Fduwlfoh%2Fqhz-vlpmdfnhu-dwwdfn-hasorlwhg-lq-wkh-zlog-wr-wudfn-xvhuv-iru-dw-ohdvw-wzr-bhduv%2F&vqwo=1&deo=0&g0=vg%3A%3Aer%2Cxd%3A%3Aqexd%3A%3Aqsu%7Cvg%3A%3Ask%3A%3Aqsk%3A%3Aqsu%7Cgisl%3A%3Alp%2Clqi%2Cqh%3A%3Aqoe%3A%3Aqsu%3A%3Axuo%3D%2F%2Fdg.grxeohfolfn.qhw%2Fggp%2Fdg%2Fkuprkfyeg%2Fnevem%2Fmnxrsmqgm%2Frcdrc%2Fyt%2F%3Brug%3D1568342624276%3F%7Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.sodlqDg%7Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.sodlqDg%7Cddg%2Cjdg%3A%3Aho%2Ckl%2Cklg%2Clqi%3A%3Aqhk%3A%3Aqsu%3A%3Avho%3D.des_re_halvw%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Cdg%3A%3Adu%2Cklg%2Cvv%3A%3Aqvvs%3A%3Aqsu%7Csu%3A%3Aid%3A%3Aquiv%3A%3Aqsu&hu=0&g2=0%3A%3A0%3A%3A0%3A%3A0%3A%3A0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.160.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-160-140.eu-central-1.compute.amazonaws.com
Software: Jetty(9.2.10.v20150310) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 13 Sep 2019 02:43:46 GMT
server: Jetty(9.2.10.v20150310)
access-control-allow-origin: *
content-length: 43
access-control-allow-methods: *
content-type: image/gif

GET
H2 200 pmk-201618008.1.js Show response
widget.perfectmarket.com/cbsinteractive-zdnet/ 323 KB
89 KB 7ms
7ms Script
text/javascript 151.101.113.181
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/cbsinteractive-zdnet/pmk-201618008.1.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/cbsinteractive-zdnet/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.181 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f72e8df44e82a8066b16ca8ab2d59f8f9ef21fa52c07d8554972f48b5105f13

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: bVoOWfmxkMrYwv2s6Uu9D96fE._5IBqu
content-encoding: gzip
etag: "da73fb2066df9f51d08b6688cfb35441"
age: 28047040
x-cache: HIT, HIT
status: 200
content-length: 91236
x-amz-id-2: T2A7wWXMDNgx2Z35EWhae8i8jDSVEo/Aqmbmta3HbEBKVMhwoZJKjGQuEf/CaAEiaINfKwR6uJs=
x-served-by: cache-lax8632-LAX, cache-hhn4059-HHN
last-modified: Thu, 20 Oct 2016 17:47:53 GMT
server: AmazonS3
x-timer: S1568342626.327165,VS0,VE0
date: Fri, 13 Sep 2019 02:43:46 GMT
vary: Accept-Encoding,,
x-amz-request-id: 58FF20717A687DE4
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: text/javascript
x-cache-hits: 1694, 7

GET
H/1.1 200
OK count-data.js Show response
zdnet-1.disqus.com/ 243 B
769 B 8ms
7ms Script
application/javascript 151.101.12.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet-1.disqus.com/count-data.js?1=81519379-5999-445f-9b22-a4fd17b255ab

Requested by

Host: zdnet-1.disqus.com
URL: https://zdnet-1.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

b89c96a0ef0b0d7c846fd4370f17a48fd0dd73383e00104d68eefad4b717526c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Age: 2513
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary: Accept-Encoding
Cache-Control: public, max-age=600
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=UTF-8
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 205
X-XSS-Protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 44 B
311 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=309391486091569&ev=PageView&dl=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&rl=&if=false&ts=1568342626340&sw=1600&sh=1200&v=2.9.4&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1568342626338.1508913271&it=1568342626181&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Fri, 13 Sep 2019 02:43:46 GMT

POST
H/1.1 204
No Content /
5f651e70.akstat.io/ 0
354 B 61ms
45ms Other
image/gif 104.111.214.229
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://5f651e70.akstat.io/

Requested by

Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.214.229 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-214-229.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Fri, 13 Sep 2019 02:43:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/cbsinteractive-zdnet/pmk-201618008.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 13
date: Fri, 13 Sep 2019 02:43:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Fri, 13 Sep 2019 04:43:33 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 11ms
10ms Script
application/x-javascript 2.19.43.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/cbsinteractive-zdnet/pmk-201618008.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-43-224.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Sat, 14 Sep 2019 02:43:46 GMT

GET
H2 404 tboptevent.html
widget.perfectmarket.com/opt/ Frame 6F5A 0
0 8ms
6ms Document
text/plain 151.101.113.181
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/opt/tboptevent.html?v=2&a=u&d=%7B%22stp%22%3A%7B%22a%22%3A1%7D%7D
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/cbsinteractive-zdnet/pmk-201618008.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.181 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

:method: GET
:authority: widget.perfectmarket.com
:scheme: https
:path: /opt/tboptevent.html?v=2&a=u&d=%7B%22stp%22%3A%7B%22a%22%3A1%7D%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Response headers

status: 404
server: Varnish
retry-after: 0
accept-ranges: bytes
date: Fri, 13 Sep 2019 02:43:46 GMT
via: 1.1 varnish
x-served-by: cache-hhn4059-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1568342626.424518,VS0,VE0
content-length: 0

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 42 B
487 B 32ms
32ms XHR
text/javascript 52.49.176.73
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.176.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-49-176-73.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: ccb75ab271796d1d6c7fd5cc0ab5045bf6610134558de5687e81e7bdaf11ef94

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:46 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 7197 0
75 B 19ms
18ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJGXLz4YqSWAP_0qbBMeKci3QKRVnZDvJWpXAl1X7tJeTPrZpoxRMsPZHbhhaXozICZJjII717_peKco6dYxji1s0sI7OWulwy922hp8F-VWBSRSD4UuBDlOQv1bDoKt5Gz30E3jQPcVxfofnI2w6JlKh9Dmt5JWeiBwJh9F2ayx4wzdW95J8fxBrnQBGJlvndnTC_qwBbr1wbm9YNLTQ5ndqwwCtxcvlKybSuuPIKKyOlcH4MmsKihYjefqaJJ287v1mi0541&sig=Cg0ArKJSzH0E5oAD_CTkEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 02:43:46 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7197 75 KB
28 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c1f4b48cf64b1d62f7ac56e47f4654cc28d949cdb83d9a0fa7be561c498b20d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568027754411643"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28564
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:46 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 7197 307 KB
103 KB 42ms
14ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090501.js?21064570
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 14:24:12 GMT
Server: AmazonS3
x-amz-request-id: E0666504BD3BC5C0
ETag: "25556c1ffa69be6c7e1c3ae5e4fe3fb0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=35679
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104539
x-amz-id-2: j3ST4nTUJtVQdALFxWJWN0r+yyWNfia0N3yoOrhXmvF4Gyo7xeTirTrgbpU0lvcAFtKUw3P1Azs=

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 76 KB
28 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019090501.js?21064570

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

52b9e38359d28b25df0896fd56c1fe0e2dfa20e178baab3822213b49a5cdec97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568027754411643"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28408
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:46 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 5FF1 0
57 B 19ms
17ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOKITodHpwJV8lTgg5llYB4rzY5VvQBolJ5akLAg22n7Fd7pczz7A5XC8iz5gpdWB3EcoPjlP85Lg2JMGsq6EPGtfah1o8nCpq1ec-cOQN4JYgGvbnuVtip_Wy4r0z5bnayWwzcYPJiC-SwS0D8x47mRhbfS44_Kxm7WPepwNyexHjtzp8huw5ZPQKK6kpqYv0EKmY96_qfcHLm0JkuLgwoXzux49K-_6uNlhlSqNOE_Y5nzuq3Sajepvh0-DJf37TI5o&sig=Cg0ArKJSzCEnINXSn8hBEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 02:43:46 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK 9818.js Show response
ads.rubiconproject.com/ad/ Frame 5FF1 26 KB
8 KB 28ms
7ms Script
text/javascript 104.111.230.142
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/9818.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=11803
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 7558
Expires: Fri, 13 Sep 2019 06:00:29 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5FF1 75 KB
28 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c1f4b48cf64b1d62f7ac56e47f4654cc28d949cdb83d9a0fa7be561c498b20d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568027754411643"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28564
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:46 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 5FF1 307 KB
103 KB 33ms
12ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090501.js?21064570
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 14:24:12 GMT
Server: AmazonS3
x-amz-request-id: E0666504BD3BC5C0
ETag: "25556c1ffa69be6c7e1c3ae5e4fe3fb0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=35679
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104539
x-amz-id-2: j3ST4nTUJtVQdALFxWJWN0r+yyWNfia0N3yoOrhXmvF4Gyo7xeTirTrgbpU0lvcAFtKUw3P1Azs=

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 4F3D 0
57 B 19ms
18ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqw1hhJpwOBcl8KjxURKGVphybNB7Sr4mZdA_2IaLGPWDe0wQYz0qJsGQJ9YwGxRwtvDm3Xbm9W_Cnzn7sngzvfmDXXSiVI7feskro0IrBDGGtdH9rAAc9GOdgM1PVcp9Jufw_cpHJtoiaZmzo6d0Ssf92dtAQTMENbiD-rMyYNEJXNt25BQVNCH5g7Bsg4jOU-669eBlD6iRFaitl98p_4PAMBfyj392mlvDq66-t1OfcAeY16y8EdWirLDUPQuxHttA&sig=Cg0ArKJSzD0uD99OsIJ0EAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 02:43:46 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK 9818.js Show response
ads.rubiconproject.com/ad/ Frame 4F3D 26 KB
8 KB 23ms
7ms Script
text/javascript 104.111.230.142
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/9818.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=11803
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 7558
Expires: Fri, 13 Sep 2019 06:00:29 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F3D 75 KB
28 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c1f4b48cf64b1d62f7ac56e47f4654cc28d949cdb83d9a0fa7be561c498b20d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568027754411643"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28564
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:46 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 4F3D 307 KB
103 KB 29ms
8ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090501.js?21064570
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 14:24:12 GMT
Server: AmazonS3
x-amz-request-id: E0666504BD3BC5C0
ETag: "25556c1ffa69be6c7e1c3ae5e4fe3fb0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=35679
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104539
x-amz-id-2: j3ST4nTUJtVQdALFxWJWN0r+yyWNfia0N3yoOrhXmvF4Gyo7xeTirTrgbpU0lvcAFtKUw3P1Azs=

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 3075 0
57 B 18ms
18ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRDbz2Z4wTIyhOijReRc9vVNZw7pyqd7b3n_CBT2V6vMnEdlqMDW-XOaMt4KHhGxG0shlGKNYdxmJgsDmIydryNhtpNlL414TLo9kWkT1Q-mSTdAGFkO0WuBDFsAnpqNUbY8q7odzeDnR_Zn-SfmFI8kz50iHhxscMD0gHDhXz5tWEcM6ONl5kHcXm6eW1PQZmof5ErGJoqfKdFQ6EIsSAwH98QSZSi0f1KLuAUMkJlVWXn1JPLsQDuZi5xW-s21atWMQZuoLV&sig=Cg0ArKJSzGHbc0p5P3zjEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 02:43:46 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3075 75 KB
28 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c1f4b48cf64b1d62f7ac56e47f4654cc28d949cdb83d9a0fa7be561c498b20d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568027754411643"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28564
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:46 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 3075 307 KB
103 KB 27ms
12ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090501.js?21064570
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 14:24:12 GMT
Server: AmazonS3
x-amz-request-id: E0666504BD3BC5C0
ETag: "25556c1ffa69be6c7e1c3ae5e4fe3fb0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=35679
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104539
x-amz-id-2: j3ST4nTUJtVQdALFxWJWN0r+yyWNfia0N3yoOrhXmvF4Gyo7xeTirTrgbpU0lvcAFtKUw3P1Azs=

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
219 B 18ms
14ms Image
image/gif 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&r=7x7%7C5x5&w=5&h=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame CAEB 0
57 B 21ms
18ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIvzLXbN_PWzWVPVDgG8x7fUEXUiKQWLKRsRVChPM2Fn4WrqU1P-MzRx9QOaf0UpP-aMDFdhInjFBP2OiE_LCkY-pRuwHnPZ7Tq5NIuKKuLG1q7n3hlixq4aHICpZYvsb8ezMfQFH76_Lg5cmR_XyFcfwrpU7cHifnNzAwpiEKnIaUMJQ_Bo_PbIwV3glsyy1HXgdeAMbnZpuI-F60iN7BNI7DCuaz-GFE12D06lLZz8gVOldISiuLSn70KnD3aCYYZKw&sig=Cg0ArKJSzHr0myPoJfwSEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 02:43:46 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK 9818.js Show response
ads.rubiconproject.com/ad/ Frame CAEB 26 KB
8 KB 10ms
7ms Script
text/javascript 104.111.230.142
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/9818.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=11803
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 7558
Expires: Fri, 13 Sep 2019 06:00:29 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame CAEB 75 KB
28 KB 47ms
44ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c1f4b48cf64b1d62f7ac56e47f4654cc28d949cdb83d9a0fa7be561c498b20d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568027754411643"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28564
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:46 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame CAEB 307 KB
103 KB 8ms
7ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090501.js?21064570
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 14:24:12 GMT
Server: AmazonS3
x-amz-request-id: E0666504BD3BC5C0
ETag: "25556c1ffa69be6c7e1c3ae5e4fe3fb0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=35679
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104539
x-amz-id-2: j3ST4nTUJtVQdALFxWJWN0r+yyWNfia0N3yoOrhXmvF4Gyo7xeTirTrgbpU0lvcAFtKUw3P1Azs=

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 57E7 0
57 B 38ms
37ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaKFfJbwmSZ6_59j9nODBKW9jdwaskYMP3W6vuG3_PprgoybqO2FIwtGGJbDfj31e_MZR0679OOR6NtUjrOAkO5BfvP2ZYgYYR2McDBCIEYSs3UY5wgv_VoTSgknco4vcPDoExFto7hLMAI5uGJVwl0YOYrUuJfQwEtVMzHb1dUExoqGvZAPK1SVIy9UQQOxivFSBk66d-LpPZ3S-eVi1vHogMhNQm2wyMV3TuUnu4FWEz1jjovn11JSRPVMmKTo7grLo&sig=Cg0ArKJSzFW2wLV7aypaEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 02:43:46 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK 9818.js Show response
ads.rubiconproject.com/ad/ Frame 57E7 26 KB
8 KB 9ms
8ms Script
text/javascript 104.111.230.142
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/9818.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=11803
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 7558
Expires: Fri, 13 Sep 2019 06:00:29 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 57E7 75 KB
28 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c1f4b48cf64b1d62f7ac56e47f4654cc28d949cdb83d9a0fa7be561c498b20d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568027754411643"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28564
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:46 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 57E7 307 KB
103 KB 8ms
7ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090501.js?21064570
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 14:24:12 GMT
Server: AmazonS3
x-amz-request-id: E0666504BD3BC5C0
ETag: "25556c1ffa69be6c7e1c3ae5e4fe3fb0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=35679
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104539
x-amz-id-2: j3ST4nTUJtVQdALFxWJWN0r+yyWNfia0N3yoOrhXmvF4Gyo7xeTirTrgbpU0lvcAFtKUw3P1Azs=

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 8905 0
57 B 31ms
30ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkEtGiquCL6sYUmpSBybLbmZwWIbeae3xERFQjNRGMZbc3O0b2jB6g4AUFuyT-psE-HuyKSeJSJL3jLvtn0iJXlAqAnGcTLqCJ8Jg9zmbT0GEsGpQZmopKPZ3IB27ZhhOfwUMQi2lLIC2r9ff8v0UkZ-EVuCurCUnIl6gd89InbpBzoaXDXIh9keGpaBmBv1y4o0WnWR3lUng0bdAixz_NPqp9OGbHt-AY7CR-YnIEyuuetnqipiniiM8E7YC5TtPTYjEWIu0I&sig=Cg0ArKJSzD-rGvsevFONEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 02:43:46 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8905 75 KB
28 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c1f4b48cf64b1d62f7ac56e47f4654cc28d949cdb83d9a0fa7be561c498b20d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568027754411643"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28564
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:46 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 8905 307 KB
103 KB 8ms
7ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090501.js?21064570
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 14:24:12 GMT
Server: AmazonS3
x-amz-request-id: E0666504BD3BC5C0
ETag: "25556c1ffa69be6c7e1c3ae5e4fe3fb0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=35679
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104539
x-amz-id-2: j3ST4nTUJtVQdALFxWJWN0r+yyWNfia0N3yoOrhXmvF4Gyo7xeTirTrgbpU0lvcAFtKUw3P1Azs=

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 9807 0
57 B 25ms
23ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKb7Fy3423z9nhSVnJN1NxigQZzlEjJQiKcEQTgjKnWyp4Dh9P6zNudMH_pYcGrP03bUvc2YfaNOs1Jam2WYjV7odobBTE4Nf3w_sz8tx7uSENDeSCp6vpRAWlBlpYy-RjJhWq7swNEMKn081vJGvsDvT_DorXO6OIcXIbNMQcVVFAOdRrewUWHBbzETSRdVDF8szdQutLD3UFki4L07GSzZjKFObYpHt-AqWCNgOkRMWGEJayg_ixTI9VH99eoUqggJk&sig=Cg0ArKJSzNVHx3ZoRFeaEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 02:43:46 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK 9818.js Show response
ads.rubiconproject.com/ad/ Frame 9807 26 KB
8 KB 25ms
24ms Script
text/javascript 104.111.230.142
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/9818.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=11803
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 7558
Expires: Fri, 13 Sep 2019 06:00:29 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9807 75 KB
28 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c1f4b48cf64b1d62f7ac56e47f4654cc28d949cdb83d9a0fa7be561c498b20d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568027754411643"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28564
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:46 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 9807 307 KB
103 KB 24ms
24ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090501.js?21064570
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 14:24:12 GMT
Server: AmazonS3
x-amz-request-id: E0666504BD3BC5C0
ETag: "25556c1ffa69be6c7e1c3ae5e4fe3fb0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=35679
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104539
x-amz-id-2: j3ST4nTUJtVQdALFxWJWN0r+yyWNfia0N3yoOrhXmvF4Gyo7xeTirTrgbpU0lvcAFtKUw3P1Azs=

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 8EAE 0
48 B 26ms
20ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbOGWRLrj6teRRvdKJ9mjgzNp6FJ7KUKCisD71ItKi_TivRKkvg0Tzshx69KJz3QQR4RiQ7QHZwvoUNTxNbNHx-Jbe5gpzzyGY4l8aupbcNb9sQ6tuyPr3l4vERY9p0Nj0QU7O_zL9F9FVbQuG74DDCTshzIjM4PRQQJARbwQqBoqSVUD2BYQ28bH1vyXCJeGwrgeoSFNdj01ZXNQuZTeydlNP1v_Y2S151nveIGsBehDSZV9_xrXI1b4955tkhw15GmB9GXkY&sig=Cg0ArKJSzI9X4ACcQkinEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 02:43:46 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 adKit.min.js Show response
rev.cbsi.com/common/js/ Frame 8EAE 6 KB
2 KB 146ms
8ms Script
application/x-javascript 2.18.233.143
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://rev.cbsi.com/common/js/adKit.min.js?402443615
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.143 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-143.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2bf78db102c9d6e84c8e86cd2bd6134383688ae866a991028728b62f482358ab

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
last-modified: Mon, 13 May 2019 18:29:20 GMT
server: Apache
etag: "e524dc608d5c7c30eef57b6ed95dc6a8:1557772160"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
accept-ranges: bytes
content-length: 2149

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8EAE 75 KB
28 KB 45ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c1f4b48cf64b1d62f7ac56e47f4654cc28d949cdb83d9a0fa7be561c498b20d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568027754411643"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28564
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:46 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 8EAE 307 KB
103 KB 13ms
10ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019090501.js?21064570
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 14:24:12 GMT
Server: AmazonS3
x-amz-request-id: E0666504BD3BC5C0
ETag: "25556c1ffa69be6c7e1c3ae5e4fe3fb0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=35679
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104539
x-amz-id-2: j3ST4nTUJtVQdALFxWJWN0r+yyWNfia0N3yoOrhXmvF4Gyo7xeTirTrgbpU0lvcAFtKUw3P1Azs=

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 21ms
16ms Image
image/gif 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&r=371x771&w=371&h=771

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 283812-2.js Show response
optimized-by.rubiconproject.com/a/9818/59604/ Frame 5FF1 2 KB
1 KB 68ms
46ms Script
text/javascript 69.173.144.143
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/9818/59604/283812-2.js?&cb=0.40231648679955856&tk_st=1&rf=https%3A//www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=59604_2&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/9818.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 5a23d866a0a92019445c029e63c85fb38129d46906a233ac3717b7b4723c48a9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=479
Content-Length: 916
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 15ms
15ms Image
image/gif 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1493840228&t=pageview&_s=1&dl=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&ul=en-us&de=UTF-8&dt=Simjacker%20attack%20exploited%20in%20the%20wild%20to%20track%20users%20for%20at%20least%20two%20years%20%7C%20ZDNet&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YAhAAEAB~&jid=1597492170&gjid=484875157&cid=683431924.1568342626&tid=UA-33613588-22&_gid=122785249.1568342627&_r=1&cd2=other&z=1120892689

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 283812-15.js Show response
optimized-by.rubiconproject.com/a/9818/59604/ Frame 4F3D 2 KB
1 KB 88ms
68ms Script
text/javascript 69.173.144.143
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/9818/59604/283812-15.js?&cb=0.3632032407647896&tk_st=1&rf=https%3A//www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=59604_15&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/9818.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: e9477ef3a34ac7652848339f8be0e4a768a5a6b74e262cad49ae19fcd5dca953

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=487
Content-Length: 917
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK 283812-15.js Show response
optimized-by.rubiconproject.com/a/9818/59604/ Frame CAEB 2 KB
1 KB 96ms
74ms Script
text/javascript 69.173.144.143
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/9818/59604/283812-15.js?&cb=0.80315481918359&tk_st=1&rf=https%3A//www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=59604_15&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/9818.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 85627f2dfac9c36fad3f8a259bf6ae0e666c73680ceaa1038e77dbe32d7aa842

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=455
Content-Length: 915
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK 283812-15.js Show response
optimized-by.rubiconproject.com/a/9818/59604/ Frame 57E7 198 B
586 B 78ms
58ms Script
text/javascript 69.173.144.143
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/9818/59604/283812-15.js?&cb=0.7279821225013345&tk_st=1&rf=https%3A//www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=59604_15&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/9818.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: f2d633bd5d83931f8bb0ad151a91040741c390bcd8345ee0fadb801d836c2157

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:46 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=466
Content-Length: 198
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK 283812-2.js Show response
optimized-by.rubiconproject.com/a/9818/59604/ Frame 9807 2 KB
1 KB 67ms
44ms Script
text/javascript 69.173.144.143
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/9818/59604/283812-2.js?&cb=0.5402605937251763&tk_st=1&rf=https%3A//www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=59604_2&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/9818.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 20d0cfa10aa539f7d83866f4cf482710381e1ddf7f61f5fcd0f40b20803dd005

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=496
Content-Length: 916
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ Frame 7197 26 KB
12 KB 35ms
35ms Script
application/javascript 34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?1382019
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 390a28be2ca4bcea5b71fe050295281a1a8fc99175690cdd62de378190400acb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Sep 2019 09:24:26 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=24039
Connection: keep-alive
Content-Length: 11933
Expires: Fri, 13 Sep 2019 09:24:26 GMT

GET
H/1.1 200
OK n.js Show response
geo.moatads.com/ Frame 7197 106 B
364 B 95ms
24ms Script
text/html 35.176.50.209
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF6GfC6Jn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&i=CBSDFPCW2&hp=1&wf=1&vb=10&cm=10&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1568342626679&de=791825612073&m=0&ar=ab397f9-clean&q=2&cb=0&ym=0&cu=1568342626679&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745699004%3A138245072116&zMoatPS=nav&zMoatPT=article&zMoatW=5&zMoatH=5&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatSN=a&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&id=1&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=170499&na=642654993&cs=0&callback=MoatSuperV26.gna459659
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.50.209 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-176-50-209.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: d6f3e8336a6fdec809ec2a383164b41cf26e92063d724ef6531c40d42a54f114

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Server: nginx
Etag: "5d1d5f43dc2dc6e38520bffbfe3dc0a037170dfe"
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=900
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 106

GET
H/1.1 200
OK n.js Show response
geo.moatads.com/ 104 B
362 B 97ms
26ms Script
text/html 35.176.50.209
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF6GfC6Jn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&i=CBSDFPCW2&hp=1&wf=1&vb=10&cm=10&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1568342626679&de=791825612073&m=0&ar=ab397f9-clean&q=3&cb=0&ym=0&cu=1568342626679&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745699004%3A138245072116&zMoatPS=nav&zMoatPT=article&zMoatW=5&zMoatH=5&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatSN=a&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&id=1&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=170499&na=2137722098&cs=0&callback=MoatDataJsonpRequest
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.50.209 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-176-50-209.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 3dbdd179f27738c4c342d0c5ac068becbaa67f3ec94e6d5d72603d9d47b12091

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Server: nginx
Etag: "3dcccced3230d6e3b0dbd49000904ff8e8c901c4"
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=900
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 104

GET
H/1.1 200
OK n.js Show response
geo.moatads.com/ Frame 3075 107 B
365 B 82ms
24ms Script
text/html 35.176.50.209
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF6GfC6Jn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&i=CBSDFPCW2&hp=1&wf=1&vb=10&cm=23&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1568342626756&de=605861979414&m=0&ar=ab397f9-clean&q=7&cb=0&ym=0&cu=1568342626756&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745189935%3A138239344181&zMoatPS=top&zMoatPT=article&zMoatW=11&zMoatH=11&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatSN=a&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&id=1&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=11x11&zMoatSZPS=11x11%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=170499&na=1019480901&cs=0&callback=MoatSuperV26.gna754118
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.50.209 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-176-50-209.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e1ac4419469703e327199779a0b1b5079a174a50da64377731ac6b1dee03391d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Server: nginx
Etag: "0f95e60db4557264b0267453bc4e703a0f57d233"
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=900
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 107

GET
H2 404 tboptevent.html
widget.perfectmarket.com/opt/ Frame DADC 0
0 6ms
6ms Document
text/plain 151.101.113.181
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/opt/tboptevent.html?v=2&a=u&d=%7B%22stp%22%3A%7B%22v%22%3A1%7D%7D
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/cbsinteractive-zdnet/pmk-201618008.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.181 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

:method: GET
:authority: widget.perfectmarket.com
:scheme: https
:path: /opt/tboptevent.html?v=2&a=u&d=%7B%22stp%22%3A%7B%22v%22%3A1%7D%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Response headers

status: 404
server: Varnish
retry-after: 0
accept-ranges: bytes
date: Fri, 13 Sep 2019 02:43:46 GMT
via: 1.1 varnish
x-served-by: cache-hhn4059-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1568342627.810566,VS0,VE0
content-length: 0

GET
H/1.1 200
OK n.js Show response
geo.moatads.com/ Frame 8905 107 B
365 B 24ms
23ms Script
text/html 35.176.50.209
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF6GfC6Jn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&i=CBSDFPCW2&hp=1&wf=1&vb=10&cm=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1568342626812&de=678283611382&m=0&ar=ab397f9-clean&q=12&cb=0&ym=0&cu=1568342626812&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745327422%3A138239368367&zMoatPS=top&zMoatPT=article&zMoatW=641&zMoatH=321&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatSN=a&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&id=1&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=641x321&zMoatSZPS=641x321%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=170499&na=615448561&cs=0&callback=MoatSuperV26.gna786714
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.50.209 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-176-50-209.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 78ca9ca8d323bac1940622f147a59695e8f1936e26b69fe72c162525b4e414bf

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Server: nginx
Etag: "9d77b5ea7eefbc209a9313840122bbf6d4eb247f"
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=900
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 107

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 5FF1 67 KB
25 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: optimized-by.rubiconproject.com
URL: https://optimized-by.rubiconproject.com/a/9818/59604/283812-2.js?&cb=0.40231648679955856&tk_st=1&rf=https%3A//www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=59604_2&rp_secure=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

91f05f0556fabe27de8aa0b613b44b8d4b9a691fe7713b7eecafe34bd03848df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 25845
x-xss-protection: 0
server: cafe
etag: 13217402123377493596
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Sep 2019 02:43:46 GMT

GET
H/1.1 200
OK 8e8a0c43-3023-4862-a4a5-389dd1e15cd2
beacon-eu2.rubiconproject.com/beacon/d/ Frame 5FF1 43 B
268 B 36ms
13ms Image
image/webp 69.173.144.153
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon-eu2.rubiconproject.com/beacon/d/8e8a0c43-3023-4862-a4a5-389dd1e15cd2?oo=51&accountId=9818&siteId=59604&zoneId=283812&sizeId=2&e=6A1E40E384DA563BAA4E6B99B2B819295293718687D1D8FB76932C1C7397BE8A9165CE5BC4D7ED093C32773B9C69621D172DB22D3B21A9B541B559A5A161340D197AA853A35CDC1E3570ECD3831C9446AC237D6FA0EBFC9A6240B348FC26EBCF642D416F444AD77F83009FDB9DE7981633F8630F2FDB6069
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.153 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:46 GMT
Cache-Control: private, max-age=0, no-cache
Server: Rubicon Project
Content-Type: image/webp
Content-Length: 43
Expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 4F3D 67 KB
25 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: optimized-by.rubiconproject.com
URL: https://optimized-by.rubiconproject.com/a/9818/59604/283812-15.js?&cb=0.3632032407647896&tk_st=1&rf=https%3A//www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=59604_15&rp_secure=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

91f05f0556fabe27de8aa0b613b44b8d4b9a691fe7713b7eecafe34bd03848df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 25845
x-xss-protection: 0
server: cafe
etag: 13217402123377493596
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Sep 2019 02:43:46 GMT

GET
H/1.1 200
OK 2d0b070b-d51c-4db0-9998-436012c596a0
beacon-eu2.rubiconproject.com/beacon/d/ Frame 4F3D 43 B
268 B 29ms
8ms Image
image/webp 69.173.144.153
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon-eu2.rubiconproject.com/beacon/d/2d0b070b-d51c-4db0-9998-436012c596a0?oo=51&accountId=9818&siteId=59604&zoneId=283812&sizeId=15&e=6A1E40E384DA563B1FA8371FB0D609E792899E5D8D38004D002E975A74082D08F59ED628D558136D9FFB536A630A591D172DB22D3B21A9B5D5B75F69B49B3929197AA853A35CDC1E3570ECD3831C9446AC237D6FA0EBFC9A6240B348FC26EBCF642D416F444AD77F83009FDB9DE7981633F8630F2FDB6069
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.153 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:46 GMT
Cache-Control: private, max-age=0, no-cache
Server: Rubicon Project
Content-Type: image/webp
Content-Length: 43
Expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 8EAE 40 KB
12 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: rev.cbsi.com
URL: https://rev.cbsi.com/common/js/adKit.min.js?402443615

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cafcc9a51d760f8caf35209bffaa361d8be982ef5018292042d789b8433dd2b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "277 / 52 of 1000 / last-modified: 1568323734"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 12668
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:46 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 9807 67 KB
25 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: optimized-by.rubiconproject.com
URL: https://optimized-by.rubiconproject.com/a/9818/59604/283812-2.js?&cb=0.5402605937251763&tk_st=1&rf=https%3A//www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=59604_2&rp_secure=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

91f05f0556fabe27de8aa0b613b44b8d4b9a691fe7713b7eecafe34bd03848df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 25845
x-xss-protection: 0
server: cafe
etag: 13217402123377493596
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Sep 2019 02:43:46 GMT

GET
H/1.1 200
OK d7b01582-c4f1-42c3-8237-8bcfee017d8a
beacon-eu2.rubiconproject.com/beacon/d/ Frame 9807 43 B
268 B 41ms
12ms Image
image/webp 69.173.144.153
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon-eu2.rubiconproject.com/beacon/d/d7b01582-c4f1-42c3-8237-8bcfee017d8a?oo=51&accountId=9818&siteId=59604&zoneId=283812&sizeId=2&e=6A1E40E384DA563B84D7E1983B94530631E2C95F84A3207E5FFCBFFCCEF193658199F42F90DFF86D4AC55D48CD1AFA30172DB22D3B21A9B57B66E4144C0B112B197AA853A35CDC1E3570ECD3831C9446AC237D6FA0EBFC9A6240B348FC26EBCF5DCAA7F77662793E83009FDB9DE7981633F8630F2FDB6069
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.153 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:46 GMT
Cache-Control: private, max-age=0, no-cache
Server: Rubicon Project
Content-Type: image/webp
Content-Length: 43
Expires: 01 Jan 1970 10:00:00 GMT

GET
H/1.1 200
OK 15.jpg
secure-assets.rubiconproject.com/static/psa/de/ Frame 57E7 8 KB
7 KB 40ms
11ms Image
image/jpeg 104.111.230.142
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-assets.rubiconproject.com/static/psa/de/15.jpg
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 437a944207b3710f33a5ccd0afc47993219e69b7b5309a928049511e04b49cd8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jul 2019 17:48:44 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7106

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame CAEB 67 KB
25 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: optimized-by.rubiconproject.com
URL: https://optimized-by.rubiconproject.com/a/9818/59604/283812-15.js?&cb=0.80315481918359&tk_st=1&rf=https%3A//www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/&rp_s=c&p_pos=btf&p_screen_res=1600x1200&ad_slot=59604_15&rp_secure=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

91f05f0556fabe27de8aa0b613b44b8d4b9a691fe7713b7eecafe34bd03848df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 25845
x-xss-protection: 0
server: cafe
etag: 13217402123377493596
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Sep 2019 02:43:46 GMT

GET
H/1.1 200
OK 4c1171de-f8e1-4707-9d42-f712f6293201
beacon-eu2.rubiconproject.com/beacon/d/ Frame CAEB 43 B
268 B 41ms
12ms Image
image/webp 69.173.144.153
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon-eu2.rubiconproject.com/beacon/d/4c1171de-f8e1-4707-9d42-f712f6293201?oo=51&accountId=9818&siteId=59604&zoneId=283812&sizeId=15&e=6A1E40E384DA563BFD86DFBBBB78233811097138853E6926B42F80C241A8B4E71FB51C7511F7F8280D8F45AD92AE205A172DB22D3B21A9B54461283FAD12E8A0197AA853A35CDC1E3570ECD3831C9446AC237D6FA0EBFC9A6240B348FC26EBCF642D416F444AD77F83009FDB9DE7981633F8630F2FDB6069
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.153 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:46 GMT
Cache-Control: private, max-age=0, no-cache
Server: Rubicon Project
Content-Type: image/webp
Content-Length: 43
Expires: 01 Jan 1970 10:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ Frame C122 0
0 14ms
6ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 4918
pragma: no-cache
cache-control: no-cache
origin: https://www.zdnet.com
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
accept-encoding: gzip, deflate, br
Origin: https://www.zdnet.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: https://www.zdnet.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
server: proxygen-bolt
date: Fri, 13 Sep 2019 02:43:46 GMT

GET
DATA 200
OK truncated
/ Frame 57E7 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b270b9cf7c73dfd11edd3beb2e12bfe3d7fc161499c5e3dbc8e61d29547804df

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK n.js Show response
geo.moatads.com/ Frame 8EAE 107 B
365 B 31ms
25ms Script
text/html 35.176.50.209
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF6GfC6Jn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&i=CBSDFPCW2&hp=1&wf=1&vb=10&cm=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1568342626885&de=569321527640&m=0&ar=ab397f9-clean&q=17&cb=0&ym=0&cu=1568342626885&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4825966980%3A138247024569&zMoatPS=top&zMoatPT=article&zMoatW=371&zMoatH=771&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatSN=a&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&id=1&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=371x771&zMoatSZPS=371x771%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=170499&na=2003058794&cs=0&callback=MoatSuperV26.gna627536
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.50.209 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-176-50-209.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 168858aa1c16b7c155653298551345485acf7545fcf5c4927b57f225fc40283e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Server: nginx
Etag: "9a2585bb9b99cb942f9db7700fe23873f7a76d60"
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=900
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 107

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 25ms
6ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=10&cm=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1568342626885&de=569321527640&m=0&ar=ab397f9-clean&q=19&cb=0&ym=0&cu=1568342626885&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4825966980%3A138247024569&zMoatPS=top&zMoatPT=article&zMoatW=371&zMoatH=771&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatSN=a&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&id=1&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=371x771&zMoatSZPS=371x771%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=170499&na=1444501143&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:46 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Sep 2019 02:43:46 GMT

GET
H/1.1 200
OK n.js Show response
geo.moatads.com/ Frame 57E7 105 B
363 B 26ms
25ms Script
text/html 35.176.50.209
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF6GfC6Jn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&i=CBSDFPCW2&hp=1&wf=1&vb=10&cm=31&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1568342626905&de=458152022990&m=0&ar=ab397f9-clean&q=22&cb=0&ym=0&cu=1568342626905&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25299489%3A251370729%3A253246569%3A138271735246&zMoatPS=bottom&zMoatPT=article&zMoatW=300&zMoatH=250&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatSN=a&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&id=1&bo=23605329&bp=23619609&bd=bottom&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatSZPS=300x250%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=170499&na=1985525001&cs=0&callback=MoatSuperV26.gna862008
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.50.209 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-176-50-209.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8f506e11f99030a455e7b3ecf1a137412f032d337a0a899feddf0ede8639dc02

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:46 GMT
Server: nginx
Etag: "17fb021927f3b55c94e9f15163d51de0a8d77e7b"
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=900
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 105

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5FF1 109 B
171 B 16ms
14ms Script
application/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5FF1 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/ Frame 5FF1 222 KB
82 KB 29ms
26ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

794fe0486515f44881ce168acf0fb4ba478b6971fe3448ae96176f50075fadca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 84018
x-xss-protection: 0
server: cafe
etag: 7346031692830552506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Sep 2019 02:43:46 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/ Frame 93BD 222 KB
82 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

794fe0486515f44881ce168acf0fb4ba478b6971fe3448ae96176f50075fadca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 84018
x-xss-protection: 0
server: cafe
etag: 7346031692830552506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Sep 2019 02:43:46 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190911/r20190131/ Frame 333D 0
0 7ms
6ms Document
text/html 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190911/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190911/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 12 Sep 2019 14:01:50 GMT
expires: Thu, 26 Sep 2019 14:01:50 GMT
content-type: text/html; charset=UTF-8
etag: 14866779439905550351
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 7273
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 45717
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame A459 0
0 26ms
7ms Document
text/html 104.111.230.142
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 11 Sep 2019 18:27:19 GMT
Content-Encoding: gzip
Content-Length: 7614
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=14716
Expires: Fri, 13 Sep 2019 06:49:03 GMT
Date: Fri, 13 Sep 2019 02:43:47 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4F3D 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4F3D 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/ Frame 4F3D 222 KB
82 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

794fe0486515f44881ce168acf0fb4ba478b6971fe3448ae96176f50075fadca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 84018
x-xss-protection: 0
server: cafe
etag: 7346031692830552506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/ Frame 71AB 222 KB
82 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

794fe0486515f44881ce168acf0fb4ba478b6971fe3448ae96176f50075fadca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 84018
x-xss-protection: 0
server: cafe
etag: 7346031692830552506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame A4DB 0
0 28ms
17ms Document
text/html 104.111.230.142
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 11 Sep 2019 18:27:19 GMT
Content-Encoding: gzip
Content-Length: 7614
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=14716
Expires: Fri, 13 Sep 2019 06:49:03 GMT
Date: Fri, 13 Sep 2019 02:43:47 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame CAEB 109 B
171 B 24ms
24ms Script
application/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame CAEB 109 B
171 B 25ms
25ms Script
application/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/ Frame CAEB 222 KB
82 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js?cache=bust

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

794fe0486515f44881ce168acf0fb4ba478b6971fe3448ae96176f50075fadca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 84018
x-xss-protection: 0
server: cafe
etag: 7346031692830552506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/ Frame 4D4A 222 KB
82 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js?cache=bust

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

794fe0486515f44881ce168acf0fb4ba478b6971fe3448ae96176f50075fadca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 84018
x-xss-protection: 0
server: cafe
etag: 7346031692830552506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame D8C9 0
0 19ms
19ms Document
text/html 104.111.230.142
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 11 Sep 2019 18:27:19 GMT
Content-Encoding: gzip
Content-Length: 7614
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=14716
Expires: Fri, 13 Sep 2019 06:49:03 GMT
Date: Fri, 13 Sep 2019 02:43:47 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9807 109 B
171 B 20ms
13ms Script
application/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9807 109 B
171 B 21ms
13ms Script
application/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/ Frame 9807 222 KB
82 KB 26ms
22ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

794fe0486515f44881ce168acf0fb4ba478b6971fe3448ae96176f50075fadca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 84018
x-xss-protection: 0
server: cafe
etag: 7346031692830552506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/ Frame 9B72 222 KB
82 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

794fe0486515f44881ce168acf0fb4ba478b6971fe3448ae96176f50075fadca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 84018
x-xss-protection: 0
server: cafe
etag: 7346031692830552506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame CADB 0
0 9ms
8ms Document
text/html 104.111.230.142
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 11 Sep 2019 18:27:19 GMT
Content-Encoding: gzip
Content-Length: 7614
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=14716
Expires: Fri, 13 Sep 2019 06:49:03 GMT
Date: Fri, 13 Sep 2019 02:43:47 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 7197 49 KB
19 KB 8ms
6ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

9b404c617f947b58e4c257e9d622512567b05283f1ce4894b11273982c534f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2012
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 19002
x-xss-protection: 0
server: cafe
etag: 16639907700459338416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Sep 2019 03:10:15 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 8EAE 109 B
171 B 17ms
14ms Script
application/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8EAE 109 B
171 B 19ms
16ms Script
application/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019082901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8EAE 158 KB
58 KB 19ms
16ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

ec6c461b6a7da1d28c5bb10b93c755c080ccdaed59821bdf1076bdc3866cc956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Aug 2019 13:06:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 59716
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
DATA 200
OK truncated
/ Frame 5FF1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 733dd6689e690b8ce89ef66b8e08a69867d54179f34f79ed5c69d1b88b2f2622

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4F3D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7153746b76e7d26f36afe41d0791f23ce52e0a260a7c91923b9d9df18b3262d9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CAEB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6290cd1791503d91f6fdafcd3e81025b21034d8e081720074006f2c1ccd059c4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9807 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e648b2b9970940763e056a37a317bf3ee2c136528ebbc25f8b62dacc15f41c9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 32ms
7ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=4&fi=1&apd=7&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=75374362809&S1id=23605329&S2id=23619609&ord=1568342627159&r=970964775458&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatPS=top&zMoatPT=article&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 31ms
6ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=4&fi=1&apd=7&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=75374362809&S1id=23605329&S2id=23619609&ord=1568342627159&r=970964775458&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatPS=top&zMoatPT=article&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 33ms
8ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=4&fi=1&apd=7&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=75374362809&S1id=23605329&S2id=23619609&ord=1568342627159&r=970964775458&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatPS=top&zMoatPT=article&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 9ms
7ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=3&fi=1&apd=5&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=75375443409&S1id=23605329&S2id=23619609&ord=1568342627197&r=316120596677&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatPS=top&zMoatPT=article&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 9ms
7ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=3&fi=1&apd=5&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=75375443409&S1id=23605329&S2id=23619609&ord=1568342627197&r=316120596677&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatPS=top&zMoatPT=article&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 10ms
8ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=3&fi=1&apd=5&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=75375443409&S1id=23605329&S2id=23619609&ord=1568342627197&r=316120596677&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatPS=top&zMoatPT=article&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 3075 49 KB
19 KB 8ms
7ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

9b404c617f947b58e4c257e9d622512567b05283f1ce4894b11273982c534f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2012
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 19002
x-xss-protection: 0
server: cafe
etag: 16639907700459338416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Sep 2019 03:10:15 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 8905 49 KB
19 KB 8ms
8ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

9b404c617f947b58e4c257e9d622512567b05283f1ce4894b11273982c534f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2012
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 19002
x-xss-protection: 0
server: cafe
etag: 16639907700459338416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Sep 2019 03:10:15 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 7ms
6ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=5&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=138271463546&S1id=23605329&S2id=23619609&ord=1568342627219&r=24624269919&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatPS=middle&zMoatPT=article&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 7ms
7ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=5&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=138271463546&S1id=23605329&S2id=23619609&ord=1568342627219&r=24624269919&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatPS=middle&zMoatPT=article&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 8ms
7ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=8&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=138271735246&S1id=23605329&S2id=23619609&ord=1568342626905&r=458152022990&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatPS=bottom&zMoatPT=article&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 9ms
7ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=276&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=138271735246&S1id=23605329&S2id=23619609&ord=1568342626905&r=458152022990&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatPS=bottom&zMoatPT=article&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 8ms
7ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=10&cm=17&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1568342627242&de=487627959232&m=0&ar=ab397f9-clean&q=40&cb=0&ym=0&cu=1568342627242&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25299489%3A251370729%3A253246569%3A138271463540&zMoatPS=bottom&zMoatPT=article&zMoatW=728&zMoatH=90&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatSN=a&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatDev=Desktop&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&qs=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&id=1&bo=23605329&bp=23619609&bd=bottom&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatSZPS=728x90%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&iq=na&tt=na&tu=&tp=&fs=170499&na=1134190576&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 7ms
6ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=7&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=138271463540&S1id=23605329&S2id=23619609&ord=1568342627242&r=487627959232&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatPS=bottom&zMoatPT=article&bedc=1&q=1&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 8ms
7ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=7&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=138271463540&S1id=23605329&S2id=23619609&ord=1568342627242&r=487627959232&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatPS=bottom&zMoatPT=article&bedc=1&q=2&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 79C7 0
0 98ms
97ms Document
text/html 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1991679624331369&output=html&h=90&slotname=3084619100&adk=2606246846&adf=3677162154&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&ea=0&flash=0&wgl=1&dt=1568342626964&bpp=38&bdt=516&fdt=304&idt=305&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4591683405755&frm=23&ife=5&pv=2&ga_vid=683431924.1568342626&ga_sid=1568342627&ga_hid=762429058&ga_fc=0&iag=3&icsg=10600&nhd=1&dssz=22&mdo=0&mso=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=393&biw=1585&bih=1200&isw=728&ish=90&ifk=3455273320&scr_x=0&scr_y=0&eid=21060548%2C21064506&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=4066913089&ifi=1&uci=1.f6mwf7l1i49y&fsb=1&dtd=324

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1991679624331369&output=html&h=90&slotname=3084619100&adk=2606246846&adf=3677162154&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&ea=0&flash=0&wgl=1&dt=1568342626964&bpp=38&bdt=516&fdt=304&idt=305&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4591683405755&frm=23&ife=5&pv=2&ga_vid=683431924.1568342626&ga_sid=1568342627&ga_hid=762429058&ga_fc=0&iag=3&icsg=10600&nhd=1&dssz=22&mdo=0&mso=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=393&biw=1585&bih=1200&isw=728&ish=90&ifk=3455273320&scr_x=0&scr_y=0&eid=21060548%2C21064506&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=4066913089&ifi=1&uci=1.f6mwf7l1i49y&fsb=1&dtd=324
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 13 Sep 2019 02:43:47 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 13-Sep-2019 02:58:47 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
expires: Fri, 13 Sep 2019 02:43:47 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5FF1 76 KB
28 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

52b9e38359d28b25df0896fd56c1fe0e2dfa20e178baab3822213b49a5cdec97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568027754411643"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28408
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8575 0
0 111ms
110ms Document
text/html 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1991679624331369&output=html&h=250&slotname=8385808081&adk=418362401&adf=3677162153&w=300&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&ea=0&flash=0&wgl=1&dt=1568342627005&bpp=17&bdt=547&fdt=301&idt=301&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4591683405755&frm=23&ife=5&pv=1&ga_vid=683431924.1568342626&ga_sid=1568342627&ga_hid=2041868166&ga_fc=0&iag=3&icsg=10600&nhd=1&dssz=22&mdo=0&mso=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1043&ady=513&biw=1585&bih=1200&isw=300&ish=250&ifk=2236649575&scr_x=0&scr_y=0&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=3832671437&ifi=1&uci=1.c4f1wy5xp0kw&fsb=1&dtd=306

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1991679624331369&output=html&h=250&slotname=8385808081&adk=418362401&adf=3677162153&w=300&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&ea=0&flash=0&wgl=1&dt=1568342627005&bpp=17&bdt=547&fdt=301&idt=301&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4591683405755&frm=23&ife=5&pv=1&ga_vid=683431924.1568342626&ga_sid=1568342627&ga_hid=2041868166&ga_fc=0&iag=3&icsg=10600&nhd=1&dssz=22&mdo=0&mso=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1043&ady=513&biw=1585&bih=1200&isw=300&ish=250&ifk=2236649575&scr_x=0&scr_y=0&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=3832671437&ifi=1&uci=1.c4f1wy5xp0kw&fsb=1&dtd=306
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 13 Sep 2019 02:43:47 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 13-Sep-2019 02:58:47 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
expires: Fri, 13 Sep 2019 02:43:47 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F3D 76 KB
28 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

52b9e38359d28b25df0896fd56c1fe0e2dfa20e178baab3822213b49a5cdec97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568027754411643"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28408
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 98F5 0
0 98ms
97ms Document
text/html 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1991679624331369&output=html&h=250&slotname=8385808081&adk=418362401&adf=2269224024&w=300&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&ea=0&flash=0&wgl=1&dt=1568342627023&bpp=15&bdt=512&fdt=299&idt=299&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4591683405755&frm=23&ife=5&pv=1&ga_vid=683431924.1568342626&ga_sid=1568342627&ga_hid=983154670&ga_fc=0&iag=3&icsg=10600&nhd=1&dssz=22&mdo=0&mso=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1043&ady=1473&biw=1585&bih=1200&isw=300&ish=250&ifk=3689125805&scr_x=0&scr_y=0&eid=20040008&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=3832671437&ifi=1&uci=1.1n89if653jet&fsb=1&dtd=311

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js?cache=bust

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1991679624331369&output=html&h=250&slotname=8385808081&adk=418362401&adf=2269224024&w=300&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&ea=0&flash=0&wgl=1&dt=1568342627023&bpp=15&bdt=512&fdt=299&idt=299&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4591683405755&frm=23&ife=5&pv=1&ga_vid=683431924.1568342626&ga_sid=1568342627&ga_hid=983154670&ga_fc=0&iag=3&icsg=10600&nhd=1&dssz=22&mdo=0&mso=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1043&ady=1473&biw=1585&bih=1200&isw=300&ish=250&ifk=3689125805&scr_x=0&scr_y=0&eid=20040008&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=3832671437&ifi=1&uci=1.1n89if653jet&fsb=1&dtd=311
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 13 Sep 2019 02:43:47 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 13-Sep-2019 02:58:47 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
expires: Fri, 13 Sep 2019 02:43:47 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame CAEB 76 KB
28 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js?cache=bust

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

52b9e38359d28b25df0896fd56c1fe0e2dfa20e178baab3822213b49a5cdec97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568027754411643"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28408
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0C82 0
0 98ms
97ms Document
text/html 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1991679624331369&output=html&h=90&slotname=3084619100&adk=2606246846&adf=2269224029&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&ea=0&flash=0&wgl=1&dt=1568342627039&bpp=23&bdt=507&fdt=324&idt=324&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4591683405755&frm=23&ife=5&pv=1&ga_vid=683431924.1568342626&ga_sid=1568342627&ga_hid=1681919322&ga_fc=0&iag=3&icsg=10600&nhd=1&dssz=22&mdo=0&mso=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=6640&biw=1585&bih=1200&isw=728&ish=90&ifk=2200508717&scr_x=0&scr_y=0&eid=21064381&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=4066913089&ifi=1&uci=1.g08yl44mf2zl&fsb=1&dtd=332

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1991679624331369&output=html&h=90&slotname=3084619100&adk=2606246846&adf=2269224029&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&ea=0&flash=0&wgl=1&dt=1568342627039&bpp=23&bdt=507&fdt=324&idt=324&shv=r20190911&cbv=r20190131&saldr=sa&correlator=4591683405755&frm=23&ife=5&pv=1&ga_vid=683431924.1568342626&ga_sid=1568342627&ga_hid=1681919322&ga_fc=0&iag=3&icsg=10600&nhd=1&dssz=22&mdo=0&mso=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=6640&biw=1585&bih=1200&isw=728&ish=90&ifk=2200508717&scr_x=0&scr_y=0&eid=21064381&oid=3&rx=0&eae=2&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=20&bc=31&osw_key=4066913089&ifi=1&uci=1.g08yl44mf2zl&fsb=1&dtd=332
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 13 Sep 2019 02:43:47 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 13-Sep-2019 02:58:47 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
expires: Fri, 13 Sep 2019 02:43:47 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9807 76 KB
28 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190911/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

52b9e38359d28b25df0896fd56c1fe0e2dfa20e178baab3822213b49a5cdec97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568027754411643"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28408
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H2 200 json Show response
trc.taboola.com/cbsinteractive-zdnet/trc/3/ 12 KB
5 KB 177ms
174ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/cbsinteractive-zdnet/trc/3/json?tim=04%3A43%3A47.405&lti=deflated&data=%7B%22id%22%3A461%2C%22ii%22%3A%22%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1568342627402%2C%22cv%22%3A%2220190911-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A3%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1585%2C%22dh%22%3A7085%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22ZDNETarticleDesktop%2FTablet-Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22ZDNETarticleDesktop%2FTablet-Below%20Article%20Thumbnails%22%2C%22cd%22%3A6524.6875%2C%22mw%22%3A770%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20190911-24-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: 7a35f745522fc2539f261b99908665ea8f66e7d709e0ba46e5afdc7984b61cb8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
server: nginx
x-timer: S1568342627.413386,VS0,VE167
status: 200
x-served-by: cache-hhn4045-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8EAE 29 KB
7 KB 77ms
77ms XHR
text/plain 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=200707541839589&correlator=2796047162733485&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&json_a=1&eid=21062751&vrg=2019082901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190913&iu_parts=8264%2Cuk-zdnet%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=372x142%2C372x142&prev_scp=env%3Dprod%26session%3Da%26subses%3D6%26ptype%3Darticle%26vguid%3D6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64%7Cenv%3Dprod%26session%3Da%26subses%3D6%26ptype%3Darticle%26vguid%3D6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&cookie_enabled=1&cdm=www.zdnet.com&bc=31&lmt=1568342627&dt=1568342627432&dlt=1568342626538&idt=876&frm=23&biw=1585&bih=1200&isw=371&ish=771&oid=3&adxs=-12245933%2C-12245933&adys=-12245933%2C-12245933&adks=3261246841%2C3261246840&ucis=5p1cjmneosh3%7Cpu9v1mg12fpk&ifi=1&ifk=2706604680&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&top=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&dssz=21&icsg=43552&std=0&rumc=2082250231917342&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0%7C0x0&msz=0x0%7C0x0&blev=1&bisch=1&ga_vid=683431924.1568342626&ga_sid=1568342627&ga_hid=1095002267&fws=384%2C384&ohw=0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

4762eb86da06aa94957be34b5d2a4cd69d11a485cb0bcc938e6adc71a256cafe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 7135
x-xss-protection: 0
google-lineitem-id: 4746066197,4746066197
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138239468731,138239479696
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019082901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8EAE 66 KB
25 KB 15ms
15ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

05e529a757d25aa9d160d28e57c20041eee3f973870c0f0ad4ac7c21937254b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Aug 2019 13:06:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 25315
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:47 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 8EAE 0
0

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 57E7 49 KB
19 KB 7ms
6ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

9b404c617f947b58e4c257e9d622512567b05283f1ce4894b11273982c534f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2012
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 19002
x-xss-protection: 0
server: cafe
etag: 16639907700459338416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Sep 2019 03:10:15 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 7ms
6ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=305&fi=1&apd=308&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=75374362809&S1id=23605329&S2id=23619609&ord=1568342627159&r=970964775458&t=hdn&os=1&fi2=0&div1=0&ait=151&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatPS=top&zMoatPT=article&bedc=1&q=4&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Sep 2019 02:43:47 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7197 0
200 B 460ms
229ms Other
image/gif 2a00:1450:4018:802::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~k0hipg6t&chm=1&ctx=2&qqid=CPf76sjjzOQCFUaC3godlOAFZA&met.4=fb.3~lb.51~ol.eg~idt.-t~dt.-gg&met.3=197.51~123.4y_3~118.6h_1~118.8f~197.a2~118.aa~118.as~118.au~197.aw~118.b1~118.c1~118.ds~118.ee~117.eg~118.hc~118.hj~118.ks~118.mt~118.oz~118.p7~118.pi~113.q5_4~112.q4_5~118.sh&met.1=1.k0hipfgp~14.0~15.0~16.0~17.0~18.0~19.0~20.eg~21.eg&met.7=CCIQBBgBIAQoBDAXOBNoBHAXeEuwAQG4AQM~CCoQChgBIAQoBDAzOC4~CBsQCiAFODQ~CBsQCiD8ATgk~CBsQCiCeAjhg~CCgQChgBIPgEKPgEMIsFOBJo_ARwggV47pUBgAG6lAGIAdGEA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4018:802::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 20ms
15ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=569&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=138271735246&S1id=23605329&S2id=23619609&ord=1568342626905&r=458152022990&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatPS=bottom&zMoatPT=article&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 21ms
16ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=https%3A%2F%2Fbeacon-eu2.rubiconproject.com%2Fbeacon%2Fd%2Fd7b01582-c4f1-42c3-8237-8bcfee017d8a&i=CBSDFPCW2&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF6GfC6Jn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&id=1&cm=17&f=0&j=&t=1568342627242&de=487627959232&cu=1568342627242&m=17&ar=ab397f9-clean&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7055&le=1&lf=0&lg=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=0&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=7&cd=0&ah=7&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=25299489%3A251370729%3A253246569%3A138271463540&bo=23605329&bp=23619609&bd=bottom&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=bottom&zMoatSZPS=728x90%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=728&zMoatH=90&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatSN=a&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatDev=Desktop&zMoatSlotId=leader-plus-bottom&zMoatMMV_MAX=na&zMoatDfpSlotId=leader-plus-bottom-5d7af3cee0bcb&ab=3&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=leader-plus-bottom&iq=na&tt=na&tu=&tp=&tc=0&fs=170499&na=558248867&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 14ms
14ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=281&fi=1&apd=283&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=75375443409&S1id=23605329&S2id=23619609&ord=1568342627197&r=316120596677&t=hdn&os=1&fi2=0&div1=0&ait=139&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatPS=top&zMoatPT=article&bedc=1&q=4&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 7ms
6ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=281&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=138271463546&S1id=23605329&S2id=23619609&ord=1568342627219&r=24624269919&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatPS=middle&zMoatPT=article&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 7ms
6ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=261&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=138271463540&S1id=23605329&S2id=23619609&ord=1568342627242&r=487627959232&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatPS=bottom&zMoatPT=article&bedc=1&q=3&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Sep 2019 02:43:47 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8905 0
56 B 407ms
229ms Other
image/gif 2a00:1450:4018:802::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~k0hipgah&chm=1&ctx=2&qqid=CP776sjjzOQCFUaC3godlOAFZA&met.4=fb.3~lb.69~ol.gi~idt.-34~dt.-ir&met.3=197.69~123.67_1~118.6v~118.7z~118.8h~118.8h~118.bh~118.c2~118.f2~117.gh~118.il~118.j8~118.ki~118.mo~118.mw~118.n7~118.q7~113.rh_1~112.rg_1~118.rr&met.1=1.k0hipfj0~14.1~15.0~16.1~17.1~18.1~19.1~20.gi~21.gi&met.7=CCIQBBgBIAQoBDAjOB9oBHAjeDmwAQG4AQM~CCoQChgBIAQoBDA1ODA~CBsQCiAFOCQ~CBsQCiCrAjgZ~CCgQChgBILUFKLUFML4FOAlotQVwvQV4gZUBgAG6lAGIAdGEA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4018:802::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3075 0
56 B 407ms
229ms Other
image/gif 2a00:1450:4018:802::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~k0hipgaj&chm=1&ctx=2&qqid=CPv76sjjzOQCFUaC3godlOAFZA&met.4=fb.5~lb.5a~ol.i2~idt.-1k~dt.-h7&met.3=197.59~123.58_2~118.7p~118.8g~118.9e~118.a1~118.a4~118.d1~118.dn~118.gl~117.i2~118.k5~118.ks~118.m2~118.o9~118.oh~118.os~118.rr~113.t3_1~112.t3_1~118.tb&met.1=1.k0hipfhg~14.0~15.0~16.0~17.0~18.0~19.0~20.i1~21.i1&met.7=CCIQBBgBIAUoBTAYOBNoB3AYeDmwAQG4AQM~CCoQChgBIAYoBjAxOCs~CBsQCiAHOCg~CBsQCiCpAjhT~CCgQChgBIO0FKO0FMPUFOAho7gVw9QV4gZUBgAG6lAGIAdGEA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4018:802::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 704D 0
57 B 29ms
28ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKkLvfxkZl5SyeUTKhIvpm_i0yKIUZocatMGGUm91-9D9hc5ddNBaD6Rm1HQ7xWX7y7xk6U40T_1YQUy6Xwqm577mztS9y7I4euzJa2-LiLgqJfUzhk3FQsCImYGOwirpv41qcQjvE5Yf0GPfU2SoJjBK7LINFqzuNuE0qaQE0FIucyoNk_b7fLD41rUjl9s3YCQr7Gnq_ZCk4PMsLgSCnQCfbmXvEdjEJU7TCk97k1mPfKrDFqa1IPaeDhzCUyWSDT3Nt0t6c&sig=Cg0ArKJSzFn5V3ELZaB9EAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 02:43:47 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 704D 75 KB
28 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c1f4b48cf64b1d62f7ac56e47f4654cc28d949cdb83d9a0fa7be561c498b20d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568027754411643"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28564
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 704D 307 KB
103 KB 26ms
26ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 14:24:12 GMT
Server: AmazonS3
x-amz-request-id: E0666504BD3BC5C0
ETag: "25556c1ffa69be6c7e1c3ae5e4fe3fb0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=35678
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104539
x-amz-id-2: j3ST4nTUJtVQdALFxWJWN0r+yyWNfia0N3yoOrhXmvF4Gyo7xeTirTrgbpU0lvcAFtKUw3P1Azs=

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 50B4 0
57 B 19ms
18ms Fetch
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvN3AmlvnkB87OyN8Pe2NwH5Q3glGkC2DMiBXKMpeIGyQexmFRKFCgCOOn_Ms2hSM1CFyUxjRlt9MQHDrNIBfvS2VKdRd2NEsmRlBh9ohoQ8VpIyR8_t9BYUJLLTH6hIOhAh7Jfiz9iBgd6vg0c74rCHqtjPfKkylU91cTK4qFGygJU6qMFCgEbrfbCKw4Y-HNurMxlMKvyfL6JhEJ2Wnp-Envd6Axtc4n0GH69skGMuklh_kFJzXflDzErh83el5E5c8-rAoap&sig=Cg0ArKJSzBx0YKhZVAsUEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Sep 2019 02:43:47 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 50B4 75 KB
28 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c1f4b48cf64b1d62f7ac56e47f4654cc28d949cdb83d9a0fa7be561c498b20d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568027754411643"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28564
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 50B4 307 KB
103 KB 12ms
12ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Aug 2019 14:24:12 GMT
Server: AmazonS3
x-amz-request-id: E0666504BD3BC5C0
ETag: "25556c1ffa69be6c7e1c3ae5e4fe3fb0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=35678
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104539
x-amz-id-2: j3ST4nTUJtVQdALFxWJWN0r+yyWNfia0N3yoOrhXmvF4Gyo7xeTirTrgbpU0lvcAFtKUw3P1Azs=

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8EAE 76 KB
28 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

52b9e38359d28b25df0896fd56c1fe0e2dfa20e178baab3822213b49a5cdec97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568027754411643"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28408
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:47 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 8EAE 49 KB
19 KB 7ms
7ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

9b404c617f947b58e4c257e9d622512567b05283f1ce4894b11273982c534f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2012
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 19002
x-xss-protection: 0
server: cafe
etag: 16639907700459338416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Sep 2019 03:10:15 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 5FF1 49 KB
19 KB 8ms
7ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

9b404c617f947b58e4c257e9d622512567b05283f1ce4894b11273982c534f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2012
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 19002
x-xss-protection: 0
server: cafe
etag: 16639907700459338416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Sep 2019 03:10:15 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 57E7 0
56 B 266ms
230ms Other
image/gif 2a00:1450:4018:802::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~k0hipgda&chm=1&ctx=2&qqid=CP376sjjzOQCFUaC3godlOAFZA&met.4=fb.3~lb.9a~ol.n6~idt.-2x~dt.-ik&met.3=197.99~123.97_2~118.bl~118.bo~116.cd~118.f9_1~115.gk~118.is~118.kp~118.mw~115.n0~118.n4~117.n6~118.nf~118.qe~118.qg~115.rf~118.rz~113.ui_1~112.uh_1~115.vy&met.1=1.k0hipfit~14.0~15.0~16.0~17.0~18.0~19.0~20.n6~21.n6~22.a4~23.a4&met.7=CCIQBBgBIAMoAzAqOCdoBXAqeDmwAQG4AQM~CBsQCiAEOAo~CCoQChgBIAQoBDAwOCw~CBsQCiAEOAs~CBsQCiCGAThP~CBsQBiDAAjgs~CBsQCiCKAzgb~CCgQChgBILwHKLwHMMQHOAhovQdwwwd4gZUBgAG6lAGIAdGEA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4018:802::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 4F3D 49 KB
19 KB 7ms
6ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

9b404c617f947b58e4c257e9d622512567b05283f1ce4894b11273982c534f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2012
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 19002
x-xss-protection: 0
server: cafe
etag: 16639907700459338416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Sep 2019 03:10:15 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame CAEB 49 KB
19 KB 7ms
7ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

9b404c617f947b58e4c257e9d622512567b05283f1ce4894b11273982c534f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2012
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 19002
x-xss-protection: 0
server: cafe
etag: 16639907700459338416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Sep 2019 03:10:15 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 9807 49 KB
19 KB 7ms
6ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

9b404c617f947b58e4c257e9d622512567b05283f1ce4894b11273982c534f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2012
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 19002
x-xss-protection: 0
server: cafe
etag: 16639907700459338416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Sep 2019 03:10:15 GMT

GET
H2 200 userx.20190911-24-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 22 KB
8 KB 7ms
7ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20190911-24-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/cbsinteractive-zdnet/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3240c7e00ccd21fbdd141f58cb238c68bb59180a35dfb79df8bbe57e0d13b0fc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: FIROvmzvTvRsNpeDMFHG0FOuavH8QxIQ
content-encoding: gzip
etag: "0a4a3b57760282f54d71c05d1bf0b50c"
age: 24
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 7736
x-amz-id-2: XFlx3p8weZn+wiUlEE8ZynhUsKgBYb3vtS/VZ2l7y0XScoPeK1ALn9QstYbSXoG1vTQ9pj+omb0=
x-served-by: cache-hhn4045-HHN
last-modified: Wed, 11 Sep 2019 13:42:26 GMT
server: AmazonS3
x-timer: S1568342628.728220,VS0,VE0
date: Fri, 13 Sep 2019 02:43:47 GMT
vary: Accept-Encoding
x-amz-request-id: 07DC2D26E0B4B9D3
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 19
x-cache-hits: 13

GET
H2 204 social
trc.taboola.com/cbsinteractive-zdnet/log/3/ 0
84 B 15ms
15ms Image
image/gif 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/cbsinteractive-zdnet/log/3/social?route=AM:AM:V&lti=deflated&ri=ffe8360ce3801e4a7007549c567296e5&sd=v2_5228073f3f3b3b4f72ee854b9d989ec1_55f135a2-3a3e-4e63-a53f-bc0440342407-tuct47487e3_1568342627_1568342627_CNawjgYQzro_GMqohcTSLSABKAEwODib4wlAiIoQSNLDE1Ci7BBYAWAA&pi=/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&wi=2008152405748312034&pt=text&vi=1568342627402&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-share%22%2C%22nm%22%3A%22facebook%22%2C%22c%22%3A2%2C%22m%22%3A%22stp%22%7D%2C%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-link%22%2C%22nm%22%3A%22twitter%22%2C%22c%22%3A2%2C%22m%22%3A%22stp%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%22%22%2C%22img%22%3A%22%22%2C%22v%22%3A13%7D%5D%7D&tim=04%3A43%3A47.745&id=4114&llvl=1&cv=20190911-24-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:47 GMT
via: 1.1 varnish
server: nginx
x-timer: S1568342628.749697,VS0,VE8
x-served-by: cache-hhn4045-HHN
status: 204
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 social
trc.taboola.com/cbsinteractive-zdnet/log/3/ 0
54 B 16ms
15ms Image
image/gif 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/cbsinteractive-zdnet/log/3/social?route=AM:AM:V&lti=deflated&ri=ffe8360ce3801e4a7007549c567296e5&sd=v2_5228073f3f3b3b4f72ee854b9d989ec1_55f135a2-3a3e-4e63-a53f-bc0440342407-tuct47487e3_1568342627_1568342627_CNawjgYQzro_GMqohcTSLSABKAEwODib4wlAiIoQSNLDE1Ci7BBYAWAA&pi=/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&wi=2008152405748312034&pt=text&vi=1568342627402&st=social-visible&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-share%22%2C%22nm%22%3A%22facebook%22%2C%22c%22%3A1%2C%22ln%22%3A%22above-fold%22%2C%22lx%22%3A362%2C%22ly%22%3A518%2C%22m%22%3A%22stp%22%2C%22v%22%3A3%7D%2C%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-link%22%2C%22nm%22%3A%22twitter%22%2C%22c%22%3A1%2C%22ln%22%3A%22above-fold%22%2C%22lx%22%3A670%2C%22ly%22%3A518%2C%22m%22%3A%22stp%22%2C%22v%22%3A3%7D%5D%7D&tim=04%3A43%3A47.745&id=7486&llvl=1&cv=20190911-24-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:47 GMT
via: 1.1 varnish
server: nginx
x-timer: S1568342628.749681,VS0,VE8
x-served-by: cache-hhn4045-HHN
status: 204
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 available Show response
trc.taboola.com/cbsinteractive-zdnet/log/3/ 0
210 B 15ms
15ms XHR
image/gif 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/cbsinteractive-zdnet/log/3/available?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20190911-24-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:47 GMT
via: 1.1 varnish
server: nginx
x-timer: S1568342628.759098,VS0,VE9
x-served-by: cache-hhn4045-HHN
status: 204
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 f28949636d88e64cd3d8349b6b45be1c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 19ms
16ms Image
image/jpeg 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f28949636d88e64cd3d8349b6b45be1c.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 1dbc90839e483d8473fe18c16e84f8e914ba4aabb9593731dc8627bdf71c3206

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 1646338
edge-cache-tag: 410368660602727655533865371510165981642,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Mon, 02 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f28949636d88e64cd3d8349b6b45be1c.jpg
content-length: 5518
x-served-by: cache-hhn4028-HHN, cache-hhn4045-HHN
last-modified: Fri, 02 Aug 2019 15:25:07 GMT
server: cloudinary
x-timer: S1568342628.773135,VS0,VE0
etag: "166588960ba15f08ec7a34725bd2a8a2"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 a037148b1ca3de50f4e272c9c54ba82d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
8 KB 18ms
16ms Image
image/jpeg 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a037148b1ca3de50f4e272c9c54ba82d.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 064e4b070732b6d0c8663256d4711972ce0d8132a2ec086b241f0749a9842230

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 292908
edge-cache-tag: 589805030052040552179876506708034560790,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Mon, 23 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a037148b1ca3de50f4e272c9c54ba82d.png
content-length: 7143
x-served-by: cache-hhn4031-HHN, cache-hhn4045-HHN
last-modified: Fri, 23 Aug 2019 23:28:46 GMT
server: cloudinary
x-timer: S1568342628.773146,VS0,VE0
etag: "8fe316bde170c7a3c14c097d29b93030"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 KW20_ingameisland_ingame_ff316672a2fbf3f8ab5360409fe4a726.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/093574ca-85f4-49e7-80e2-8679fc1fe545/ 21 KB
21 KB 19ms
17ms Image
image/jpeg 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/093574ca-85f4-49e7-80e2-8679fc1fe545/KW20_ingameisland_ingame_ff316672a2fbf3f8ab5360409fe4a726.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: df73cffb2298c7b173d895534644b4d2d4e655aaf5d68091d7883074f88b091b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 198363
edge-cache-tag: 390165005269077496871220680582854045168,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Fri, 11 Oct 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/093574ca-85f4-49e7-80e2-8679fc1fe545/KW20_ingameisland_ingame_ff316672a2fbf3f8ab5360409fe4a726.jpg
content-length: 21008
x-served-by: cache-hhn4044-HHN, cache-hhn4045-HHN
last-modified: Tue, 10 Sep 2019 05:31:24 GMT
server: cloudinary
x-timer: S1568342628.773111,VS0,VE1
etag: "1149eb40d09bd7c4338ca3c510784d63"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 858e1dc3-01fe-4850-9d05-ceabab3b0610.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/static/85/ 13 KB
14 KB 9ms
7ms Image
image/jpeg 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/static/85/858e1dc3-01fe-4850-9d05-ceabab3b0610.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 64637990e162d4fd57542e2fb62be42c07b1816ea57f855479f792d8b455b1f5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 267089
edge-cache-tag: 578728267465730981153963094995512969042,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Fri, 11 Oct 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/static/85/858e1dc3-01fe-4850-9d05-ceabab3b0610.jpg
content-length: 13676
x-served-by: cache-hhn4031-HHN, cache-hhn4045-HHN
last-modified: Tue, 10 Sep 2019 00:15:49 GMT
server: cloudinary
x-timer: S1568342628.773124,VS0,VE0
etag: "09360bc5e0ea394ca2e9994afc2f3d36"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2

GET
H2 200 be4ccdda40f028e2402b32ae62a0a959.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 40 KB
40 KB 17ms
15ms Image
image/jpeg 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/be4ccdda40f028e2402b32ae62a0a959.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ac5201cdd2f2cf19b3fe2e977b44687abf6be59d6352033d83945ebd357ebf97

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 311181
edge-cache-tag: 610474502868924271004251454401295826883,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Thu, 10 Oct 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/be4ccdda40f028e2402b32ae62a0a959.png
content-length: 40944
x-served-by: cache-hhn4030-HHN, cache-hhn4045-HHN
last-modified: Mon, 09 Sep 2019 11:43:23 GMT
server: cloudinary
x-timer: S1568342628.773013,VS0,VE0
etag: "c11c1fb1e87398afce7d896b8a2afc29"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 83d51f9bf11ff7105034bef6a217f46a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
14 KB 9ms
8ms Image
image/jpeg 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/83d51f9bf11ff7105034bef6a217f46a.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4b4e495cb409a6985aa01c06edbfbe3ac3dc394d4968b261bdc89805c5dadaf4

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 721772
edge-cache-tag: 309852660451557698796032554456418452913,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Wed, 11 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/83d51f9bf11ff7105034bef6a217f46a.jpg
content-length: 13457
x-served-by: cache-hhn4078-HHN, cache-hhn4045-HHN
last-modified: Sun, 11 Aug 2019 04:20:32 GMT
server: cloudinary
x-timer: S1568342628.773208,VS0,VE0
etag: "8994af56d1e99a2ee0475035bdfee712"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2

GET
H2 200 c6a117150013a99593a2629d7d13e7a3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 12ms
11ms Image
image/jpeg 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6a117150013a99593a2629d7d13e7a3.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 992eabf96f21d124f7a7bd985cd5144f9b19c445c4382148648d3b9b86f547fc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 1291915
edge-cache-tag: 421311435880060168849783478934269076725,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Fri, 13 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6a117150013a99593a2629d7d13e7a3.jpg
content-length: 11566
x-served-by: cache-hhn4063-HHN, cache-hhn4045-HHN
last-modified: Tue, 13 Aug 2019 10:09:03 GMT
server: cloudinary
x-timer: S1568342628.784017,VS0,VE0
etag: "65aa5c9020581fc776baa985e756c88d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 bb74d0f5cc2999b83d1863c65594169c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 11ms
10ms Image
image/jpeg 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bb74d0f5cc2999b83d1863c65594169c.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: fb9bbf5342908355d0bdbca3363b05677a3f86a1f093a997cae7003fcbedba1c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 2389634
edge-cache-tag: 402793698440801642861059936823203584908,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bb74d0f5cc2999b83d1863c65594169c.jpg
content-length: 11482
x-request-id: b3e9c24772ba0951
x-served-by: cache-hhn4037-HHN, cache-hhn4045-HHN
last-modified: Thu, 15 Aug 2019 19:14:03 GMT
server: cloudinary
x-timer: S1568342628.784022,VS0,VE0
etag: "c5cffa836ffd4464c064a1265fe25f61"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

POST
H2 204 csi
csi.gstatic.com/ Frame 5FF1 0
56 B 229ms
228ms Other
image/gif 2a00:1450:4018:802::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~k0hipghl&chm=1&ctx=2&qqid=CPn76sjjzOQCFUaC3godlOAFZA&met.4=fb.4~lb.ht~ol.wb~idt.-10~dt.-gn&met.3=298.u2~155.ty_6~154.wc~132.y0~132.y0~208.y4_1~143.y4_2~132.yc~132.yf~153.10l~113.10p_1~112.10p_2&met.1=1.k0hipfgw~14.0~15.0~16.0~17.0~18.0~19.0~20.wb~21.wc~22.jv~23.jv&met.7=CCIQBBgBIAQoBDAYOBRoB3AYeDmwAQG4AQM~CBsQCiAEOB4~CCoQChgBIAUoBTAyOC4~CBsQCiAFOCs~CBsQCiCVAThJ~CAIQChgBIP4CKP4CMJMDOBRo_wJwkAN4l8sBgAH1yQGIAaibBLABAbgBAw~CBsQBiD-Ajgl~CC8QBxgBII0EKI0EMJ4EOBJojwRwnQR4qwGAAWiIAW2wAQG4AQM~CC8QBxgBII0EKI0EMJ8EOBJojwRwngR4qwGAAWiIAW2wAQG4AQM~CAMQBxgBII4EKI4EMLQEOCZokARwqwR45pEFgAGykAWIAcHzDbABAbgBAw~CAwQBRgBIKoEKKoEMLQEOAlorQRwswR49DmAAek4iAHHhQGwAQG4AQM~CBsQBSCrBDgf~CCoQChgBIM0GKM0GMPgGOCs~CCgQChgBIMoJKMoJMNIJOAhoywlw0Ql4gZUBgAG6lAGIAdGEA7ABAbgBAw~CAUQBRgBIKUCKKUCMIkDOGNopwJwiAN45QGAAS6IAdsEoAGkBLABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4018:802::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4F3D 0
56 B 228ms
228ms Other
image/gif 2a00:1450:4018:802::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~k0hipgho&chm=1&ctx=2&qqid=CPr76sjjzOQCFUaC3godlOAFZA&met.4=fb.5~lb.ht~ol.xh~idt.-19~dt.-gw&met.3=298.vc~155.v4_b~154.xh~132.xx~132.xx~132.y3~132.ya~208.yg_1~143.yf_2~113.10j_1~112.10i_2~153.11d&met.1=1.k0hipfh5~14.1~15.1~16.1~17.1~18.1~19.1~20.xh~21.xi~22.jm~23.jm&met.7=CCIQBBgBIAUoBTAbOBVoCHAaeDmwAQG4AQM~CBsQCiAGOBs~CCoQChgBIAYoBjAyOCw~CBsQCiAHOC4~CBsQCiCbAThZ~CAIQChgBIPgCKPgCMJgDOCBo-QJwlAN4xMoBgAH1yQGIAaibBLABAbgBAw~CBsQBiD4Ajgf~CC8QBxgBIKcEKKcEMLYEOA9opwRwtQR4qwGAAWiIAW2wAQG4AQM~CC8QBxgBIKcEKKcEMLYEOA9opwRwtgR4qwGAAWiIAW2wAQG4AQM~CAMQBxgBIKcEKKcEMNYEOC5oqARwwAR415EFgAGykAWIAcHzDbABAbgBAw~CBsQBSC1BDgh~CCoQChgBINsGKNsGMIUHOCo~CCgQChgBIMYJKMYJMM0JOAdoxglwzQl4gZUBgAG6lAGIAdGEA7ABAbgBAw~CAUQBRgBIKgCKKgCMJkDOHBoqgJwmAN4xQGAAS6IAdsEoAGvBLABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4018:802::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame CAEB 0
56 B 228ms
228ms Other
image/gif 2a00:1450:4018:802::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~k0hipghs&chm=1&ctx=2&qqid=CPz76sjjzOQCFUaC3godlOAFZA&met.4=fb.3~lb.gj~ol.w3~idt.-2p~dt.-ic&met.3=298.u9~155.u2_9~154.w4~132.wi~132.wj~132.wo~132.ww~208.y3_2~143.y3_2~113.z7_2~112.z6_2~153.zx&met.1=1.k0hipfil~14.1~15.1~16.1~17.1~18.1~19.1~20.w3~21.w4~22.i6~23.i6&met.7=CCIQBBgBIAMoAzAZOBZoB3AZeDmwAQG4AQM~CBsQCiAEOAs~CCoQChgBIAQoBDA1ODE~CBsQCiAEOAw~CBsQCiCLAThh~CAIQChgBIMgCKMgCMOUCOBxoyQJw4gJ4xMoBgAH1yQGIAaibBLABAbgBAw~CBsQBiDIAjgr~CC8QBxgBIIUEKIUEMJ4EOBlohQRwnQR4qwGAAWiIAW2wAQG4AQM~CC8QBxgBIIUEKIUEMKAEOBpohgRwnwR4qwGAAWiIAW2wAQG4AQM~CAMQBxgBIIYEKIYEMKoEOCRohgRwoQR4yZEFgAGykAWIAcHzDbABAbgBAw~CBsQBSCRBDgY~CCoQChgBIL4GKL4GMOgGOCs~CCgQChgBIJMJKJMJMJwJOAlolAlwmwl4gZUBgAG6lAGIAdGEA7ABAbgBAw~CAUQBRgBIK4CKK4CMJIDOGNosAJwkQN4xQGAAS6IAdsEoAGNBLABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4018:802::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9807 0
56 B 228ms
228ms Other
image/gif 2a00:1450:4018:802::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~k0hipghv&chm=1&ctx=2&qqid=CP_76sjjzOQCFUaC3godlOAFZA&met.4=fb.3~lb.g9~ol.vk~idt.-3a~dt.-ix&met.3=298.tz~155.tt_8~154.vk~132.vz~132.vz~132.w4~132.wd~208.y7_2~143.y6_3~113.yp_2~112.yo_2~153.zc&met.1=1.k0hipfj6~14.1~15.1~16.1~17.1~18.1~19.1~20.vk~21.vk~22.jp~23.jp&met.7=CCIQBBgBIAQoBDAdOBloBnAdeDmwAQG4AQM~CBsQCiAEOB4~CCoQChgBIAQoBDAxOC0~CBsQCiAEOCE~CBsQCiB7OEQ~CAIQChgBILICKLICMM8COB1osgJwywJ4xMoBgAH1yQGIAaibBLABAbgBAw~CBsQBiCyAjgs~CC8QBxgBIIcEKIcEMKAEOBhokARwngR4qwGAAWiIAW2wAQG4AQM~CC8QBxgBIIgEKIgEMKEEOBlokARwoAR4qwGAAWiIAW2wAQG4AQM~CAMQBxgBIIgEKIgEMLEEOClojQRwpgR4yZEFgAGykAWIAcHzDbABAbgBAw~CBsQBSCWBDgP~CCoQChgBIM0GKM0GMPcGOCo~CCgQChgBIIAJKIAJMIgJOAhogQlwhwl4gZUBgAG6lAGIAdGEA7ABAbgBAw~CAUQBRgBILwCKLwCMJ8DOGRovgJwnwN4xQGAAS6IAdsEoAGPBLABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4018:802::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/static/85/858e1dc3-01fe-4850-9d05-ceabab3b0610.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 64637990e162d4fd57542e2fb62be42c07b1816ea57f855479f792d8b455b1f5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 267089
edge-cache-tag: 578728267465730981153963094995512969042,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Fri, 11 Oct 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/static/85/858e1dc3-01fe-4850-9d05-ceabab3b0610.jpg
content-length: 13676
x-served-by: cache-hhn4031-HHN, cache-hhn4045-HHN
last-modified: Tue, 10 Sep 2019 00:15:49 GMT
server: cloudinary
x-timer: S1568342628.836535,VS0,VE0
etag: "09360bc5e0ea394ca2e9994afc2f3d36"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/83d51f9bf11ff7105034bef6a217f46a.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4b4e495cb409a6985aa01c06edbfbe3ac3dc394d4968b261bdc89805c5dadaf4

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 721772
edge-cache-tag: 309852660451557698796032554456418452913,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Wed, 11 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/83d51f9bf11ff7105034bef6a217f46a.jpg
content-length: 13457
x-served-by: cache-hhn4078-HHN, cache-hhn4045-HHN
last-modified: Sun, 11 Aug 2019 04:20:32 GMT
server: cloudinary
x-timer: S1568342628.836624,VS0,VE0
etag: "8994af56d1e99a2ee0475035bdfee712"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f28949636d88e64cd3d8349b6b45be1c.jpg
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 1dbc90839e483d8473fe18c16e84f8e914ba4aabb9593731dc8627bdf71c3206

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 1646338
edge-cache-tag: 410368660602727655533865371510165981642,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Mon, 02 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f28949636d88e64cd3d8349b6b45be1c.jpg
content-length: 5518
x-served-by: cache-hhn4028-HHN, cache-hhn4045-HHN
last-modified: Fri, 02 Aug 2019 15:25:07 GMT
server: cloudinary
x-timer: S1568342628.840977,VS0,VE0
etag: "166588960ba15f08ec7a34725bd2a8a2"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a037148b1ca3de50f4e272c9c54ba82d.png
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 064e4b070732b6d0c8663256d4711972ce0d8132a2ec086b241f0749a9842230

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 292908
edge-cache-tag: 589805030052040552179876506708034560790,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Mon, 23 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a037148b1ca3de50f4e272c9c54ba82d.png
content-length: 7143
x-served-by: cache-hhn4031-HHN, cache-hhn4045-HHN
last-modified: Fri, 23 Aug 2019 23:28:46 GMT
server: cloudinary
x-timer: S1568342628.841090,VS0,VE0
etag: "8fe316bde170c7a3c14c097d29b93030"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/093574ca-85f4-49e7-80e2-8679fc1fe545/KW20_ingameisland_ingame_ff316672a2fbf3f8ab5360409fe4a726.jpg
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: df73cffb2298c7b173d895534644b4d2d4e655aaf5d68091d7883074f88b091b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 198363
edge-cache-tag: 390165005269077496871220680582854045168,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Fri, 11 Oct 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/093574ca-85f4-49e7-80e2-8679fc1fe545/KW20_ingameisland_ingame_ff316672a2fbf3f8ab5360409fe4a726.jpg
content-length: 21008
x-served-by: cache-hhn4044-HHN, cache-hhn4045-HHN
last-modified: Tue, 10 Sep 2019 05:31:24 GMT
server: cloudinary
x-timer: S1568342628.841083,VS0,VE0
etag: "1149eb40d09bd7c4338ca3c510784d63"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/be4ccdda40f028e2402b32ae62a0a959.png
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ac5201cdd2f2cf19b3fe2e977b44687abf6be59d6352033d83945ebd357ebf97

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 311181
edge-cache-tag: 610474502868924271004251454401295826883,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Thu, 10 Oct 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/be4ccdda40f028e2402b32ae62a0a959.png
content-length: 40944
x-served-by: cache-hhn4030-HHN, cache-hhn4045-HHN
last-modified: Mon, 09 Sep 2019 11:43:23 GMT
server: cloudinary
x-timer: S1568342628.841076,VS0,VE0
etag: "c11c1fb1e87398afce7d896b8a2afc29"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6a117150013a99593a2629d7d13e7a3.jpg
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 992eabf96f21d124f7a7bd985cd5144f9b19c445c4382148648d3b9b86f547fc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 1291915
edge-cache-tag: 421311435880060168849783478934269076725,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Fri, 13 Sep 2019 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c6a117150013a99593a2629d7d13e7a3.jpg
content-length: 11566
x-served-by: cache-hhn4063-HHN, cache-hhn4045-HHN
last-modified: Tue, 13 Aug 2019 10:09:03 GMT
server: cloudinary
x-timer: S1568342628.844963,VS0,VE0
etag: "65aa5c9020581fc776baa985e756c88d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bb74d0f5cc2999b83d1863c65594169c.jpg
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cloudinary /
Resource Hash: fb9bbf5342908355d0bdbca3363b05677a3f86a1f093a997cae7003fcbedba1c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 2389634
edge-cache-tag: 402793698440801642861059936823203584908,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bb74d0f5cc2999b83d1863c65594169c.jpg
content-length: 11482
x-request-id: b3e9c24772ba0951
x-served-by: cache-hhn4037-HHN, cache-hhn4045-HHN
last-modified: Thu, 15 Aug 2019 19:14:03 GMT
server: cloudinary
x-timer: S1568342628.844955,VS0,VE0
etag: "c5cffa836ffd4464c064a1265fe25f61"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
739 B 7ms
7ms Image
image/png 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20190911-24-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 11745
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
x-served-by: cache-hhn4045-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1568342628.861460,VS0,VE0
date: Fri, 13 Sep 2019 02:43:47 GMT
x-amz-request-id: 29D722C296265892
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 19
x-cache-hits: 3844

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 8EAE 49 KB
19 KB 9ms
8ms Script
text/javascript 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

9b404c617f947b58e4c257e9d622512567b05283f1ce4894b11273982c534f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2012
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 19002
x-xss-protection: 0
server: cafe
etag: 16639907700459338416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Sep 2019 03:10:15 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8EAE 0
58 B 15ms
15ms Image
image/gif 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=www.zdnet.com&pg_h=0&pg_w=371&c=0&aa_c=0&dt=d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8EAE 0
58 B 14ms
13ms Image
image/gif 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=www.zdnet.com&pg_h=0&pg_w=371&c=0&aa_c=0&dt=d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8EAE 0
56 B 229ms
228ms Other
image/gif 2a00:1450:4018:802::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~k0hipgl9&c=2082250231917342&e=21062751%2C21064451&ctx=1&met.1=1.k0hipfje~14.0~15.0~16.0~17.0~18.0~19.0~20.10c~21.10d&met.3=113.11v_1~112.11t_3&qqid.1=CMGlyMnjzOQCFYM44Aod9zYLWQ&qqid.2=CMKlyMnjzOQCFYM44Aod9zYLWQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4018:802::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 61 B
740 B 33ms
32ms XHR
text/javascript 52.49.176.73
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.176.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-49-176-73.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: ff066c5f4a5b02fe75e2096dff69f95ae03c86e85e47a746543656cc0fd0ee3e

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:47 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 61
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 7ms
7ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=931&tet=1130&fi=1&apd=1133&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=75374362809&S1id=23605329&S2id=23619609&ord=1568342627159&r=970964775458&t=iv&os=1&fi2=0&div1=1&ait=976&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatPS=top&zMoatPT=article&bedc=1&q=5&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:48 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Sep 2019 02:43:48 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 7ms
6ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=903&tet=1104&fi=1&apd=1106&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=25299489&L2id=251370729&L3id=253246569&L4id=75375443409&S1id=23605329&S2id=23619609&ord=1568342627197&r=316120596677&t=iv&os=1&fi2=0&div1=1&ait=962&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatPS=top&zMoatPT=article&bedc=1&q=5&nu=1&ib=0&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:48 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Sep 2019 02:43:48 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5FF1 42 B
115 B 14ms
14ms Image
image/gif 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-uKdpqZ0W-Ki9OkouVshMUs9m4UhKDlNCSe95NsfX6bHEDRYm1MU1p4Z4QZKT1SXAa0o3NFyrbbJq0VDmdwz_aKsVQ9zaTFzb5gENl4k&sig=Cg0ArKJSzEB3kUNGRFioEAE&adk=4244305695&tt=1768&bs=1585%2C1200&mtos=1065,1065,1065,1065,1065&tos=1065,0,0,0,0&p=393,428.5,483,1156.5&mcvt=1065&rs=3&ht=0&tfs=717&tls=1782&mc=1&lte=1&bas=0&bac=0&met=0&avms=nio&niot_obs=12&niot_cbk=128&md=2&rst=1568342626453&rpt=701&isd=0&msd=0&lm=2&oseid=3&xdi=0&ps=1585%2C7612&ss=1600%2C1200&pt=16&bin=1&deb=1-9-9-19-14-17-166-12-0-0-0&tvt=1776&r=v&id=osdim&vs=4&uc=10&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20190909

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4F3D 42 B
110 B 14ms
14ms Image
image/gif 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssp45TY1VIepQvhnm8IQweUD9lAPZ4P7I9uzmUIpPHg8LmoEpyS523_6neN6COoEbdtfWd-VxZizQ9QwgZrDE7tCXD17RdpXdhH4GtTz50&sig=Cg0ArKJSzPlzd-fNnP7yEAE&adk=1417548548&tt=1768&bs=1585%2C1200&mtos=1065,1065,1065,1065,1065&tos=1065,0,0,0,0&p=513,1042.5,763,1342.5&mcvt=1065&rs=3&ht=0&tfs=717&tls=1782&mc=1&lte=1&bas=0&bac=0&met=0&avms=nio&niot_obs=12&niot_cbk=128&md=2&rst=1568342626463&rpt=693&isd=0&msd=0&lm=2&oseid=3&xdi=0&ps=1585%2C7612&ss=1600%2C1200&pt=16&bin=1&deb=1-9-9-19-14-17-166-12-0-0-0&tvt=1776&r=v&id=osdim&vs=4&uc=10&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20190909

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8EAE 0
56 B 229ms
228ms Other
image/gif 2a00:1450:4018:802::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~k0hipggl&c=2082250231917342&e=21062751%2C21064451&ctx=1&met.4=fb.3~lb.8l~ol.10c~idt.-3i~dt.-j5&met.3=197.8k~123.8j_1~118.b0~118.bp~118.ep~118.i9~118.k5~118.mb~118.mj~118.mu~118.pu~118.re~118.vx~112.x7~118.zi~298.zr~298.zr~155.zk_9~118.zw~132.zw~130.10c~117.10c~154.10d~118.10x~132.10y~132.10y~118.110~132.111~132.111~118.112~132.112~113.113_2~132.115~118.11d~132.11d~132.11e~118.11f~132.11f&met.9=1.f5~2.oc~3_1.p3~7_1.1~7_2.1~4_1.u1~5_1.u4~5_2.ua~6_1.yz~6_2.10c&met.1=1.k0hipfje~14.0~15.0~16.0~17.0~18.0~19.0~20.10c~21.10d
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4018:802::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 02:43:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings.js Show response
www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/variation/var-857eda2d-b646-44d8-84dc-dccd0deb6caa/ 7 KB
5 KB 20ms
20ms Script
application/javascript 2606:4700::6810:51a5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/variation/var-857eda2d-b646-44d8-84dc-dccd0deb6caa/settings.js?cb=637039077227986622
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=637039077235229344
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45b020d0f0358a3193ab89db53cbc63d40592c05131448c243ee2ae9e685dfc6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 13 Sep 2019 02:43:49 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: oppv4GoHrId7aFdeSRfMFQ==
age: 31322
cf-polished: origSize=6938
status: 200
last-modified: Thu, 12 Sep 2019 17:55:15 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: fea30373-d01e-00c1-0f94-69de78000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 5156c69afaeecbac-VIE
expires: Sat, 12 Sep 2020 02:43:49 GMT

GET
H2 200 lightbox_builder.js Show response
www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/ Frame A279 200 KB
27 KB 18ms
18ms Script
application/javascript 2606:4700::6810:51a5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/lightbox_builder.js?cb=637039077227986622
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=637039077235229344
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35f3de772fc88b09b9f866de6d38f50d8716aecc446bb10456585f61834ae2c8

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 13 Sep 2019 02:43:49 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: DPY02gsPpNVzBSyytYwMZw==
age: 31574
cf-polished: origSize=326600
status: 200
last-modified: Thu, 12 Sep 2019 17:55:22 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 34abaf0f-d01e-000d-2793-69bacd000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 5156c69b0af4cbac-VIE
expires: Sat, 12 Sep 2020 02:43:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A279 783 B
442 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway

Requested by

Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/lightbox_builder.js?cb=637039077227986622

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

3147026ff99804131affcb3cadbdfd49c0a07583682aefcc1198f57e2614d5b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 13 Sep 2019 02:43:49 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Fri, 13 Sep 2019 02:43:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Fri, 13 Sep 2019 02:43:49 GMT

GET
H2 200 fancybox_sprite.png
cdn.jsdelivr.net/fancybox/2.1.5/ 1 KB
2 KB 46ms
17ms Image
image/png 2606:4700::6810:5514
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/fancybox/2.1.5/fancybox_sprite.png

Requested by

Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=637039077235229344

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:49 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7475255
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1362
x-served-by: cache-ams21050-AMS, cache-hhn1542-HHN
timing-allow-origin: *
server: cloudflare
etag: W/"552-F98Z+XYo53vgnDUr8nQl+uokglE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 5156c69bdcaacba4-VIE

GET
H2 200 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v14/ Frame A279 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/a1583f50-579b-41d0-8c4e-1cd1790d945c/user.js?cb=637039077235229344

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Raleway
Origin: https://www.zdnet.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 18:08:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:04 GMT
server: sffe
age: 808514
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 13428
x-xss-protection: 0
expires: Wed, 02 Sep 2020 18:08:35 GMT

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ Frame 7197 793 B
1 KB 30ms
29ms Script
application/javascript 34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=50070&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&pv=1568342626843_4pvh2g3ic&bl=en-us&cb=252132&return=&ht=&d=&dc=&si=1568342626843_4pvh2g3ic&cid=&s=1600x1200&rp=
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1382019
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: df5a97011191eea2a576b73750353fbe1ef586171fa7b256c3ce7234d0d691d3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:49 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 486
Expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ Frame 7197 20 B
698 B 173ms
172ms Script
application/javascript 34.233.109.111
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=1382019
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1382019
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.109.111 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-233-109-111.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:49 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 138
Expires: Sat, 14 Sep 2019 02:43:49 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/ Frame 7197
Redirect Chain

https://tags.bluekai.com/site/20486?limit=0&id=5978151496927227932&redir=https://ml314.com/csync.ashx%3Ffp=$_BK_UUID%26person_id=5978151496927227932%26eid=50056
https://ml314.com/csync.ashx?fp=shH4%2Fy9999OMD7%2B5&person_id=5978151496927227932&eid=50056

43 B
312 B

29ms
29ms

Image
image/gif

34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=shH4%2Fy9999OMD7%2B5&person_id=5978151496927227932&eid=50056
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:49 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Fri, 13 Sep 2019 22:43:50 GMT

Redirect headers

Location: https://ml314.com/csync.ashx?fp=shH4%2Fy9999OMD7%2B5&person_id=5978151496927227932&eid=50056
Date: Fri, 13 Sep 2019 02:43:50 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 3d45
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

csync.ashx
ml314.com/ Frame 7197
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=5978151496927227932
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTNTk3ODE1MTQ5NjkyNzIyNzkzMhAAGg0I5YTs6wUSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=&person_id=5978151496927227932&eid=50082

43 B
312 B

29ms
28ms

Image
image/gif

34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=&person_id=5978151496927227932&eid=50082
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:49 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Fri, 13 Sep 2019 22:43:50 GMT

Redirect headers

date: Fri, 13 Sep 2019 02:43:50 GMT
via: 1.1 google
status: 307
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=&person_id=5978151496927227932&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

csync.ashx
ml314.com/ Frame 7197
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151496927227932%26eid=50220
https://pixel.mathtag.com/sync/img?redir=https://ml314.com/csync.ashx%3Ffp=[MM_UUID]%26person_id=5978151496927227932%26eid=50220&mm_bnc&mm_bct&UUID=58ac5d7a-f9c1-4d00-9671-5a916a29a550
https://ml314.com/csync.ashx?fp=58ac5d7a-f9c1-4d00-9671-5a916a29a550&person_id=5978151496927227932&eid=50220

43 B
312 B

29ms
29ms

Image
image/gif

34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=58ac5d7a-f9c1-4d00-9671-5a916a29a550&person_id=5978151496927227932&eid=50220
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:49 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Fri, 13 Sep 2019 22:43:49 GMT

Redirect headers

Date: Fri, 13 Sep 2019 02:43:49 GMT
Server: MT3 1710 796a9e3 master cdg-pixel-x12
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://ml314.com/csync.ashx?fp=58ac5d7a-f9c1-4d00-9671-5a916a29a550&person_id=5978151496927227932&eid=50220
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Fri, 13 Sep 2019 02:43:48 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/ Frame 7197
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151496927227932
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D5978151496927227932
https://ml314.com/csync.ashx?fp=58b9d6588b3c171ce28e3ba62fd75c42&eid=50146&person_id=5978151496927227932

43 B
312 B

29ms
28ms

Image
image/gif

34.247.144.106
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=58b9d6588b3c171ce28e3ba62fd75c42&eid=50146&person_id=5978151496927227932
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.144.106 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-247-144-106.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:49 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Fri, 13 Sep 2019 22:43:49 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:49 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location: https://ml314.com/csync.ashx?fp=58b9d6588b3c171ce28e3ba62fd75c42&eid=50146&person_id=5978151496927227932
Cache-Control: no-cache
X-Server: 10.45.0.167
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 7197
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
https://ml314.com/utsync.ashx?eid=50052&et=0&fp=24o83Qynrw-4q4BdY0t_YBkpFbHRpAm7O6wAFNZD08dw&gdpr=1&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil
https://ml314.com/csync.ashx?fp=24o83Qynrw-4q4BdY0t_YBkpFbHRpAm7O6wAFNZD08dw&person_id=5978151496927227932&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil

70 B
171 B

9ms
8ms

Image
image/gif

54.93.117.16
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.93.117.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-93-117-16.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 02:43:49 GMT
Content-Length: 70
Content-Type: image/gif

Redirect headers

Date: Fri, 13 Sep 2019 02:43:49 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://ps.eyeota.net/match?bid=r8hrb20&uid=nil
Cache-Control: private
Connection: keep-alive
Content-Length: 168
Expires: Fri, 13 Sep 2019 22:43:49 GMT

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
224 B 16ms
16ms Image
image/gif 2606:4700::6810:51a5
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1568342630217&h=www.zdnet.com&e=i&u=40913&b=193700&v=2545&s=2837
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 13 Sep 2019 02:43:50 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 589357
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
status: 200
content-length: 35
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 48b7eafb-401e-010c-457d-f6fd65000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5156c69eefaecbac-VIE
cf-bgj: imgq:85

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 7ms
7ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=10&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&qs=1&ak=-&i=CBSDFPCW2&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBnjB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BYBny6BsNBmB0ziw7pCr6yC6rO24xXmYyBdfEC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnaBW35CeFaBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyRBBBCpjOBBBBBBBBBTLF6GfC6Jn7O0EYkCBB0IofRfBBPCxB7UBbjtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=c%3FgD3W%3CA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years%2F&id=1&cm=17&f=0&j=&t=1568342627242&de=487627959232&cu=1568342627242&m=5351&ar=ab397f9-clean&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7612&le=1&lf=0&lg=1&lh=129&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5142&cd=7&ah=5142&am=7&rf=0&re=1&wb=1&cl=0&at=0&d=25299489%3A251370729%3A253246569%3A138271463540&bo=23605329&bp=23619609&bd=bottom&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=bottom&zMoatSZPS=728x90%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=728&zMoatH=90&zMoatVGUID=6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64&zMoatSN=a&zMoatCURL=zdnet.com%2Farticle%2Fnew-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years&zMoatDev=Desktop&zMoatSlotId=leader-plus-bottom&zMoatMMV_MAX=na&zMoatDfpSlotId=leader-plus-bottom-5d7af3cee0bcb&hv=Domsearch%20Early&ab=3&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=leader-plus-bottom&iq=na&tt=na&tu=&tp=&tc=0&fs=170499&na=1824418218&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Sep 2019 02:43:52 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 13 Sep 2019 02:43:52 GMT

GET
H2 200 / Show response
www.zdnet.com/homepage/xhr/ 258 KB
28 KB 154ms
154ms XHR
application/json 2.18.233.143
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/homepage/xhr/

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/1802-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.143 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a2-18-233-143.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

8b2765d2ae670e95d7e680ac7c36c2b6af3c4663e35fc1173d02de6719203efb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding, User-Agent
content-length: 27179
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 Sep 2019 01:22:27 GMT
server: nginx
x-frame-options: SAMEORIGIN
date: Fri, 13 Sep 2019 02:43:55 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-tx-id: ba68b11e-e662-465b-8c17-3ecffc652e7c
content-type: application/json
access-control-allow-origin: https://www.zdnet.com
cache-control: max-age=5400, private
accept-ranges: bytes
expires: Fri, 13 Sep 2019 02:52:27 GMT

GET
H2 200 ring.gif
zdnet3.cbsistatic.com/fly/1568283574-fly/bundles/zdnetcss/images/logos/ 16 KB
9 KB 6ms
5ms Image
image/gif 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/fly/1568283574-fly/bundles/zdnetcss/images/logos/ring.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

309e20d540054848c2bee4268a2ec8e37656da9e7d5f8084c6f66f4fd711aed6

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://zdnet1.cbsistatic.com/fly/1802-fly/css/core/main-a8666d73c7-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58398
status: 200
vary: Accept-Encoding
content-length: 9039
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Sep 2019 10:19:34 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7a1bb6-3f75"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2019 10:30:35 GMT

GET
H2 200 ZDLogoMicroRed-x2.png
zdnet3.cbsistatic.com/fly/1568283574-fly/bundles/zdnetcss/images/logos/ 2 KB
2 KB 6ms
6ms Image
image/png 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/fly/1568283574-fly/bundles/zdnetcss/images/logos/ZDLogoMicroRed-x2.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

d6f28c2ecc7e7b603cead026b3febaa53ef60ef1ee17095ccaa5bfd465565e5e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://zdnet1.cbsistatic.com/fly/1802-fly/css/core/main-a8666d73c7-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58398
status: 200
vary: Accept-Encoding
content-length: 1513
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Sep 2019 10:19:34 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7a1bb6-6fa"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2019 10:30:35 GMT

GET
H2 200 ZDLogoMicroWhite-x2.png
zdnet4.cbsistatic.com/fly/1568283574-fly/bundles/zdnetcss/images/logos/ 2 KB
2 KB 6ms
5ms Image
image/png 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/fly/1568283574-fly/bundles/zdnetcss/images/logos/ZDLogoMicroWhite-x2.png

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/1802-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

d4bf85df37940345c4a0795bcc6556e480751e36f503425c25b1993071e90c9c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://zdnet1.cbsistatic.com/fly/1802-fly/css/core/main-a8666d73c7-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58400
status: 200
vary: Accept-Encoding
content-length: 1398
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Sep 2019 10:19:34 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d7a1bb6-691"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Sep 2019 10:30:26 GMT

GET
H2 200 river-time-ago-f2210a157b-rev.js Show response
zdnet4.cbsistatic.com/fly/js/components/ 753 B
584 B 6ms
5ms Script
application/javascript 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/js/components/river-time-ago-f2210a157b-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1802-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

2d3e9015bb665cc4e62a0aada26a74311bf87ba40e12b896724f447a98e68a89

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 508289
status: 200
vary: Accept-Encoding
content-length: 426
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Sep 2019 14:23:05 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d6fc8c9-2f1"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Sep 2019 05:32:24 GMT

GET
H2 200 tr-premium-promo-49ebdaab89-rev.js Show response
zdnet2.cbsistatic.com/fly/js/components/ 461 B
417 B 6ms
5ms Script
application/javascript 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/components/tr-premium-promo-49ebdaab89-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1802-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

f0c8ad030a90f1ee3cdcd5910587eab25da7bb0ec6f942d979bba4d506b38380

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505951
status: 200
vary: Accept-Encoding
content-length: 287
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Sep 2019 14:23:06 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5d6fc8ca-1cd"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Sep 2019 06:11:24 GMT

GET
H2 200 load-more-34f6119ea4-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 5 KB
2 KB 6ms
5ms Script
application/javascript 2a04:4e42:1b::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/load-more-34f6119ea4-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1802-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

f1f493f2418d851d9c9d5a6522417b0faa8e54fc93255abe5939b309a6e1465e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527151
status: 200
vary: Accept-Encoding
content-length: 1803
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Sep 2019 14:23:05 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d6fc8c9-12a2"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Sep 2019 00:18:04 GMT

GET /
www.zdnet.com/newsletter/xhr/widget-login/ 0
0

POST /
www.zdnet.com/m3d0s1/xhr/horizontal/ 0
0

GET /
www.zdnet.com/components/tr-promo-asset/xhr/ 0
0

GET
H2 200 load-more-1.0.js Show response
zdnet4.cbsistatic.com/fly/bundles/flyjs/js/components/ 8 KB
3 KB 6ms
5ms Script
application/javascript 2a04:4e42:3::444
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/bundles/flyjs/js/components/load-more-1.0.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/1802-fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

ContentServer /

Resource Hash

da52af54b0a90f89c3b6c3482a53119a588e68f99f3cb4d7af0e4460ff8e5016

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 02:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203798
status: 200
vary: Accept-Encoding
content-length: 2472
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Sep 2019 14:06:11 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"5d77add3-1f51"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Sep 2019 18:07:17 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=1

Domain: www.zdnet.com
URL: https://www.zdnet.com/newsletter/xhr/widget-login/?topic=

Domain: www.zdnet.com
URL: https://www.zdnet.com/m3d0s1/xhr/horizontal/

Domain: www.zdnet.com
URL: https://www.zdnet.com/components/tr-promo-asset/xhr/?topic=0

Verdicts & Comments Add Verdict or Comment

306 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 07:58:14	Name: demdex Value: 91968686126970491593988974272362630121
.lightboxcdn.com/	1970-01-22 19:15:02	Name: a1583f50-579b-41d0-8c4e-1cd1790d945c Value: N4Ig-mBGAeDGCuAnRIBcoAOGAuBnNAjAKwBsAHAMwAsATCTUUQOwAMANCBgG6wB22hDrnypi5anQbN2nLrj4DRHREgA2aECA6q1GgPQBDRNgCWsVQFM9vCwHcAtLhMBbAFYHYAawuJ7B7NgenvYW0BiqAPYm2BYAJvYmvPbYABYW9rYmqvHYEcmIQfbwuD649gBmEb7-9pYGuNjJtnkAnhZGuHpaIKp4hKSUtPSMrBwYuqgA2iCGxmaW1naOLu5ePn4BhaHhUTHxiclpGVk5edgFXkUliGWV1Y11DU2t7TddALoAvhwQMBiIFi4aFAsQMLREkzEg0kjDIVC-Pyg0EBFn4ImA33ASNgJliGgoBAMZHKBAAnCQ.JBqPYqCQqBR7KSmExyvZYpACDQKBymGQ6Ex7FCJPQqKSKCwQJ8gA___
.lightboxcdn.com/	1970-01-22 19:15:02	Name: __bxtest Value: IYIwxgHgngXkA___
.lightboxcdn.com/	1970-01-19 12:24:38	Name: __cfduid Value: d53d0d0d6bbd501ab5f5e9f9c6f8f52c71568342624
.zdnet.com/	1970-01-19 03:49:07	Name: RT Value: "sl=1&ss=1568342623677&tt=1978&obo=0&bcn=%2F%2F5f651e70.akstat.io%2F&sh=1568342625663%3D1%3A0%3A1978&dm=zdnet.com&si=0c57d2ba-35be-4324-a38e-3da053e676c0&ld=1568342625663"
.zdnet.com/	1970-01-19 12:24:38	Name: utag_main Value: v_id:016d288148c700092c09fcded23000079006f07100b08$_sn:1$_ss:0$_st:1568344425639$ses_id:1568342624456%3Bexp-session$_pn:1%3Bexp-session$linktag:undefined%3Bexp-session
.zdnet.com/	1969-12-31 23:59:59	Name: fly_default_edition Value: eu
www.zdnet.com/	1970-01-19 13:07:50	Name: _cb Value: qRA7CCC6qy5DOEyQ
.zdnet.com/	1970-01-19 21:11:41	Name: AMCV_10D31225525FF5790A490D4D%40AdobeOrg Value: -894706358%7CMCMID%7C92206603316675576953966584980069617297%7CMCAAMLH-1568947425%7C6%7CMCAAMB-1568947425%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1568349825s%7CNONE%7CvVersion%7C2.3.0
.demdex.net/	1970-01-19 07:58:14	Name: dextp Value: 269-1-1568342625307\|477-1-1568342625409\|771-1-1568342625510\|22052-1-1568342625611
.zdnet.com/	1969-12-31 23:59:59	Name: AMCVS_10D31225525FF5790A490D4D%40AdobeOrg Value: 1
www.zdnet.com/	1969-12-31 23:59:59	Name: viewGuid Value: 6f1dc1fd-540d-4c14-ab0d-35f1ce7ffd64
.zdnet.com/	1970-01-19 03:39:04	Name: s_invisit Value: true
.zdnet.com/	1970-01-19 03:39:04	Name: s_lv_zdnet_s Value: First%20Visit
.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years	1970-01-19 07:58:14	Name: CBS_INTERNAL Value: 0
www.zdnet.com/	1970-01-19 03:39:04	Name: _cb_svref Value: null
www.zdnet.com/	1970-01-22 19:15:02	Name: LDCLGFbrowser Value: d9af0c65-a4f3-49da-826e-cf1fe305cb8c
.zdnet.com/	1970-01-19 04:22:14	Name: s_vnum Value: 1570934625081%26vn%3D1
.zdnet.com/	1970-01-19 03:39:07	Name: first_page_today Value: false
www.zdnet.com/	1970-01-19 13:07:50	Name: _chartbeat2 Value: .1568342624778.1568342624778.1.CKQHEkCE8-ImDLRttw89BpEB4UnN8.1
www.zdnet.com/	1970-01-19 13:07:50	Name: _cb_ls Value: 1
.zdnet.com/	1970-01-19 03:49:07	Name: fly_device Value: desktop
.zdnet.com/	1970-01-20 05:55:50	Name: s_lv_zdnet Value: 1568342625085
www.zdnet.com/	1970-01-22 19:15:02	Name: _ccmsi Value: 1568342624697_iu4dp128d\|1568342624697
.zdnet.com/	1970-01-19 04:22:14	Name: s_getNewRepeat Value: 1568342625084-New
.zdnet.com/	1969-12-31 23:59:59	Name: zdnet_ad Value: %7B%22type%22%3A%22gpt%22%2C%22region%22%3A%22uk%22%2C%22session%22%3A%22a%22%2C%22subSession%22%3A%226%22%7D
www.zdnet.com/	1970-01-22 19:15:02	Name: XCLGFbrowser Value: Wx8YkV17AmBjGIEhQk4
.zdnet.com/	1969-12-31 23:59:59	Name: fly_preferred_edition Value: eu
www.zdnet.com/	1970-01-22 19:15:02	Name: _ccmaid Value: 5978151496924874953
.zdnet.com/	1970-01-19 03:49:07	Name: fly_geo Value: {"countryCode": "de"}

58 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service pending (GDPR consent not granted): script_indexexchange
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service pending (GDPR consent not granted): script_mpulse
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service pending (GDPR consent not granted): script_sourcepoint
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service pending (GDPR consent not granted): script_gpt
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 757) Message: ADS: queuing nav-ad-5d7af3cee0bcb for display
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 1227) Message: ADS: queuing intromercial-5d7af3cee0bcb for display
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 1295) Message: ADS: queuing leader-plus-top-5d7af3cee0bcb for display
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 1408) Message: ADS: queuing inpage-video-top-5d7af3cee0bcb for display
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 1418) Message: ADS: queuing sharethrough-top-5d7af3cee0bcb for display
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 1698) Message: ADS: queuing mpu-plus-top-5d7af3cee0bcb for display
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 1802) Message: ADS: queuing dynamic-showcase-top-5d7af3cee0bcb for display
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 1809) Message: ADS: queuing mpu-middle-5d7af3cee0bcb for display
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 2091) Message: ADS: queuing mpu-bottom-5d7af3cee0bcb for display
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 2109) Message: ADS: queuing leader-plus-bottom-5d7af3cee0bcb for display
console-api	log	URL: https://zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/evidon-sitenotice-tag.js(Line 522) Message: dom not ready, setting event
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service pending (GDPR consent not granted): script_sharethrough
console-api	log	URL: https://zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/libs/evidon/evidon-sitenotice-tag.js(Line 524) Message: dom ready, triggering load
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: GDPR consent granted
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent finally granted): script_indexexchange
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent finally granted): script_mpulse
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent finally granted): script_sourcepoint
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent finally granted): script_gpt
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent finally granted): script_sharethrough
console-api	log	URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js(Line 9) Message: Missing adCookieData!
console-api	log	URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js(Line 92) Message: zdnet
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): script_mpulse
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): _injectQueryStringGCP
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): script_chartbeat
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): script_ad
console-api	log	URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.1787.js?utv=ut4.43.201909041804(Line 177) Message: Service: sitecatalyst
console-api	log	URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js(Line 92) Message: zdnet
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_recommendation
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): script_sharebar
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_recommendation
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): script_sharebar
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): script_taboola
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_recommendation
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_recommendation
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_async_load
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_recommendation
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_recommendation
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): script_urban_airship
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): script_disqus_count
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): script_disqus_count
console-api	log	URL: https://tags.tiqcdn.com/utag/cbsi/zdnetglobalsite/prod/utag.js(Line 92) Message: zdnet
console-api	log	(Line 61) Message: blank creative loaded: 138245072116 (5 x 5, pos=nav)
console-api	log	(Line 61) Message: blank creative loaded: 138239344181 (11 x 11, pos=top)
console-api	log	(Line 61) Message: blank creative loaded: 138239368367 (641 x 321, pos=top)
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 164) Message: Dynamic Showcase Center container ::: creative id = 138247024569
console-api	log	(Line 61) Message: blank creative loaded: 138239468731 (372 x 142, pos=)
console-api	log	(Line 61) Message: blank creative loaded: 138239479696 (372 x 142, pos=)
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_recommendation
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): script_taboola
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_recommendation
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_recommendation
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_recommendation
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_async_load
console-api	log	URL: https://www.zdnet.com/article/new-simjacker-attack-exploited-in-the-wild-to-track-users-for-at-least-two-years/(Line 92) Message: Service loading (GDPR consent already granted): script_medusa_recommendation

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5f651e70.akstat.io
684dd307.akstat.io
ad.doubleclick.net
ad.yieldmanager.com
ads.rubiconproject.com
adservice.google.com
adservice.google.de
api.viglink.com
api1.lightboxcdn.com
as-sec.casalemedia.com
beacon-eu2.rubiconproject.com
beacon.tru.am
c.evidon.com
c.go-mpulse.net
cbsdfp5832910442.s.moatpixel.com
cbsi.demdex.net
cdn-magiclinks.trackonomics.net
cdn.jsdelivr.net
cdn.taboola.com
cdn.viglink.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
dpm.demdex.net
dw.cbsi.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.moatads.com
googleads.g.doubleclick.net
idsync.rlcdn.com
iicbsi-a.akamaihd.net
images.taboola.com
in.ml314.com
js-sec.indexww.com
l.betrad.com
lightboxapi2.azurewebsites.net
match.adsrvr.org
ml314.com
native.sharethrough.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.everesttech.net
pixel.mathtag.com
ps.eyeota.net
px.moatads.com
rev.cbsi.com
saa.cbsi.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure-us.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
static.chartbeat.com
sync.crwdcntrl.net
tags.bluekai.com
tags.tiqcdn.com
tpc.googlesyndication.com
trc.taboola.com
tru.am
urs.zdnet.com
vidtech.cbsinteractive.com
web-sdk.urbanairship.com
widget.perfectmarket.com
www.everestjs.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.lightboxcdn.com
www.summerhamster.com
www.zdnet.com
z.moatads.com
zdnet-1.disqus.com
zdnet1.cbsistatic.com
zdnet2.cbsistatic.com
zdnet3.cbsistatic.com
zdnet4.cbsistatic.com
zn_3xebfjduss0srw5-cbs.siteintercept.qualtrics.com
tpc.googlesyndication.com
www.zdnet.com
104.111.214.229
104.111.230.142
104.111.241.32
104.17.208.240
13.35.253.127
151.101.113.181
151.101.114.133
151.101.114.2
151.101.12.134
152.199.23.241
172.217.21.194
172.217.23.162
184.30.221.201
184.31.90.90
2.18.233.143
2.18.233.201
2.18.234.21
2.18.235.40
2.19.43.224
2001:4998:58:4904::7000
216.58.206.2
216.58.210.6
23.99.128.52
2600:9000:2057:ba00:1d:8c8c:47c0:93a1
2600:9000:2057:e000:18:1fcd:349:ca21
2606:4700:20::6819:a222
2606:4700:20::6819:a322
2606:4700::6810:51a5
2606:4700::6810:5514
2606:4700::6810:a00d
2a00:1450:4001:809::200a
2a00:1450:4001:815::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::2004
2a00:1450:4001:820::2002
2a00:1450:4001:825::2003
2a00:1450:4001:825::200e
2a00:1450:4018:802::2003
2a01:4a0:1338:28::c38a:ff12
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::444
2a04:4e42:3::444
3.212.241.161
3.226.5.56
3.248.146.79
34.200.61.129
34.233.109.111
34.247.144.106
34.254.217.168
35.157.160.140
35.176.50.209
35.190.38.167
35.190.72.21
35.227.208.151
37.252.173.27
46.51.201.190
52.208.212.211
52.49.176.73
54.77.236.71
54.93.117.16
64.30.230.22
66.117.28.68
66.117.28.86
69.173.144.143
69.173.144.153
010d0f22539421bb342a069ef90d92e78be007c7e35c98fb8d631d831b96881b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05e529a757d25aa9d160d28e57c20041eee3f973870c0f0ad4ac7c21937254b1
064e4b070732b6d0c8663256d4711972ce0d8132a2ec086b241f0749a9842230
07178558c596bc2fe33d99750a349d5413fa4571fc778cefbe4f4f367404f6d6
077dfe27379ee21a165147f5ec9be6ee8505bcdce68c0620ac038d0732268b77
079c6baf748d3b543bd11d58558f93c92619dfc023b34b66a1c3648a4f01feee
0ab2fa9fb2d0de3bb97b0b5a23c0bfc001d31593fe74c242571c9ba5c2b376ae
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0c042726aad611dc0974008c4b702ec1ab74bd9a1e9943c1258fef9956f7b1e6
0c12cb658ae34dbdf2e5e849a56b76b6c7713689e2604cc310e426610f58cec9
0e13cd6845611f0c419398a75b85ba014a7fffb1b9e9575c2e1b4cfefebd0017
0f4176807e149be9c6cc0e583699fffe630cccb37e57242ce5a7b1f7d63d859d
0f91e664ba993207337dbd5b1ab9f156c5f579d99d9b2e1315706815deadd0ae
10113bad06fefd5698a45480ffaedd421c6e06f9dbd0d1c772b7128bbea0842d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11786d0c519ee1ff5ca0ba0d699539e29b05c7273834da0954b3609025ad8303
1186c32d6e1164efd9ca97ef49c4e2bd0eff1c61d650bac38c3bc7d01d2b8c72
149a54b1fc172a28f228290f63997d855af2a8ef05c418645c7ed29b54a91a5b
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
168858aa1c16b7c155653298551345485acf7545fcf5c4927b57f225fc40283e
1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c
1a397f2c64334b78a494a2c41b1c8713738b8dfd9db55cb2bddb097207598659
1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9
1c3d0669318ff3ec26e076a333d498305880abb1d3979cce3dc6d76dd7b0b91e
1d1eab2e9d5b36e1297db68599d3e9c3df71869a0863fb261972b93e919d7af1
1d4d518e1da495fb6d6d8b3d86bba79d7597b61b466e71c45cdb09ed79659c53
1dbc90839e483d8473fe18c16e84f8e914ba4aabb9593731dc8627bdf71c3206
1df152c5f79010dd701eceeabbf5fae49f8b375b625f2a5d7f8a8fbe11b92f2b
1f948056b50b22854611638a2a293c1f4eb05e9b72c29b2e3f41eefabd789788
20d0cfa10aa539f7d83866f4cf482710381e1ddf7f61f5fcd0f40b20803dd005
24e337424cb73e0a532bd8013638aa73079dd95446ec1f7406644b917f977ece
277c3b1aa9849ea281525d0d823264cf6f245eebc87636cd03b587214f79f6cb
27a1b8a51741d0473ab2eab70188657fd20d755ba84e0b3e6a51e6f94d7e3a4b
2b4961c0dc85fd990d071d7cbd27dcdee4f0912a14bc9a2af5df2f06eb56d95d
2b53e383b81263b9e529c236116454190c04d520031d5f4abaf5e4df40805cd5
2b8d8ef7fec86e16424f0c6be7f0471a0c29256e074e1336d92876ddb4bc09ff
2bf78db102c9d6e84c8e86cd2bd6134383688ae866a991028728b62f482358ab
2d2a11b295b37fae106b4c6e8cacec5e02d1d5f7e3531f534e61559620c8eb6f
2d3e9015bb665cc4e62a0aada26a74311bf87ba40e12b896724f447a98e68a89
309e20d540054848c2bee4268a2ec8e37656da9e7d5f8084c6f66f4fd711aed6
3147026ff99804131affcb3cadbdfd49c0a07583682aefcc1198f57e2614d5b0
3240c7e00ccd21fbdd141f58cb238c68bb59180a35dfb79df8bbe57e0d13b0fc
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
35f3de772fc88b09b9f866de6d38f50d8716aecc446bb10456585f61834ae2c8
3624e97a6a4f6fb481369929e579039d00be03b0a2e5d1f5f961c44dfd98940c
3814ce906a839379e349f083d1b330fb3893227199626e0a6bb4a417239aec6a
390a28be2ca4bcea5b71fe050295281a1a8fc99175690cdd62de378190400acb
39f0e13a96fd029965b5b5fd3504853b6fe6ded07b4dd8862a0e033be626e655
3d14abd3048f0e77ff64ace93cbfe3ef48584bd0570bf7303b3bbf5ea0ffab6f
3dbdd179f27738c4c342d0c5ac068becbaa67f3ec94e6d5d72603d9d47b12091
3ff065de0d90b0510727a72c173d05652c30967c5e6561dbf1d82fa077cabb22
4021f17f04d1808610fd53096d9a57e97d86a7d8c94cd86b970640c4f99a70c6
437a944207b3710f33a5ccd0afc47993219e69b7b5309a928049511e04b49cd8
45b020d0f0358a3193ab89db53cbc63d40592c05131448c243ee2ae9e685dfc6
4762eb86da06aa94957be34b5d2a4cd69d11a485cb0bcc938e6adc71a256cafe
49a69ce951361847c8b120003eb204a50416416359e1533cd42f9d3d80b8741f
4b4e495cb409a6985aa01c06edbfbe3ac3dc394d4968b261bdc89805c5dadaf4
4bb0f33f40b38593e1cba1c8b2f15703d33753bbd80f30511dd9c464a959afe7
4d565f67641c732365c3180ec1e37c7a987825faad3e8632de8a07a9101feedd
4e648b2b9970940763e056a37a317bf3ee2c136528ebbc25f8b62dacc15f41c9
4f72e8df44e82a8066b16ca8ab2d59f8f9ef21fa52c07d8554972f48b5105f13
516f266d5e4d60288112d71933eb858097eefa7b15ead2a339d2d6140805449b
52b9e38359d28b25df0896fd56c1fe0e2dfa20e178baab3822213b49a5cdec97
57e1e8e64fe95a0acc0822d690633b9450b26919fcedc32958ebcf7d39393181
59a8417809bc205c37696ecd2f9b9c9ef704f24f4537e40c9d9cf8238774e448
5a23d866a0a92019445c029e63c85fb38129d46906a233ac3717b7b4723c48a9
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ecc6a93ec2939faa8dbf80084346c7d940f5a2181ee69343810da52902eb92d
6290cd1791503d91f6fdafcd3e81025b21034d8e081720074006f2c1ccd059c4
64637990e162d4fd57542e2fb62be42c07b1816ea57f855479f792d8b455b1f5
6609393ea122a21291adb391b0e2569df37c08df6e9dc4a0a23718ddfa0c6426
661582515dd231f99fdd37d11c1237a8e001ab99b898dc1430ac2f73f718098c
66ef1b7581d8ef7b82bfe2ca363a612a479d89b808e2241f68d3e8c75f4f06d4
69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c
6daddeffc56c0e5fbcf31b35ec7a48626941ef47711020f7a48155dcc747f22e
6de73873dd441f953668e77030299f082e0f3e6335bf944d88d44978162e6609
6ec18584135e8bbd5e0ca6d92569f347ba4046aefc14bba7856d6d3d4f8edd64
7153746b76e7d26f36afe41d0791f23ce52e0a260a7c91923b9d9df18b3262d9
733dd6689e690b8ce89ef66b8e08a69867d54179f34f79ed5c69d1b88b2f2622
735dd6528ef8dd97886865a6ff4a0387d6cebab544c6288c8ba2169b1858c392
763fa0bd7eff816d0a5f8c3e4075f9173a5cebf51a1e2c0d1174f841de10b9dd
7798765928be995a2248ee8a346670e6da510bee8cdad6e357dd3b5fc6677f5c
77bf6cf55ca271a4182754c87d95727d80838cc8cbf3fd0b4bcb8e7345fc1b4c
77cbfc1b6dd1f22f70c6448c0755c40d9203ecf80c617895a9935565981d9b9c
78ca9ca8d323bac1940622f147a59695e8f1936e26b69fe72c162525b4e414bf
791b7ff5657f9c41e24adaa1f6f5a4dc51046d292b25b01a5a8d152ff4a951ac
794fe0486515f44881ce168acf0fb4ba478b6971fe3448ae96176f50075fadca
7a35f745522fc2539f261b99908665ea8f66e7d709e0ba46e5afdc7984b61cb8
7cdf807d33246f24e85dfe3465ba722856eb39499fa38ac79e4c87b787071d46
7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082
7eae865fd7c820936603897a072b7ddd77b2c74e8022160fd19792291a63fac8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85627f2dfac9c36fad3f8a259bf6ae0e666c73680ceaa1038e77dbe32d7aa842
873d3cce55ed4e7b80754144eacce20aa2c789ef95187b32aedfc0efa8de7d48
885fb8b9c3d2738bd627def3899f26d4d42641bbb868cc99d1fbc16f0ed9f4c6
8998e68f9bb1686ca1e03fcf3f0d6ea669c32d1f3554aeea809f1b1824ff6625
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aad7f3a1006ed9a5f1d31bf2eb96de209f5ccecb129a519cf65d7f580b018b1
8af0a57740a2f260ec70c48eecdec9c13a10efdad98179ba7fb815d071e156aa
8b2765d2ae670e95d7e680ac7c36c2b6af3c4663e35fc1173d02de6719203efb
8bbab7355d5aa551c9f5152fac15aa857d1e352242440ce6911a4e8eef321500
8c774fc6dc04700209e0a86246303eae26279cb59d9e85235d34450db1382aa1
8f506e11f99030a455e7b3ecf1a137412f032d337a0a899feddf0ede8639dc02
917cf9c26937a1463b36e8f38119a6448c29b5f04c4044e10e6900136a77ec89
91f05f0556fabe27de8aa0b613b44b8d4b9a691fe7713b7eecafe34bd03848df
9337d4f2ef8a00759da573e178e302712fec944ac54cfd808f48c526b9816d3b
95ec4dea002be118a633dc5070c23358d10e179ad3de44f23ac97578c6971df7
97e6789565e852c207f8f03970146971a063cb8d41313be4fcdb5bfd12d762ee
992eabf96f21d124f7a7bd985cd5144f9b19c445c4382148648d3b9b86f547fc
99fd27cd410417b5633d3fc37196751afc4b3f9ffa5853dedb73cfcb3e810d7c
9b404c617f947b58e4c257e9d622512567b05283f1ce4894b11273982c534f71
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9c9976c3979def37b27a2bad7ae40a18493dd4ebcc8025b3561f9684e049c283
9db8bd3e641dc88d54edf476a148e75e29b4e8ccd040cb340404d557578dcfbd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1dc62195a78ed0cfecd916f04549f453c13a90f6d8d67dfc1ce2195ccb20e33
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3affe1d9dee7d86c2ba779234d2dcb904f88c2180d2f3cb77aa598ebaea6b95
a5727f7f8eb4b910f6bf7aae7a2e71a97dad9b8af073d11686899047641a5350
a7a95f26e699ec6c560ebffb24aa05d95d1691c07a1222299d65c60f4af96761
a7bc2ad7ae7eed240bdba54adbc2fd6203ee5f6e2f98a13a6193dec1d45cc18a
ab5d41a2e1ab58cb21919cc930f8f4840f44196bff32c1c14962b9ba8f2015f1
ac5201cdd2f2cf19b3fe2e977b44687abf6be59d6352033d83945ebd357ebf97
ad7ed17bf4c8d9dd2511e7254670822d0f90c8fb89187f860cfbcb91821abc84
af7846155cf04065544b824a60dbc66f1adb852b1c120fce18ebab9b1b33c185
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b270b9cf7c73dfd11edd3beb2e12bfe3d7fc161499c5e3dbc8e61d29547804df
b2ab8784d5ca4bc5e4e1990ba55c6d9f041b8fe8cf41ad9afa37bc1c3dd12756
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
b60d2b6fbd6ad485b5b6e09a49750db86101655632d2b0162c8a2bfcf5328860
b7a80bd63ac8a650149f398a9802cf9e6ab4b69570180d4be4139ee2c6593729
b89c96a0ef0b0d7c846fd4370f17a48fd0dd73383e00104d68eefad4b717526c
b8c15c61feffdfe68b168cf2ac8cf58867f38547da3b15d7971a75c44f16bc26
b9d6fddb0988440902fcfc72f371ecfa80ee2eb36073f9eebc17449ee41c886f
ba2fa15976662b87f31dccdd53d415b927f2118760fdafc4ac21dd2c1b234ff3
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c1528ade9fc17bdb868a4529c2c54731789ad1f5c4457a54695bad196c66737f
c1f4b48cf64b1d62f7ac56e47f4654cc28d949cdb83d9a0fa7be561c498b20d7
c20d204fda0257be992a31867075cd51dbb5428c57e7805ee2fe4a1f08daf500
c649aaa88ce29f86caa50dc08e1745c9783e049656ff2d5a93ef813b7f0c662a
caab9bbec165591d5214448b624dae44a3cbc575721ba71da2f7130bbbcbc6dc
cafcc9a51d760f8caf35209bffaa361d8be982ef5018292042d789b8433dd2b3
cc190ad5473e1b98d51458ba31301e56906c662735d69abadf68c1b1a02cabda
ccb75ab271796d1d6c7fd5cc0ab5045bf6610134558de5687e81e7bdaf11ef94
cd18ff5ab573c16846ea10b95f33c2b1e329fc0246f9e7f8ccfe90a7322c5e88
cd5e6512fdbb698425174148dba05f72357a3b1944413f8812c55c4025d3d562
ce138e490f32cd41276c6425da7421d8c917ed0b90430b1abea775134e30e89b
ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3
d030b82de019e85ea0136865086e36f945fd601dac17c266ad8b55f46df42e28
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41
d44c1c3b519cd0b390eb41352d8f3e522e4ed7eac8bc5cf475638985a9c4af16
d4bf85df37940345c4a0795bcc6556e480751e36f503425c25b1993071e90c9c
d696da403b0169c2191d0ec0b0fcdaa85487b21b19fd58f4b1fb5b9edf40b153
d6f28c2ecc7e7b603cead026b3febaa53ef60ef1ee17095ccaa5bfd465565e5e
d6f3e8336a6fdec809ec2a383164b41cf26e92063d724ef6531c40d42a54f114
da4cf718493f202a897e5c45d8fab79f2c58f699cfcac05c1eae987e0739a83c
da52af54b0a90f89c3b6c3482a53119a588e68f99f3cb4d7af0e4460ff8e5016
dabf73474662398f4f686a1b3103542f53384dd6241e6ac13f8ba535c6372aff
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dd787044f07fb551657e198707ea27bfddcf6cf53bd6e8bf5efd6322a5273cba
de1070c0a09e10deca1324e6acbf32906096aae9dfbed8bfdaef2970fcdbe25f
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
dec2988627e11707df1136d964c33b9106da43631b14be03523ed837c7874bcd
df5a97011191eea2a576b73750353fbe1ef586171fa7b256c3ce7234d0d691d3
df73cffb2298c7b173d895534644b4d2d4e655aaf5d68091d7883074f88b091b
e0b8436d50fb200de76d7a25cf450ea238cd100197f8e9d462e9228153da873f
e1ac4419469703e327199779a0b1b5079a174a50da64377731ac6b1dee03391d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e482ba089d973ca257acfd70b2d7541447d5d333449b106d5c3dffebe322566a
e4a8fcf5063d5f40b9c608a2d93ba2e852b9c3462b71c21ceb7a12f195d47b10
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e59c8c655db8c097ed0067789aeb44ed58f25f8c68a5772bbb3f1fdc18e5e336
e9477ef3a34ac7652848339f8be0e4a768a5a6b74e262cad49ae19fcd5dca953
eb07b53d262575cef96004e2be725ac235db39262e9bb8466a2a9b85cf532aa8
ebedf2b7f0af84ca09415b0956752054e4f54b504774a9af896fc3a3e68fd491
ec6c461b6a7da1d28c5bb10b93c755c080ccdaed59821bdf1076bdc3866cc956
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c8ad030a90f1ee3cdcd5910587eab25da7bb0ec6f942d979bba4d506b38380
f1c890ea7aa0d881683105690adb6f46341f5b5fce216462df68841a38aa5906
f1f493f2418d851d9c9d5a6522417b0faa8e54fc93255abe5939b309a6e1465e
f2d633bd5d83931f8bb0ad151a91040741c390bcd8345ee0fadb801d836c2157
f46d40bf061892a5c2b8eccde5afa89377d576c9bfb637644b9e700b680d141d
f5b52ad70c5d645388b52d2fadaf8a5311aee9a01436866ab9b3e2c5f02e1c22
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f92514f4e39c16da9037f964148a09a79419744b77d611860ffc81c86aeace0a
f96f203f5605c9f56e7f6f97caf6ea84f122872ec3c5ac1f9037a1b508c706ee
f9784f57729f84391b084eed9e944e048f771129d65e9b58f34095fdfba86473
fa33d1db535d783b0baf4e74bdc7ce9e54633f87a03669b2803e567088d64ccb
fb9bbf5342908355d0bdbca3363b05677a3f86a1f093a997cae7003fcbedba1c
fbb26cae740a8b9006ec97fef51427770ef98b2ec043928254af38a56d9ae11b
fcd743c4396657d1ced9aebf85631f63a0be4db70cc7dd078b4209f36949b062
fe2255e2e70ac6ef64e3873fb73ed5cd8a957ca7fc00355e041069a904b6f377
ff066c5f4a5b02fe75e2096dff69f95ae03c86e85e47a746543656cc0fd0ee3e
ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097
ffaeeea8b8a09eda9e1eb2f2dc2c9ae055afb7fdbd4d88f57f324f8cad1d4ac5

www.zdnet.com Open in urlscan Pro 2.18.233.143 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

372 Requests

99 %HTTPS

33 %IPv6

55 Domains

83 Subdomains

60 IPs

6 Countries

5613 kBTransfer

16247 kBSize

30 Cookies

47 Outgoing links

Page URL History

Redirected requests

372 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.zdnet.com Open in urlscan Pro
2.18.233.143 Public Scan

Screenshot
Live screenshot

Full Image

372
Requests

99 %
HTTPS

33 %
IPv6

55
Domains

83
Subdomains

60
IPs

6
Countries

5613 kB
Transfer

16247 kB
Size

30
Cookies

372 HTTP transactions
10 data transactions