news.goshare.tk Open in urlscan Pro
104.27.147.160  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

• http://go.mobtrks.com/notice.php?p=1327005&interstitial=1 HTTP 302
• http://mobpushup.com/notice.php?p=1327005&interstitial=1

Request Chain 49

• http://tr4.tagsd.com/newServing/tracking_id.php?d=a.yesadsrv.com&r=http%3A%2F%2Fa.yesadsrv.com%2FnewServing%2Ftracking_id.php%3Fb%3D1%26&gtruid=1 HTTP 302
• http://a.yesadsrv.com/newServing/tracking_id.php?b=1&UID=15200067807894&TRSTR=1&RTID=

Request Chain 62

• http://connect.facebook.net/en_US/sdk.js?_=1520006778968 HTTP 307
• https://connect.facebook.net/en_US/sdk.js?_=1520006778968

Request Chain 78

• http://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
• http://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_tc= HTTP 302
• http://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEGJL5686L-_VwoUHyRTzGO4&google_cver=1

Request Chain 97

• http://dpm.demdex.net/ibs:dpid=96678&dpuuid=L6we9SCyH1OV HTTP 302
• http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=L6we9SCyH1OV

Request Chain 98

• http://idsync.rlcdn.com/400066.gif?partner_uid=L6we9SCyH1OV HTTP 302
• http://idsync.rlcdn.com/400066.gif?partner_uid=L6we9SCyH1OV&redirect=1

Request Chain 104

• http://api.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&callback=jQuery213023723476811602096_1520006780709&_=1520006780710 HTTP 307
• https://api.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&callback=jQuery213023723476811602096_1520006780709&_=1520006780710

Request Chain 124

• http://ib.adnxs.com/getuid?http%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3D%26pid%3D11254%26adnxs_uid%3D%24UID HTTP 302
• http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%253A%252F%252Fs.cpx.to%252Fca.png%253Fref%253D%2526pid%253D11254%2526adnxs_uid%253D%2524UID HTTP 302
• http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=379713204515381955

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	500 Internal Server Error	Primary Request Cookie set / Show response news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/	37 KB 37 KB	5782ms 5776ms	Document text/html	104.27.147.160 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 104.27.147.160 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash e1a8833dbf1a444cee10a2438483b8c437d0dc5c92dc6b422b48172f05171c0e Request headers Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Connection keep-alive Accept-Encoding gzip, deflate Host news.goshare.tk Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:18 GMT Server cloudflare X-Pingback http://news.goshare.tk/xmlrpc.php Content-Type text/html; charset=UTF-8 Set-Cookie __cfduid=dc1b84554f1457c90ec5be3f185ec48791520006773; expires=Sat, 02-Mar-19 16:06:13 GMT; path=/; domain=.goshare.tk; HttpOnly Transfer-Encoding chunked Connection keep-alive CF-RAY 3f551bfc15be271a-FRA Link <http://news.goshare.tk/wp-json/>; rel="https://api.w.org/", <https://wp.me/p8LiWj-eah>; rel=shortlink X-UA-Compatible IE=edge
GET H/1.1	200 OK	shareaholic.js Show response apps.shareaholic.com/assets/pub/	5 KB 3 KB	16ms 9ms	Script application/javascript	52.85.184.163 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://apps.shareaholic.com/assets/pub/shareaholic.js Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 52.85.184.163 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-52-85-184-163.fra2.r.cloudfront.net Software nginx / Resource Hash 843f4b57b03d32e89bf3a8d8a2480a28bdbbc57454cc09fa206b444f08145809 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Thu, 01 Mar 2018 14:21:06 GMT Content-Encoding gzip Age 12 X-Cache Hit from cloudfront X-Hello-Human Join the fun! Apply at www.shareaholic.com/jobs Content-Length 2293 Access-Control-Allow-Origin * Last-Modified Tue, 27 Feb 2018 01:05:33 GMT Server nginx Cache-Control max-age=900, public ETag "7734d7e315fa8c8a69436373270e9907" Content-Type application/javascript Via 1.1 c1b77f069e81fd54b56ee92a790a3e9b.cloudfront.net (CloudFront) Connection keep-alive Accept-Ranges bytes X-Amz-Cf-Id EJ1i-9PyYzgmvyQEvLJTdtnWwZ0KJ9aIKn459zmYmMTBcqD_tbP0Hw==
GET H/1.1	200 OK	style.css news.goshare.tk/wp-content/plugins/easymega/	26 KB 4 KB	19ms 12ms	Stylesheet text/css	104.27.146.160 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://news.goshare.tk/wp-content/plugins/easymega/style.css?ver=4.9.2 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 104.27.146.160 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 017eebd02f17ace35f8b6e47ea92be7a185a716799e8b5142226d3876e7bc8ff Request headers Pragma no-cache Accept-Encoding gzip, deflate Host news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Cookie __cfduid=dc1b84554f1457c90ec5be3f185ec48791520006773 Connection keep-alive Cache-Control no-cache Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:18 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Sun, 04 Feb 2018 07:41:31 GMT Server cloudflare Etag W/"806d-5645e12f3d7d0-gzip" Vary Accept-Encoding Content-Type text/css Cf-Bgj minify Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 3f551c2043352660-FRA Expires Fri, 02 Mar 2018 20:06:18 GMT
GET H/1.1	200 OK	featherlight.css news.goshare.tk/wp-content/plugins/facebook-page-promoter-lightbox/includes/featherlight/	1 KB 999 B	22ms 16ms	Stylesheet text/css	104.27.146.160 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://news.goshare.tk/wp-content/plugins/facebook-page-promoter-lightbox/includes/featherlight/featherlight.css?ver=4.9.2 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 104.27.146.160 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash be139362cc94b396f7aebea77dce5ec12b18b003340741258d76ad427bc9e200 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Cookie __cfduid=dc1b84554f1457c90ec5be3f185ec48791520006773 Connection keep-alive Cache-Control no-cache Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:18 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Sat, 30 Sep 2017 20:20:36 GMT Server cloudflare Etag W/"cd3-55a6ddfc94d00-gzip" Vary Accept-Encoding Content-Type text/css Cf-Bgj minify Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 3f551c2046432774-FRA Expires Fri, 02 Mar 2018 20:06:18 GMT
GET S	200	css fonts.googleapis.com/	23 KB 1 KB	18ms 16ms	Stylesheet text/css	172.217.18.170 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700&ver=0.1.3 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol SPDY Server 172.217.18.170 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s29-in-f10.1e100.net Software ESF / Resource Hash 111a824e5591ab04cc7026368670cbd2e593a093bea2ccbfefc2d20ef39e3ca7 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 02 Mar 2018 16:06:18 GMT content-encoding gzip last-modified Fri, 02 Mar 2018 16:06:18 GMT server ESF link <https://fonts.gstatic.com>; rel=preconnect; crossorigin status 200 x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" x-xss-protection 1; mode=block expires Fri, 02 Mar 2018 16:06:18 GMT
GET H/1.1	200 OK	font-awesome.min.css news.goshare.tk/wp-content/themes/glob/assets/css/	30 KB 7 KB	17ms 10ms	Stylesheet text/css	104.27.147.160 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://news.goshare.tk/wp-content/themes/glob/assets/css/font-awesome.min.css?ver=4.5 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 104.27.147.160 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash b139f243c33a32098b98fe104d2070f65662d47c93cbdee9b80ac9ea4e060830 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Cookie __cfduid=dc1b84554f1457c90ec5be3f185ec48791520006773 Connection keep-alive Cache-Control no-cache Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:18 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Mon, 06 Nov 2017 19:54:01 GMT Server cloudflare ETag "791a-55d55d0e0c2d3-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 3f551c2047972726-FRA Content-Length 7055 Expires Fri, 02 Mar 2018 20:06:18 GMT
GET H/1.1	200 OK	style.css news.goshare.tk/wp-content/themes/glob/	43 KB 9 KB	17ms 11ms	Stylesheet text/css	104.27.147.160 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://news.goshare.tk/wp-content/themes/glob/style.css?ver=0.1.3 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 104.27.147.160 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 58173560fdcadc0ae5b952e3eaf2e73406472017ce9054f45eae245987dadd46 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Cookie __cfduid=dc1b84554f1457c90ec5be3f185ec48791520006773 Connection keep-alive Cache-Control no-cache Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:18 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Mon, 06 Nov 2017 19:54:01 GMT Server cloudflare Etag W/"fc42-55d55d0e0e212-gzip" Vary Accept-Encoding Content-Type text/css Cf-Bgj minify Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 3f551c2047c526a8-FRA Expires Fri, 02 Mar 2018 20:06:18 GMT
GET H/1.1	200 OK	social-logos.min.css news.goshare.tk/wp-content/plugins/jetpack/_inc/social-logos/	26 KB 19 KB	20ms 13ms	Stylesheet text/css	104.27.147.160 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://news.goshare.tk/wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=1 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 104.27.147.160 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 168a34a1cda3e8935b8a5cde891cfd8255404249bc43adf0f9a3634a57b19034 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Cookie __cfduid=dc1b84554f1457c90ec5be3f185ec48791520006773 Connection keep-alive Cache-Control no-cache Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:18 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Sun, 04 Feb 2018 07:41:29 GMT Server cloudflare ETag "6867-5645e12d4594e-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 3f551c20456c26c6-FRA Content-Length 19000 Expires Fri, 02 Mar 2018 20:06:18 GMT
GET H/1.1	200 OK	jetpack.css news.goshare.tk/wp-content/plugins/jetpack/css/	64 KB 12 KB	29ms 10ms	Stylesheet text/css	104.27.147.160 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://news.goshare.tk/wp-content/plugins/jetpack/css/jetpack.css?ver=5.7.1 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 104.27.147.160 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 4681d7001fa36e4230062c247d65e24536cfcabd75099b2e735d3f0d1a8cb02b Request headers Pragma no-cache Accept-Encoding gzip, deflate Host news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Cookie __cfduid=dc1b84554f1457c90ec5be3f185ec48791520006773 Connection keep-alive Cache-Control no-cache Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:18 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Sun, 04 Feb 2018 07:41:28 GMT Server cloudflare Etag W/"102a5-5645e12c8ef6d-gzip" Vary Accept-Encoding Content-Type text/css Cf-Bgj minify Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 3f551c20579c2726-FRA Expires Fri, 02 Mar 2018 20:06:18 GMT
GET H/1.1	200 OK	jquery.js Show response news.goshare.tk/wp-includes/js/jquery/	95 KB 33 KB	32ms 14ms	Script application/javascript	104.27.147.160 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://news.goshare.tk/wp-includes/js/jquery/jquery.js?ver=1.12.4 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 104.27.147.160 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 8a4c252da9c4b03a65ca99a734ef82408df893c1b6a5d5a49c4f87f774bc4f75 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept */* Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Cookie __cfduid=dc1b84554f1457c90ec5be3f185ec48791520006773 Connection keep-alive Cache-Control no-cache Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:18 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Fri, 17 Nov 2017 16:27:04 GMT Server cloudflare Etag W/"17ba0-55e30350c2ac1-gzip" Vary Accept-Encoding Content-Type application/javascript Cf-Bgj minify Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 3f551c2057cb26a8-FRA Expires Fri, 02 Mar 2018 20:06:18 GMT
GET H/1.1	200 OK	jquery-migrate.min.js Show response news.goshare.tk/wp-includes/js/jquery/	10 KB 4 KB	155ms 134ms	Script application/javascript	104.27.146.160 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://news.goshare.tk/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 104.27.146.160 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Request headers Pragma no-cache Accept-Encoding gzip, deflate Host news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept */* Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Cookie __cfduid=dc1b84554f1457c90ec5be3f185ec48791520006773 Connection keep-alive Cache-Control no-cache Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:19 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Fri, 17 Nov 2017 16:27:04 GMT Server cloudflare ETag "2748-55e30350c3a61-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 3f551c2056492774-FRA Content-Length 4014 Expires Fri, 02 Mar 2018 20:06:19 GMT
GET H/1.1	200 OK	related-posts.min.js Show response news.goshare.tk/wp-content/plugins/jetpack/_inc/build/related-posts/	5 KB 2 KB	46ms 21ms	Script application/javascript	104.27.147.160 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://news.goshare.tk/wp-content/plugins/jetpack/_inc/build/related-posts/related-posts.min.js?ver=20150408 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 104.27.147.160 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash dbaff56b0c1e18b645e106606b7391dbe2d7fa3d569bd5368898ba22ae81a66e Request headers Pragma no-cache Accept-Encoding gzip, deflate Host news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept */* Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Cookie __cfduid=dc1b84554f1457c90ec5be3f185ec48791520006773 Connection keep-alive Cache-Control no-cache Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:18 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Sun, 04 Feb 2018 07:41:29 GMT Server cloudflare ETag "1268-5645e12d5a16e-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 3f551c20657426c6-FRA Content-Length 1656 Expires Fri, 02 Mar 2018 20:06:18 GMT
GET H/1.1	200 OK	featherlight.js Show response news.goshare.tk/wp-content/plugins/facebook-page-promoter-lightbox/includes/featherlight/	11 KB 4 KB	38ms 9ms	Script application/javascript	104.27.147.160 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://news.goshare.tk/wp-content/plugins/facebook-page-promoter-lightbox/includes/featherlight/featherlight.js?ver=4.9.2 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 104.27.147.160 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash ec35981d0868b327171d9030ac52c68ef8bf08cdfecfe3ee8cb9bdede6ec45e2 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept */* Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Cookie __cfduid=dc1b84554f1457c90ec5be3f185ec48791520006773 Connection keep-alive Cache-Control no-cache Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:18 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Sat, 30 Sep 2017 20:20:36 GMT Server cloudflare Etag W/"5b05-55a6ddfc94d00-gzip" Vary Accept-Encoding Content-Type application/javascript Cf-Bgj minify Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 3f551c20679f2726-FRA Expires Fri, 02 Mar 2018 20:06:18 GMT
GET H/1.1	200 OK	launch.js Show response news.goshare.tk/wp-content/plugins/facebook-page-promoter-lightbox/includes/launch/	2 KB 1 KB	41ms 8ms	Script application/javascript	104.27.146.160 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://news.goshare.tk/wp-content/plugins/facebook-page-promoter-lightbox/includes/launch/launch.js?ver=4.9.2 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 104.27.146.160 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 7d197c8452a53fbd7432b19ef9a42d980586b48d7b9e2cdbf832b6face1c4e3d Request headers Pragma no-cache Accept-Encoding gzip, deflate Host news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept */* Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Cookie __cfduid=dc1b84554f1457c90ec5be3f185ec48791520006773 Connection keep-alive Cache-Control no-cache Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:18 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Sat, 30 Sep 2017 20:20:36 GMT Server cloudflare Etag W/"e5a-55a6ddfc94d00-gzip" Vary Accept-Encoding Content-Type application/javascript Cf-Bgj minify Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 3f551c20734f2660-FRA Expires Fri, 02 Mar 2018 20:06:18 GMT
GET H/1.1	200 OK	classie.js Show response news.goshare.tk/wp-content/themes/glob/assets/js/	1 KB 929 B	55ms 16ms	Script application/javascript	104.27.147.160 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://news.goshare.tk/wp-content/themes/glob/assets/js/classie.js?ver=1 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 104.27.147.160 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 0c503e989e37ffb1440d2412858b43c23c2849d7d3fe2f3aab03f9e3739f8400 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept */* Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Cookie __cfduid=dc1b84554f1457c90ec5be3f185ec48791520006773 Connection keep-alive Cache-Control no-cache Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:18 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Mon, 06 Nov 2017 19:54:01 GMT Server cloudflare Etag W/"890-55d55d0e0c2d3-gzip" Vary Accept-Encoding Content-Type application/javascript Cf-Bgj minify Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 3f551c2077d226a8-FRA Expires Fri, 02 Mar 2018 20:06:18 GMT
GET H/1.1	200 OK	counter.css news.goshare.tk/wp-content/plugins/count-per-day/	10 KB 3 KB	32ms 15ms	Stylesheet text/css	104.27.146.160 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://news.goshare.tk/wp-content/plugins/count-per-day/counter.css Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 104.27.146.160 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash cbed89e4d2854cfb40447cfef6a4643d3851b0a14f54497103bbe5491de1ac94 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Cookie __cfduid=dc1b84554f1457c90ec5be3f185ec48791520006773 Connection keep-alive Cache-Control no-cache Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:18 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Mon, 22 May 2017 10:36:02 GMT Server cloudflare Etag W/"2e80-5501a70006880-gzip" Vary Accept-Encoding Content-Type text/css Cf-Bgj minify Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 3f551c2053442660-FRA Expires Fri, 02 Mar 2018 20:06:18 GMT
GET H/1.1	200 OK	wp-emoji-release.min.js Show response news.goshare.tk/wp-includes/js/	12 KB 5 KB	10ms 10ms	Script application/javascript	104.27.146.160 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://news.goshare.tk/wp-includes/js/wp-emoji-release.min.js?ver=4.9.2 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 104.27.146.160 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash dba6b80aceb1267fd1ed564e08a983730d272813e9b3aff85dc365c65333dd66 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept */* Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Cookie __cfduid=dc1b84554f1457c90ec5be3f185ec48791520006773 Connection keep-alive Cache-Control no-cache Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:19 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Fri, 17 Nov 2017 16:27:05 GMT Server cloudflare ETag "2e8b-55e30350d53a1-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 3f551c2136822774-FRA Content-Length 4323 Expires Fri, 02 Mar 2018 20:06:19 GMT
GET H/1.1	200 OK	e082f27f36e11730a61b863f4e030c39.json Show response s3.amazonaws.com/publisher_configurations.shareaholic/	12 KB 2 KB	243ms 139ms	XHR application/json	52.216.165.205 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://s3.amazonaws.com/publisher_configurations.shareaholic/e082f27f36e11730a61b863f4e030c39.json Requested by Host: apps.shareaholic.com URL: http://apps.shareaholic.com/assets/pub/shareaholic.js Protocol HTTP/1.1 Server 52.216.165.205 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash 833b4489098256de47386ecc82aa026c527c914b0a790bc307ad03178fc36310 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Origin http://news.goshare.tk Response headers Date Fri, 02 Mar 2018 16:06:20 GMT Content-Encoding gzip Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method x-amz-request-id 63678DE0581A6D4C Content-Length 1852 x-amz-id-2 20XdqAnWQTgnZ5MYelXzAMCyZpH1wVzOPZKv0YukqQ96+96PY4z1rR+I4QY1zGyiPtdhE6BFPac= Last-Modified Wed, 13 Dec 2017 14:45:54 GMT Server AmazonS3 ETag "b2977afdb6c06ebda41f5345ce5cd348" Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET, HEAD Content-Type application/json Access-Control-Allow-Origin * Access-Control-Expose-Headers ETag Cache-Control max-age=0, public, must-revalidate Accept-Ranges bytes
GET H/1.1	200 OK	notice.php Show response mobpushup.com/ Redirect Chain http://go.mobtrks.com/notice.php?p=1327005&interstitial=1 http://mobpushup.com/notice.php?p=1327005&interstitial=1	0 884 B	37ms 25ms	Script text/javascript	188.72.202.102 WEBZILLA
General Check archive.org Show headers Download Go to Full URL http://mobpushup.com/notice.php?p=1327005&interstitial=1 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 188.72.202.102 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Pragma no-cache Date Fri, 02 Mar 2018 16:06:19 GMT Content-Encoding gzip Server nginx Timing-Allow-Origin *, * Transfer-Encoding chunked P3P CP="CUR ADM OUR NOR STA NID" Cache-Control private, max-age=0, no-cache Connection keep-alive Content-Type text/javascript; charset=UTF-8 Expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers Location http://mobpushup.com/notice.php?p=1327005&interstitial=1 Date Fri, 02 Mar 2018 16:06:19 GMT Server nginx Connection keep-alive Timing-Allow-Origin * Content-Length 154 Content-Type text/html
GET H/1.1	200 OK	coinhive.min.js Show response coinhive.com/lib/	237 KB 64 KB	44ms 17ms	Script application/javascript	217.182.164.12 OVH
General Check archive.org Show headers Download Go to Full URL https://coinhive.com/lib/coinhive.min.js Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 217.182.164.12 , France, ASN16276 (OVH, FR), Reverse DNS w3.coinhive.com Software nginx / Resource Hash a0635ca8e31bc8afcc8bd86c05e285e64adcf17e52b1fd5dd493c8b3b5bb2156 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:19 GMT Content-Encoding gzip Last-Modified Mon, 26 Feb 2018 15:01:47 GMT Server nginx ETag W/"5a94215b-3b46c" Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=28800 Connection keep-alive Expires Sat, 03 Mar 2018 00:06:19 GMT
GET H/1.1	200 OK	Cookie set jscripts.php Show response news.goshare.tk/wp-content/plugins/wp-spamshield/js/	771 B 1 KB	658ms 658ms	Script application/javascript	104.27.146.160 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://news.goshare.tk/wp-content/plugins/wp-spamshield/js/jscripts.php Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 104.27.146.160 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash b4beefbe8847b463287c9024049d42f06f9b141adcf166745f79c92b48999ad3 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept */* Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Cookie __cfduid=dc1b84554f1457c90ec5be3f185ec48791520006773 Connection keep-alive Cache-Control no-cache Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Pragma no-cache Date Fri, 02 Mar 2018 16:06:19 GMT Content-Encoding gzip X-Robots-Tag none Server cloudflare Surrogate-Control no-cache, must-revalidate, max-age=0 Vary *,Accept-Encoding Connection keep-alive Content-Type application/javascript; charset=UTF-8 Cache-Control private, no-store, no-cache, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0, no-transform Set-Cookie PHPSESSID=lkne0clo8ao311ktceinvqaer4; path=/ 2b39a1748c9f74e81822ac16a2d28fe5=4e18b2e5ce69a1c8530e9735fb08c1e8; expires=Fri, 02-Mar-2018 20:06:19 GMT; Max-Age=14400; path=/; domain=news.goshare.tk; HttpOnly ckon1803=sject1803_3a1fab76799a5; expires=Fri, 02-Mar-2018 16:11:19 GMT; Max-Age=300; path=/; domain=news.goshare.tk; HttpOnly CF-RAY 3f551c21e6a82774-FRA Content-Length 510 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	splash.php Show response syndication.exdynsrv.com/	40 KB 13 KB	376ms 201ms	Script application/x-javascript	64.111.199.222 ISPrime
General Check archive.org Show headers Download Go to Full URL https://syndication.exdynsrv.com/splash.php?idzone=2642378 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 64.111.199.222 Weehawken, United States, ASN23393 (ISPRIME - ISPrime, Inc., US), Reverse DNS Software nginx / Resource Hash a96c846937e64eb5a0d20a98b86ea9c5dc0f9c177bb1ae73b0524b0e77098fae Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:19 GMT Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type application/x-javascript
GET H/1.1	200 OK	ads.js Show response ads.exdynsrv.com/	962 B 834 B	34ms 8ms	Script text/javascript	205.185.216.10 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://ads.exdynsrv.com/ads.js Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS map2.hwcdn.net Software / Resource Hash 9e147e267d642c2c0d6955cb1fd4fbf9699e498af7573523cc2b7822ae90e257 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:19 GMT Content-Encoding gzip Last-Modified Fri, 02 Mar 2018 13:28:00 GMT ETag 1519997280 X-HW 1520006779.dop005.fr8.t,1520006779.cds039.fr8.shn,1520006779.dop005.fr8.t,1520006779.cds003.fr8.c Content-Type text/javascript;charset=UTF-8 Cache-Control max-age=10800 Connection Keep-Alive Accept-Ranges bytes Content-Length 443
GET H/1.1	200 OK	display.php Show response a.yesadsrv.com/	1 KB 1 KB	210ms 108ms	Script application/x-javascript	199.21.148.189 Yesup Ecommerce S...
General Check archive.org Show headers Download Go to Full URL http://a.yesadsrv.com/display.php?nid=4&zone=133138&type=banner&sid=82256&pid=11799&subid=&opt1=&opt2= Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 199.21.148.189 North York, Canada, ASN22923 (YESUP-389 - Yesup Ecommerce Solutions Inc., CA), Reverse DNS yesup.com Software Apache/2.4.23 (Fedora) / PHP/5.6.26 Resource Hash 5ef2acec559902eb8be6f2056878c1b4e07a6dad9de2389137e8e705e125baac Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:19 GMT Content-Encoding gzip Last-Modified Fri, 02 Mar 2018 16:06:19 GMT Server Apache/2.4.23 (Fedora) X-Powered-By PHP/5.6.26 Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control max-age=600 Connection close Content-Type application/x-javascript Content-Length 676 Expires Fri, 02 Mar 2018 16:16:19 GMT
GET H/1.1	200 OK	3b98efa19185dd7365b10cdca361547e.jpg news.goshare.tk/wp-content/uploads/2017/05/	26 KB 27 KB	593ms 592ms	Image image/jpeg	104.27.146.160 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://news.goshare.tk/wp-content/uploads/2017/05/3b98efa19185dd7365b10cdca361547e.jpg Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 104.27.146.160 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash c5c79517088ca201c580bae07244bb76be7d99b931593d5972566840430b0d7c Request headers Pragma no-cache Accept-Encoding gzip, deflate Host news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Cookie __cfduid=dc1b84554f1457c90ec5be3f185ec48791520006773; PHPSESSID=lkne0clo8ao311ktceinvqaer4; 2b39a1748c9f74e81822ac16a2d28fe5=4e18b2e5ce69a1c8530e9735fb08c1e8; ckon1803=sject1803_3a1fab76799a5; SJECT1803=CKON1803 Connection keep-alive Cache-Control no-cache Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:20 GMT CF-Cache-Status REVALIDATED Last-Modified Mon, 22 May 2017 21:08:32 GMT Server cloudflare ETag "6990-5502345ff7400" Vary Accept-Encoding Content-Type image/jpeg Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 3f551c2607d72774-FRA Content-Length 27024 Expires Fri, 02 Mar 2018 20:06:20 GMT
GET H/1.1	200 OK	bnr.php Show response ylx-1.com/	370 B 652 B	50ms 25ms	Script application/javascript	185.66.200.164 SKHOSTING-EU
General Check archive.org Show headers Download Go to Full URL http://ylx-1.com/bnr.php?section=General&pub=218314&format=728x90&ga=g Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 185.66.200.164 , Slovakia, ASN201702 (SKHOSTING-EU, SK), Reverse DNS 185.66.200.164.skhosting.eu Software nginx / Resource Hash 74cde4c1131c27001c9edd5b48bca52c13c840e22bd8e07ec8017682717c332f Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Pragma no-cache Date Fri, 02 Mar 2018 16:06:19 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection close X-Robots-Tag noindex,nofollow Expires Sun, 01 Jan 1900 00:00:00 GMT
GET S	404	2_2-TRADING-EN_468x60.gif www.fxopenaffiliate.com/img/	13 KB 13 KB	525ms 387ms	Image text/html	104.28.9.103 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://www.fxopenaffiliate.com/img/2_2-TRADING-EN_468x60.gif Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol SPDY Server 104.28.9.103 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.6.0, ASP.NET Resource Hash 6888d105ce33c6a1a68e27b1bf51cf32cd141eeb18016d18f3c6d2ad38625f9b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 02 Mar 2018 16:06:20 GMT content-encoding gzip cf-cache-status MISS server cloudflare status 404 x-powered-by PHP/5.6.0, ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate, max-age=0 strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 3f551c26eb81729b-AMS link <https://www.fxopenaffiliate.com/en/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	200 OK	Zulutrade-affiliateGeneric-728x90-02.en.gif cripperz.zulutrade.com/Static/Banners/Affiliate/	93 KB 94 KB	231ms 122ms	Image image/gif	198.107.197.22 NTT America
General Check archive.org Show headers Download Go to Show image Full URL http://cripperz.zulutrade.com/Static/Banners/Affiliate/Zulutrade-affiliateGeneric-728x90-02.en.gif Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 198.107.197.22 Englewood, United States, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US), Reverse DNS Software nginx / Resource Hash 65bc2172bb972a85bade039d545897f4ed72751bac92b707a78ae7c551665fe0 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:20 GMT Last-Modified Fri, 10 Jul 2015 13:56:12 GMT Server nginx ETag "a949a22e18bbd01:0" Content-Type image/gif Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 95645 Expires Fri, 09 Mar 2018 16:06:20 GMT
GET S	200	advcash_eng_728_90.gif blog.cripperz.sg/wp-content/uploads/2017/05/	77 KB 77 KB	732ms 663ms	Image image/gif	104.28.20.59 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://blog.cripperz.sg/wp-content/uploads/2017/05/advcash_eng_728_90.gif Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol SPDY Server 104.28.20.59 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash a4f4b00e6df2bcf1eccec64f03b8e5d9d1872dc7ab9baa0197789312500471f9 Security Headers Name Value Strict-Transport-Security max-age=0; preload X-Content-Type-Options nosniff Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 02 Mar 2018 16:06:20 GMT x-content-type-options nosniff cf-cache-status REVALIDATED status 200 vary Accept-Encoding content-length 78612 last-modified Sun, 14 May 2017 10:37:48 GMT server cloudflare etag "13314-54f798796d700" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; preload content-type image/gif cache-control public, max-age=14400 accept-ranges bytes cf-ray 3f551c2678f09ca1-AMS expires Fri, 02 Mar 2018 20:06:20 GMT
GET H/1.1	200 OK	getads.js Show response cdn.chitika.net/	23 KB 9 KB	13ms 5ms	Script application/javascript	151.139.242.30 netDNA
General Check archive.org Show headers Download Go to Full URL http://cdn.chitika.net/getads.js Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 151.139.242.30 Dallas, United States, ASN54104 (AS-STACKPATH - netDNA, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash a3c4980b1b36eaa9395f1f676a8e317899d2f52a53cd428bcde3c240f0bfe028 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:05:36 GMT Content-Encoding gzip Last-Modified Tue, 26 Sep 2017 23:01:27 GMT Server NetDNA-cache/2.2 x-amz-request-id C05D0CA8914C8AC3 ETag "a82e0cf6d276acc6b2376f51af5f4f6b" Vary Accept-Encoding X-Cache HIT Content-Type application/javascript Cache-Control max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 9033 x-amz-id-2 YfRL8s5nChesUjXdh+7kZC3RHOlMAuiN7cVwQm5kzH/dmiwV1WWCvY5x0mhE5AH+sNvS6Z9JHxE= Expires Sat, 03 Mar 2018 16:05:36 GMT
GET H/1.1	200 OK	onejs Show response z-na.amazon-adsystem.com/widgets/	24 KB 8 KB	434ms 118ms	Script application/javascript	52.85.184.26 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=7d92fa00-d6d6-45aa-b38b-22ebba83cc59 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 52.85.184.26 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-52-85-184-26.fra2.r.cloudfront.net Software Server / Resource Hash e3bca73db41b7fd77dcb410c0535787d8cdc87468950123c2d92c7a0970b9071 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Pragma Public Date Fri, 02 Mar 2018 16:06:19 GMT Content-Encoding gzip Server Server X-Cache Miss from cloudfront Content-Type application/javascript;charset=UTF-8 Access-Control-Allow-Origin * charset UTF-8 Cache-Control public,max-age=300,s-maxage=300,no-transform Cneonction close Connection keep-alive Content-Length 7940 Via 1.1 7b88ef0d81161ffd0111d52a2de2bd25.cloudfront.net (CloudFront) X-Amz-Cf-Id 9RdJfhf2ZFTflCf2dN74no2v45mgKEm4RWq_hLH2KJ-cjLTAldBpZg== Expires Fri, 02 Mar 2018 16:11:19 GMT
GET S	200	e-201809.js Show response stats.wp.com/	8 KB 3 KB	24ms 5ms	Script application/x-javascript	192.0.76.3 Automattic
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/e-201809.js Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol SPDY Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US), Reverse DNS Software nginx / Resource Hash aea0c8ddd84132838fcee935f9d827ec5f7ba116e443b25db7a5bcc944cbe914 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 02 Mar 2018 16:06:19 GMT content-encoding gzip server nginx etag W/"5a0c8e17-3298" vary Accept-Encoding content-type application/x-javascript status 200 cache-control max-age=31536000 expires Thu, 14 Feb 2019 22:08:52 GMT
GET BLOB	200 OK	324327b1-d4cb-48b6-ad2e-44097f089fae http://news.goshare.tk/	221 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:http://news.goshare.tk/324327b1-d4cb-48b6-ad2e-44097f089fae Requested by Host: coinhive.com URL: https://coinhive.com/lib/coinhive.min.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 9a6e9774cb243be62cc1a42df09097e29c0a4fc0918804a8e6438b9c06227213 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Content-Length 226623
GET BLOB	200 OK	324327b1-d4cb-48b6-ad2e-44097f089fae http://news.goshare.tk/	221 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:http://news.goshare.tk/324327b1-d4cb-48b6-ad2e-44097f089fae Requested by Host: coinhive.com URL: https://coinhive.com/lib/coinhive.min.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 9a6e9774cb243be62cc1a42df09097e29c0a4fc0918804a8e6438b9c06227213 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Content-Length 226623
GET BLOB	200 OK	324327b1-d4cb-48b6-ad2e-44097f089fae http://news.goshare.tk/	221 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:http://news.goshare.tk/324327b1-d4cb-48b6-ad2e-44097f089fae Requested by Host: coinhive.com URL: https://coinhive.com/lib/coinhive.min.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 9a6e9774cb243be62cc1a42df09097e29c0a4fc0918804a8e6438b9c06227213 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Content-Length 226623
GET BLOB	200 OK	324327b1-d4cb-48b6-ad2e-44097f089fae http://news.goshare.tk/	221 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:http://news.goshare.tk/324327b1-d4cb-48b6-ad2e-44097f089fae Requested by Host: coinhive.com URL: https://coinhive.com/lib/coinhive.min.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 9a6e9774cb243be62cc1a42df09097e29c0a4fc0918804a8e6438b9c06227213 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Content-Length 226623
GET BLOB	200 OK	324327b1-d4cb-48b6-ad2e-44097f089fae http://news.goshare.tk/	221 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:http://news.goshare.tk/324327b1-d4cb-48b6-ad2e-44097f089fae Requested by Host: coinhive.com URL: https://coinhive.com/lib/coinhive.min.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 9a6e9774cb243be62cc1a42df09097e29c0a4fc0918804a8e6438b9c06227213 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Content-Length 226623
GET BLOB	200 OK	324327b1-d4cb-48b6-ad2e-44097f089fae http://news.goshare.tk/	221 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:http://news.goshare.tk/324327b1-d4cb-48b6-ad2e-44097f089fae Requested by Host: coinhive.com URL: https://coinhive.com/lib/coinhive.min.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 9a6e9774cb243be62cc1a42df09097e29c0a4fc0918804a8e6438b9c06227213 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Content-Length 226623
GET BLOB	200 OK	324327b1-d4cb-48b6-ad2e-44097f089fae http://news.goshare.tk/	221 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:http://news.goshare.tk/324327b1-d4cb-48b6-ad2e-44097f089fae Requested by Host: coinhive.com URL: https://coinhive.com/lib/coinhive.min.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 9a6e9774cb243be62cc1a42df09097e29c0a4fc0918804a8e6438b9c06227213 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Content-Length 226623
GET BLOB	200 OK	324327b1-d4cb-48b6-ad2e-44097f089fae http://news.goshare.tk/	221 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:http://news.goshare.tk/324327b1-d4cb-48b6-ad2e-44097f089fae Requested by Host: coinhive.com URL: https://coinhive.com/lib/coinhive.min.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 9a6e9774cb243be62cc1a42df09097e29c0a4fc0918804a8e6438b9c06227213 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Content-Length 226623
GET BLOB	200 OK	324327b1-d4cb-48b6-ad2e-44097f089fae http://news.goshare.tk/	221 KB 0		Other text/plain
General Check archive.org Show headers Download Go to Full URL blob:http://news.goshare.tk/324327b1-d4cb-48b6-ad2e-44097f089fae Requested by Host: coinhive.com URL: https://coinhive.com/lib/coinhive.min.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 9a6e9774cb243be62cc1a42df09097e29c0a4fc0918804a8e6438b9c06227213 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Content-Length 226623
GET S	200	analytics.js Show response www.google-analytics.com/	35 KB 14 KB	7ms 6ms	Script text/javascript	172.217.18.14 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol SPDY Server 172.217.18.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra02s19-in-f14.1e100.net Software Golfe2 / Resource Hash f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Mon, 13 Nov 2017 20:19:12 GMT server Golfe2 age 4337 date Fri, 02 Mar 2018 14:54:02 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 timing-allow-origin * alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" content-length 14597 expires Fri, 02 Mar 2018 16:54:02 GMT
GET H/1.1	200 OK	ads-priv.php Show response syndication.exdynsrv.com/	0 332 B	178ms 90ms	Script text/html	64.111.199.222 ISPrime
General Check archive.org Show headers Download Go to Full URL http://syndication.exdynsrv.com/ads-priv.php?i=0 Requested by Host: syndication.exdynsrv.com URL: https://syndication.exdynsrv.com/splash.php?idzone=2642378 Protocol HTTP/1.1 Server 64.111.199.222 Weehawken, United States, ASN23393 (ISPRIME - ISPrime, Inc., US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:19 GMT Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	popunder2.js Show response ads.exdynsrv.com/	63 KB 29 KB	13ms 7ms	Script text/javascript	205.185.216.42 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL http://ads.exdynsrv.com/popunder2.js Requested by Host: syndication.exdynsrv.com URL: https://syndication.exdynsrv.com/splash.php?idzone=2642378 Protocol HTTP/1.1 Server 205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS map2.hwcdn.net Software / Resource Hash 620e46facb6ad1dae01b370c0f391bae3128ce53241f4475cdc19aba81c17690 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Fri, 02 Mar 2018 16:06:19 GMT Content-Encoding gzip Last-Modified Fri, 02 Mar 2018 13:28:15 GMT ETag 1519997295 X-HW 1520006779.dop002.fr8.t,1520006779.cds050.fr8.c Content-Type text/javascript;charset=UTF-8 Cache-Control max-age=10800 Connection Keep-Alive Accept-Ranges bytes Content-Length 29242
GET S	200	collect www.google-analytics.com/r/	35 B 101 B	14ms 14ms	Image image/gif	172.217.18.14 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j66&a=2046421354&t=pageview&_s=1&dl=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&ul=en-us&de=UTF-8&dt=17-Year-Old%20MS%20Office%20flaw%20CVE-2017-11882%20could%20be%20exploited%20to%20remotely%20install%20malware%20without%20victim%20interaction%20-%20News%20N%20Share&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=830796247&gjid=33246806&cid=96894775.1520006780&tid=UA-65744390-12&_gid=1483968876.1520006780&_r=1&z=737926678 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol SPDY Server 172.217.18.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra02s19-in-f14.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers pragma no-cache date Fri, 02 Mar 2018 16:06:19 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	200	raven.min.js Show response cdn.ravenjs.com/3.15.0/ Frame (A03	24 KB 10 KB	37ms 6ms	Script application/javascript	151.101.65.167 Fastly
General Check archive.org Show headers Download Go to Full URL https://cdn.ravenjs.com/3.15.0/raven.min.js Requested by Host: apps.shareaholic.com URL: http://apps.shareaholic.com/assets/pub/shareaholic.js Protocol SPDY Server 151.101.65.167 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software Fastly / Resource Hash 40a846bfb799526548c9213a41ed3e56a06c64bc18da15247f2177559d20476c Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 02 Mar 2018 16:06:19 GMT content-encoding gzip last-modified Fri, 05 May 2017 20:23:49 GMT server Fastly age 33653 etag "adcbdfdf02c7ca6e9f8850ec1adf3830" vary Accept-Encoding content-type application/javascript; charset=utf-8 status 200 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 9553
GET S	200	mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 fonts.gstatic.com/s/opensans/v15/	9 KB 9 KB	6ms 6ms	Font font/woff2	172.217.18.163 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol SPDY Server 172.217.18.163 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s29-in-f3.1e100.net Software sffe / Resource Hash 8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700&ver=0.1.3 Origin http://news.goshare.tk Response headers date Mon, 12 Feb 2018 18:56:46 GMT x-content-type-options nosniff last-modified Wed, 11 Oct 2017 21:49:46 GMT server sffe age 1544973 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" content-length 8892 x-xss-protection 1; mode=block expires Tue, 12 Feb 2019 18:56:46 GMT
GET S	200	mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2 fonts.gstatic.com/s/opensans/v15/	9 KB 9 KB	6ms 6ms	Font font/woff2	172.217.18.163 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol SPDY Server 172.217.18.163 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s29-in-f3.1e100.net Software sffe / Resource Hash 50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700&ver=0.1.3 Origin http://news.goshare.tk Response headers date Thu, 08 Feb 2018 17:56:36 GMT x-content-type-options nosniff last-modified Wed, 11 Oct 2017 21:49:48 GMT server sffe age 1894184 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" content-length 8916 x-xss-protection 1; mode=block expires Fri, 08 Feb 2019 17:56:36 GMT
GET H/1.1	200 OK	serving.min.css cpx.acloudweb.com/newServing/css/	973 B 988 B	34ms 16ms	Stylesheet text/css	104.28.5.141 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://cpx.acloudweb.com/newServing/css/serving.min.css Requested by Host: a.yesadsrv.com URL: http://a.yesadsrv.com/display.php?nid=4&zone=133138&type=banner&sid=82256&pid=11799&subid=&opt1=&opt2= Protocol HTTP/1.1 Server 104.28.5.141 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 725145218a43bdca03f51ced341052886c94ff7b63e8eb8a634e2e38912c4f0d Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:20 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Tue, 24 Oct 2017 17:29:17 GMT Server cloudflare ETag W/"441046632" Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 3f551c2785a32c24-AMS Expires Fri, 02 Mar 2018 20:06:20 GMT
GET H/1.1	200 OK	cpxcenter.js Show response cpx.acloudweb.com/newServing/js/	20 KB 7 KB	35ms 18ms	Script text/javascript	104.28.5.141 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://cpx.acloudweb.com/newServing/js/cpxcenter.js Requested by Host: a.yesadsrv.com URL: http://a.yesadsrv.com/display.php?nid=4&zone=133138&type=banner&sid=82256&pid=11799&subid=&opt1=&opt2= Protocol HTTP/1.1 Server 104.28.5.141 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash a1f431a5eb9bc1d77e4a11f2478d7143de4dc71483ef822ce6fc21117af995dc Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Fri, 02 Mar 2018 16:06:20 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Fri, 10 Nov 2017 19:53:23 GMT Server cloudflare ETag "3133059325" Vary Accept-Encoding Content-Type text/javascript Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 3f551c2785b22bd6-AMS Content-Length 6168 Expires Fri, 02 Mar 2018 20:06:20 GMT
GET H/1.1	200 OK	tracking_id.php a.yesadsrv.com/newServing/ Redirect Chain http://tr4.tagsd.com/newServing/tracking_id.php?d=a.yesadsrv.com&r=http%3A%2F%2Fa.yesadsrv.com%2FnewServing%2Ftracking_id.php%3Fb%3D1%26&gtruid=1 http://a.yesadsrv.com/newServing/tracking_id.php?b=1&UID=15200067807894&TRSTR=1&RTID=	43 B 685 B	204ms 104ms	Image image/gif	199.21.148.189 Yesup Ecommerce S...
General Check archive.org Show headers Download Go to Show image Full URL http://a.yesadsrv.com/newServing/tracking_id.php?b=1&UID=15200067807894&TRSTR=1&RTID= Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 199.21.148.189 North York, Canada, ASN22923 (YESUP-389 - Yesup Ecommerce Solutions Inc., CA), Reverse DNS yesup.com Software Apache/2.4.23 (Fedora) / Yesup/1.0 Resource Hash 300d762175638ff49fe1e91620dc5a5cef2113ee0d2866aad5f15e7f5602215a Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Pragma no-cache Date Fri, 02 Mar 2018 16:06:20 GMT Server Apache/2.4.23 (Fedora) X-Powered-By Yesup/1.0 P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-cache, must-revalidate Connection close Content-Type image/gif Content-Length 43 Redirect headers Pragma no-cache Date Fri, 02 Mar 2018 16:06:20 GMT Server Apache/2.4.9 (Fedora) X-Powered-By Yesup/1.0 P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location http://a.yesadsrv.com/newServing/tracking_id.php?b=1&UID=15200067807894&TRSTR=1&RTID= Cache-Control no-cache, must-revalidate Connection close Content-Type image/gif Content-Length 0
GET H/1.1	200 OK	shrMain.min.js Show response dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/ Frame (A03	426 KB 81 KB	21ms 7ms	Script application/javascript	216.137.61.71 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/shrMain.min.js Requested by Host: apps.shareaholic.com URL: http://apps.shareaholic.com/assets/pub/shareaholic.js Protocol HTTP/1.1 Server 216.137.61.71 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-216-137-61-71.fra2.r.cloudfront.net Software nginx / Resource Hash 9ce2bccf84aeaf9a79164eddc799e85cd4a77e400278c099fc60ae3e0d59e59c Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 27 Feb 2018 01:06:06 GMT Content-Encoding gzip Age 313214 X-Cache Hit from cloudfront X-Hello-Human Join the fun! Apply at www.shareaholic.com/jobs Content-Length 82291 Access-Control-Allow-Origin * Last-Modified Tue, 27 Feb 2018 01:05:32 GMT Server nginx Cache-Control max-age=31536000, public ETag "1c619172267a0dd2b9bb469896e27821" Content-Type application/javascript Via 1.1 d2625240b33e8b85b3cbea9bb40abb10.cloudfront.net (CloudFront) Connection keep-alive Accept-Ranges bytes X-Amz-Cf-Id RGxeppEeG1zYaPGE5Y-2BXgc7KRmQXT-lMllJOR86xIib-zkQjIRbQ==
GET S	200	cc.min.js Show response cdn.mamrtb.com/js/	16 KB 16 KB	25ms 7ms	Script application/javascript	130.211.23.63 Google LLC
General Check archive.org Show headers Download Go to Full URL https://cdn.mamrtb.com/js/cc.min.js Requested by Host: cpx.acloudweb.com URL: http://cpx.acloudweb.com/newServing/js/cpxcenter.js Protocol SPDY Server 130.211.23.63 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 63.23.211.130.bc.googleusercontent.com Software UploadServer / Resource Hash c49820c5713588e71b60eb3a5dbdc1dedc06472a96ea54c90d9dee63435559a5 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 02 Mar 2018 15:25:43 GMT age 2437 x-guploader-uploadid AEnB2UqsK_K_Rcvf4M2E5yBfThBk0XKlFEhcvQiK2UEWYTGhAUxBG_fcr1Hi0b2ApQa-mZVSql94N5f8A6BMNk-j1vg-sZ1zfw x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc clear content-length 16404 last-modified Fri, 02 Feb 2018 22:46:54 GMT server UploadServer etag "507230ce8c70ae23a8c327a4a7c44131" x-goog-hash crc32c=bml69g==, md5=UHIwzoxwriOowyekp8RBMQ== content-language en x-goog-generation 1517611614212138 cache-control public, max-age=3600 x-goog-stored-content-length 16404 accept-ranges bytes content-type application/javascript expires Fri, 02 Mar 2018 16:25:43 GMT
GET H/1.1	200 OK	i_icon.png cpx.acloudweb.com/newServing/img/	3 KB 3 KB	16ms 16ms	Image image/png	104.28.5.141 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://cpx.acloudweb.com/newServing/img/i_icon.png Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 104.28.5.141 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 2f5ec7608dea4b4d2c67562e079c74862eee62ff0aa5a3f303d13df1c1d13838 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:20 GMT CF-Cache-Status HIT Last-Modified Mon, 17 Oct 2016 20:53:58 GMT Server cloudflare ETag "2484684622" Vary Accept-Encoding Content-Type image/png Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 3f551c27c5c52bd6-AMS Content-Length 3063 Expires Fri, 02 Mar 2018 20:06:20 GMT
GET S	200	KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 fonts.gstatic.com/s/roboto/v18/	10 KB 11 KB	6ms 6ms	Font font/woff2	172.217.18.163 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol SPDY Server 172.217.18.163 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s29-in-f3.1e100.net Software sffe / Resource Hash 4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700&ver=0.1.3 Origin http://news.goshare.tk Response headers date Mon, 12 Feb 2018 19:33:49 GMT x-content-type-options nosniff last-modified Mon, 16 Oct 2017 17:32:51 GMT server sffe age 1542751 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" content-length 10748 x-xss-protection 1; mode=block expires Tue, 12 Feb 2019 19:33:49 GMT
GET H/1.1	200 OK	fontawesome-webfont.woff2 news.goshare.tk/wp-content/themes/glob/assets/fonts/	65 KB 65 KB	8ms 7ms	Font application/octet-stream	104.27.147.160 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://news.goshare.tk/wp-content/themes/glob/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 104.27.147.160 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995 Request headers Pragma no-cache Origin http://news.goshare.tk Accept-Encoding gzip, deflate Host news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept */* Referer http://news.goshare.tk/wp-content/themes/glob/assets/css/font-awesome.min.css?ver=4.5 Cookie __cfduid=dc1b84554f1457c90ec5be3f185ec48791520006773; PHPSESSID=lkne0clo8ao311ktceinvqaer4; 2b39a1748c9f74e81822ac16a2d28fe5=4e18b2e5ce69a1c8530e9735fb08c1e8; ckon1803=sject1803_3a1fab76799a5; SJECT1803=CKON1803; splash_i=false; _ga=GA1.2.96894775.1520006780; _gid=GA1.2.1483968876.1520006780; _gat=1 Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Referer http://news.goshare.tk/wp-content/themes/glob/assets/css/font-awesome.min.css?ver=4.5 Origin http://news.goshare.tk Response headers Date Fri, 02 Mar 2018 16:06:20 GMT CF-Cache-Status HIT Last-Modified Mon, 06 Nov 2017 19:54:01 GMT Server cloudflare ETag "10440-55d55d0e0d273" Vary Accept-Encoding Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 3f551c27e080271a-FRA Content-Length 66624 Expires Fri, 02 Mar 2018 20:06:20 GMT
GET S	200	memnYaGs126MiZpBA-UFUKXGUdhrIqOxjaPX.woff2 fonts.gstatic.com/s/opensans/v15/	9 KB 9 KB	6ms 6ms	Font font/woff2	172.217.18.163 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v15/memnYaGs126MiZpBA-UFUKXGUdhrIqOxjaPX.woff2 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol SPDY Server 172.217.18.163 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s29-in-f3.1e100.net Software sffe / Resource Hash eddd570b5f00d47fee36343bade86dcb0ab86a2c30dedcde3f58504d2a8569dc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700&ver=0.1.3 Origin http://news.goshare.tk Response headers date Thu, 08 Feb 2018 22:32:38 GMT x-content-type-options nosniff last-modified Wed, 11 Oct 2017 21:49:54 GMT server sffe age 1877622 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" content-length 9412 x-xss-protection 1; mode=block expires Fri, 08 Feb 2019 22:32:38 GMT
GET S	200	search Show response serving.mamrtb.com/cc/	20 B 175 B	106ms 105ms	Script application/javascript	130.211.23.63 Google LLC
General Check archive.org Show headers Download Go to Full URL https://serving.mamrtb.com/cc/search?w=468&h=60&nid=4&pid=11799&sid=82256&zone=133138&p=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&r=&f=01&callback=callback33938587 Requested by Host: cdn.mamrtb.com URL: https://cdn.mamrtb.com/js/cc.min.js Protocol SPDY Server 130.211.23.63 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 63.23.211.130.bc.googleusercontent.com Software / Resource Hash 7c58483720dadbbe5075f925f5f6875e18d17adf852c4529f6db279a9604ced5 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers pragma no-cache date Fri, 02 Mar 2018 16:06:20 GMT content-encoding gzip x-openrtb-version 2.5 content-type application/javascript status 200 cache-control no-cache, must-revalidate alt-svc clear content-length 46 via 1.1 google
GET S	200	KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 fonts.gstatic.com/s/roboto/v18/	11 KB 11 KB	7ms 6ms	Font font/woff2	172.217.18.163 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol SPDY Server 172.217.18.163 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s29-in-f3.1e100.net Software sffe / Resource Hash 1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700&ver=0.1.3 Origin http://news.goshare.tk Response headers date Thu, 08 Feb 2018 17:50:16 GMT x-content-type-options nosniff last-modified Mon, 16 Oct 2017 17:33:03 GMT server sffe age 1894564 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" content-length 10764 x-xss-protection 1; mode=block expires Fri, 08 Feb 2019 17:50:16 GMT
GET DATA	200 OK	truncated /	18 KB 0		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 895964971ebdb56ee76d08850bcb4c5a88ec4c65e6a235882304e8ff6767cd7c Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Referer http://news.goshare.tk/wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=1 Origin http://news.goshare.tk Response headers Access-Control-Allow-Origin * Content-Type application/x-font-woff;charset=utf-8
GET H/1.1	200 OK	getad Show response aax-us-east.amazon-adsystem.com/x/	121 KB 25 KB	528ms 236ms	Script text/javascript	54.239.17.113 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://aax-us-east.amazon-adsystem.com/x/getad?src=308&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22placement%22%3A%22adunit0%22%2C%22enable_interest_ads%22%3A%22true%22%2C%22tracking_id%22%3A%22cripperz-20%22%2C%22fallback_mode%22%3A%7B%22type%22%3A%22search%22%2C%22value%22%3A%22kinky%22%7D%2C%22ad_mode%22%3A%22auto%22%2C%22ad_type%22%3A%22smart%22%2C%22emphasize_categories%22%3A%22979455011%2C3367581%2C672123011%2C3250697011%2C3375251%2C2238192011%2C16310101%2C3760901%2C3760911%2C165796011%2C2617941011%2C1036592%2C2335752011%22%2C%22marketplace%22%3A%22amazon%22%2C%22region%22%3A%22US%22%2C%22linkid%22%3A%227b9966b49a42d40bf044524bcdbdaa41%22%2C%22default_category%22%3A%22All%22%2C%22viewerCountry%22%3A%22DE%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22cripperz-20%22%2C%22acap_categoryConstraints%22%3A%5B%7B%22category%22%3A%22979455011%22%2C%22emphasis%22%3A%22Strong%22%2C%22type%22%3A%22AmazonBrowse%22%7D%2C%7B%22category%22%3A%223367581%22%2C%22emphasis%22%3A%22Strong%22%2C%22type%22%3A%22AmazonBrowse%22%7D%2C%7B%22category%22%3A%22672123011%22%2C%22emphasis%22%3A%22Strong%22%2C%22type%22%3A%22AmazonBrowse%22%7D%2C%7B%22category%22%3A%223250697011%22%2C%22emphasis%22%3A%22Strong%22%2C%22type%22%3A%22AmazonBrowse%22%7D%2C%7B%22category%22%3A%223375251%22%2C%22emphasis%22%3A%22Strong%22%2C%22type%22%3A%22AmazonBrowse%22%7D%2C%7B%22category%22%3A%222238192011%22%2C%22emphasis%22%3A%22Strong%22%2C%22type%22%3A%22AmazonBrowse%22%7D%2C%7B%22category%22%3A%2216310101%22%2C%22emphasis%22%3A%22Strong%22%2C%22type%22%3A%22AmazonBrowse%22%7D%2C%7B%22category%22%3A%223760901%22%2C%22emphasis%22%3A%22Strong%22%2C%22type%22%3A%22AmazonBrowse%22%7D%2C%7B%22category%22%3A%223760911%22%2C%22emphasis%22%3A%22Strong%22%2C%22type%22%3A%22AmazonBrowse%22%7D%2C%7B%22category%22%3A%22165796011%22%2C%22emphasis%22%3A%22Strong%22%2C%22type%22%3A%22AmazonBrowse%22%7D%2C%7B%22category%22%3A%222617941011%22%2C%22emphasis%22%3A%22Strong%22%2C%22type%22%3A%22AmazonBrowse%22%7D%2C%7B%22category%22%3A%221036592%22%2C%22emphasis%22%3A%22Strong%22%2C%22type%22%3A%22AmazonBrowse%22%7D%2C%7B%22category%22%3A%222335752011%22%2C%22emphasis%22%3A%22Strong%22%2C%22type%22%3A%22AmazonBrowse%22%7D%5D%2C%22slotNum%22%3A0%2C%22ead%22%3A4%7D&u=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&jscb=amzn_assoc_jsonp_callback_adunit0_0 Requested by Host: z-na.amazon-adsystem.com URL: http://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=7d92fa00-d6d6-45aa-b38b-22ebba83cc59 Protocol HTTP/1.1 Server 54.239.17.113 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software Server / Resource Hash 06c0c22b73152e90cb9e052f58fcab619daf704a82f6191524386fe4bb8d6157 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:20 GMT Content-Encoding gzip Server Server Vary Accept-Encoding,User-Agent Content-Type text/javascript;charset=UTF-8 Transfer-Encoding chunked Connection Keep-Alive Keep-Alive timeout=2, max=10
GET S	200	KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 fonts.gstatic.com/s/roboto/v18/	11 KB 11 KB	6ms 6ms	Font font/woff2	172.217.18.163 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 Requested by Host: cdn.chitika.net URL: http://cdn.chitika.net/getads.js Protocol SPDY Server 172.217.18.163 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s29-in-f3.1e100.net Software sffe / Resource Hash b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700&ver=0.1.3 Origin http://news.goshare.tk Response headers date Thu, 08 Feb 2018 17:50:17 GMT x-content-type-options nosniff last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe age 1894563 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" content-length 10788 x-xss-protection 1; mode=block expires Fri, 08 Feb 2019 17:50:17 GMT
GET H/1.1	200 OK	/ Show response news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/	2 KB 1 KB	1411ms 1411ms	XHR application/json	104.27.146.160 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/?relatedposts=1 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/wp-includes/js/jquery/jquery.js?ver=1.12.4 Protocol HTTP/1.1 Server 104.27.146.160 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 178c29b664c8ad3e79587a35d80520118229525d14f6d2276474267a5680b03f Security Headers Name Value X-Content-Type-Options nosniff Request headers Pragma no-cache Accept-Encoding gzip, deflate Host news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept application/json, text/javascript, */*; q=0.01 Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ X-Requested-With XMLHttpRequest Cookie __cfduid=dc1b84554f1457c90ec5be3f185ec48791520006773; PHPSESSID=lkne0clo8ao311ktceinvqaer4; 2b39a1748c9f74e81822ac16a2d28fe5=4e18b2e5ce69a1c8530e9735fb08c1e8; ckon1803=sject1803_3a1fab76799a5; SJECT1803=CKON1803; splash_i=false; _ga=GA1.2.96894775.1520006780; _gid=GA1.2.1483968876.1520006780; _gat=1 Connection keep-alive Cache-Control no-cache Accept application/json, text/javascript, */*; q=0.01 Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:21 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cloudflare X-Pingback http://news.goshare.tk/xmlrpc.php Content-Type application/json; charset=utf-8 Transfer-Encoding chunked Connection keep-alive CF-RAY 3f551c29f0fb2774-FRA X-UA-Compatible IE=edge
GET S	200	sdk.js Show response connect.facebook.net/en_US/ Redirect Chain http://connect.facebook.net/en_US/sdk.js?_=1520006778968 https://connect.facebook.net/en_US/sdk.js?_=1520006778968	212 KB 66 KB	82ms 68ms	Script application/x-javascript	185.60.216.19 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?_=1520006778968 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol SPDY Server 185.60.216.19 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 1149cd0b55557793198bdbf387375759d52b413bc6db7449c02fa3f79c7e0e67 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 M2oWuPua5rWd1IyMV2auNQ== status 200 content-length 66774 x-xss-protection 0 x-fb-debug jNqUKVcEk9R9p49kc7mtzRBKyMTlka6e1ikmYJa3U0SaIqAADZeqUoOrRVXeJB65O/9h02mMb70QRhgI5j6UZA== x-fb-content-md5 85396a4f415dbe5c42e7579166336213 x-frame-options DENY date Fri, 02 Mar 2018 16:06:20 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 etag "b4ef02dbcee6709922a03d1405cc1945" content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; timing-allow-origin * expires Fri, 02 Mar 2018 16:26:20 GMT Redirect headers Location https://connect.facebook.net/en_US/sdk.js?_=1520006778968 Non-Authoritative-Reason HSTS
GET H/1.1	200 OK	minimall Show response mm.chitika.net/ Frame (E0B	2 KB 1 KB	260ms 149ms	Script text/javascript	34.195.4.146 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://mm.chitika.net/minimall?output=jsonp&publisher=cripperz&unit_id=0&sid=Chitika%20Default&cid=unit_0&calltype=async%5B2%5D&w=300&h=600&url=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&dpr=1&impsrc=getads&history=2&size_screen=1600x1200&size_scroll=1585x2313&size_viewport=1600x1200&vsn=8.2&snip_title=17-Year-Old%20MS%20Office%20flaw%20CVE-2017-11882%20could%20be%20exploited%20to%20remotely%20install%20malware%20without%20vic Requested by Host: cdn.chitika.net URL: http://cdn.chitika.net/getads.js Protocol HTTP/1.1 Server 34.195.4.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-195-4-146.compute-1.amazonaws.com Software Apache / Resource Hash a8c53beff5a0890bfebe64eefbc6b69a010a9f2b69deaa12d1a63b365d5d39dc Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:20 GMT Content-Encoding gzip Server Apache Connection keep-alive Content-Length 1020 Vary Accept-Encoding Content-Type text/javascript; charset=utf-8
GET H/1.1	200 OK	g.gif pixel.wp.com/	50 B 215 B	13ms 7ms	Image image/gif	192.0.76.3 Automattic
General Check archive.org Show headers Download Go to Show image Full URL http://pixel.wp.com/g.gif?v=ext&j=1%3A5.7.1&blog=129484911&post=54453&tz=0&srv=news.goshare.tk&host=news.goshare.tk&ref=&rand=0.3948734803657141 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US), Reverse DNS Software nginx / Resource Hash f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:20 GMT Cache-Control no-cache Server nginx Connection keep-alive Content-Length 50 Content-Type image/gif
GET S	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.1.3/ Frame (A03	82 KB 29 KB	6ms 6ms	Script text/javascript	216.58.206.10 Google LLC
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js Requested by Host: dsms0mj1bbhn4.cloudfront.net URL: http://dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/shrMain.min.js Protocol SPDY Server 216.58.206.10 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s20-in-f10.1e100.net Software sffe / Resource Hash 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Mon, 12 Feb 2018 21:22:18 GMT content-encoding gzip x-content-type-options nosniff age 1536242 status 200 alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" content-length 29707 x-xss-protection 1; mode=block last-modified Tue, 20 Dec 2016 18:17:03 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 12 Feb 2019 21:22:18 GMT
GET S	200	lodash.min.js Show response cdnjs.cloudflare.com/ajax/libs/lodash.js/3.10.0/ Frame (A03	49 KB 19 KB	47ms 15ms	Script application/javascript	104.19.193.102 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/lodash.js/3.10.0/lodash.min.js Requested by Host: dsms0mj1bbhn4.cloudfront.net URL: http://dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/shrMain.min.js Protocol SPDY Server 104.19.193.102 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 25d64b1ec0b422a5df19046e3a6ef88021138da8c3b97bcad56fb687e212e906 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 02 Mar 2018 16:06:20 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 22 Jun 2016 14:42:40 GMT server cloudflare status 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 strict-transport-security max-age=15780000; includeSubDomains cf-ray 3f551c2b292e237e-FRA expires Wed, 20 Feb 2019 16:06:20 GMT
GET S	200	URI.js Show response cdnjs.cloudflare.com/ajax/libs/URI.js/1.14.2/ Frame (A03	55 KB 13 KB	40ms 14ms	Script application/javascript	104.19.193.102 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/URI.js/1.14.2/URI.js Requested by Host: dsms0mj1bbhn4.cloudfront.net URL: http://dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/shrMain.min.js Protocol SPDY Server 104.19.193.102 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash f140bee0aa1ef3debcd8d8bc49ed188d4b6232d155a2d5606d400f3f8ac32faf Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 02 Mar 2018 16:06:20 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 22 Jun 2016 14:39:20 GMT server cloudflare status 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 strict-transport-security max-age=15780000; includeSubDomains cf-ray 3f551c2b292f237e-FRA expires Wed, 20 Feb 2019 16:06:20 GMT
GET S	200	most.min.js Show response cdnjs.cloudflare.com/ajax/libs/most/0.15.0/ Frame (A03	54 KB 13 KB	31ms 10ms	Script application/javascript	104.19.193.102 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/most/0.15.0/most.min.js Requested by Host: dsms0mj1bbhn4.cloudfront.net URL: http://dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/shrMain.min.js Protocol SPDY Server 104.19.193.102 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 183411d5757492ee3db1cd81aba05179ebfc46db07a386173cfee38e5976b4c3 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 02 Mar 2018 16:06:20 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 07 Oct 2016 03:16:21 GMT server cloudflare status 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 strict-transport-security max-age=15780000; includeSubDomains cf-ray 3f551c2b2930237e-FRA expires Wed, 20 Feb 2019 16:06:20 GMT
GET S	200	punycode.min.js Show response cdnjs.cloudflare.com/ajax/libs/URI.js/1.14.2/ Frame (A03	3 KB 2 KB	21ms 9ms	Script application/javascript	104.19.193.102 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/URI.js/1.14.2/punycode.min.js Requested by Host: dsms0mj1bbhn4.cloudfront.net URL: http://dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/shrMain.min.js Protocol SPDY Server 104.19.193.102 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 051051b435a0dc0e3e677045a94fb80610528100dceb49bb599463fbf40867c8 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 02 Mar 2018 16:06:20 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 22 Jun 2016 14:39:20 GMT server cloudflare status 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 strict-transport-security max-age=15780000; includeSubDomains cf-ray 3f551c2b2931237e-FRA expires Wed, 20 Feb 2019 16:06:20 GMT
GET H/1.1	200 OK	app.js Show response dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/apps/adminbadge/ Frame (A03	4 KB 2 KB	9ms 9ms	Script application/javascript	216.137.61.71 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/apps/adminbadge/app.js Requested by Host: dsms0mj1bbhn4.cloudfront.net URL: http://dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/shrMain.min.js Protocol HTTP/1.1 Server 216.137.61.71 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-216-137-61-71.fra2.r.cloudfront.net Software nginx / Resource Hash e99a89edf9329520d29b48d108f94703395753d69474e4b18a29a7a6493dd26c Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 27 Feb 2018 01:06:06 GMT Content-Encoding gzip Age 313214 X-Cache Hit from cloudfront X-Hello-Human Join the fun! Apply at www.shareaholic.com/jobs Content-Length 1863 Access-Control-Allow-Origin * Last-Modified Tue, 27 Feb 2018 01:05:28 GMT Server nginx Cache-Control max-age=31536000, public ETag "2e457f32d819a87bb66d2947aa649294" Content-Type application/javascript Via 1.1 d2625240b33e8b85b3cbea9bb40abb10.cloudfront.net (CloudFront) Connection keep-alive Accept-Ranges bytes X-Amz-Cf-Id 0cYCzVc90GicOc_JeUEF9AWfRhyxSGwL4fmcXfwDj8wktiYAUI2p6w==
GET S	200	IPv6.min.js Show response cdnjs.cloudflare.com/ajax/libs/URI.js/1.14.2/ Frame (A03	973 B 923 B	9ms 9ms	Script application/javascript	104.19.193.102 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/URI.js/1.14.2/IPv6.min.js Requested by Host: dsms0mj1bbhn4.cloudfront.net URL: http://dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/shrMain.min.js Protocol SPDY Server 104.19.193.102 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 3591464c3e232d722279fe74c9babb3117553961ba3d7fcf7b5a5dacedcb1494 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 02 Mar 2018 16:06:20 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 22 Jun 2016 14:39:20 GMT server cloudflare status 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 strict-transport-security max-age=15780000; includeSubDomains cf-ray 3f551c2bb995237e-FRA expires Wed, 20 Feb 2019 16:06:20 GMT
GET S	200	SecondLevelDomains.min.js Show response cdnjs.cloudflare.com/ajax/libs/URI.js/1.14.2/ Frame (A03	8 KB 3 KB	8ms 8ms	Script application/javascript	104.19.193.102 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/URI.js/1.14.2/SecondLevelDomains.min.js Requested by Host: dsms0mj1bbhn4.cloudfront.net URL: http://dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/shrMain.min.js Protocol SPDY Server 104.19.193.102 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 0274f3bc8a0a2af2b21f4ea019b8b8ade926834c4abdd2c77fbf5f1029857ef4 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 02 Mar 2018 16:06:20 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 22 Jun 2016 14:39:20 GMT server cloudflare status 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 strict-transport-security max-age=15780000; includeSubDomains cf-ray 3f551c2bb996237e-FRA expires Wed, 20 Feb 2019 16:06:20 GMT
GET S	200	angular.min.js Show response ajax.googleapis.com/ajax/libs/angularjs/1.3.5/ Frame (A03	122 KB 45 KB	6ms 5ms	Script text/javascript	216.58.206.10 Google LLC
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/angularjs/1.3.5/angular.min.js Requested by Host: dsms0mj1bbhn4.cloudfront.net URL: http://dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/shrMain.min.js Protocol SPDY Server 216.58.206.10 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s20-in-f10.1e100.net Software sffe / Resource Hash 1b733be3b94a8ec2ff6bbd1e19f511b8a57f0a1f00f047528dc0ebc44d36b665 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Mon, 12 Feb 2018 16:28:56 GMT content-encoding gzip x-content-type-options nosniff age 1553844 status 200 alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" content-length 46024 x-xss-protection 1; mode=block last-modified Tue, 20 Dec 2016 18:17:03 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 12 Feb 2019 16:28:56 GMT
GET S	200	/ www.facebook.com/impression.php/fa23d4ef7c0ad4/	43 B 303 B	47ms 47ms	Image image/gif	185.60.216.35 Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/impression.php/fa23d4ef7c0ad4/?lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol SPDY Server 185.60.216.35 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; content-encoding gzip x-content-type-options nosniff status 200 vary Origin, Accept-Encoding x-xss-protection 0 pragma no-cache x-fb-debug mSNPjDRR+fMSGZ92Z3Lerq0of2w8snhDCqjBrk/7Vg8Kp38g9HfDtbYJThi60ioFQE9WH99UambNV6p5Hw2NEQ== date Fri, 02 Mar 2018 16:06:20 GMT expect-ct max-age=10, report-uri="http://reports.fb.com/expectct/" strict-transport-security max-age=15552000; preload access-control-allow-methods OPTIONS content-type image/gif access-control-allow-origin https://www.facebook.com access-control-expose-headers X-FB-Debug, X-Loader-Length cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	204 No Content	chewey mm.chitika.net/	0 149 B	121ms 121ms	Image text/plain	34.195.4.146 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://mm.chitika.net/chewey?event=imp_visible&publisher=cripperz&impId=441b8cd2648bd3507ae7d314ed93873f&url=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&vsn=8.2&container_height=605&container_width=312&unit_id=0&h=600&offset_h=0&sid=Chitika%20Default&viewport_h=1200&viewport_w=1600&xargs=QQXuudYJXdtSAgmL7%2FMtNdJkdPPREr%2F3EEAQ8Skn892QB%2FzpFHiigQtOXjQXDbL6x%2FGangnETJDvEzycDiryILhikeAWg4D6%2Fv3ek8uUVeuWyPIvU7bo6sWE%2BAxGJco54co1Xpfsl3jzJVISfsxXV9S%2BFMn4rqq5LcEefG2qvsdEn2nnd%2FcDRwPNNCBNFhQgtBBgIqlFtf5ZkQTzM1NVz6pBZMLdEWAdXKCywnCfa2BSCx8jTYpXvNS9fnShd7XiH3H5klINx5LeBWiSSNoFrj84J858ojxelXnBxQ4hVBOEde7a2WclTBxAL3aDZqoY7%2BEMkveQHNjT4DltcEK2WlOrd69h%2BYMvHB2E6kiSsVQnaqVRb2lc8DtSrB0Be2Pr4yDsBfa1ZUMOJbkEQdL7InNFnajYEug%2FP3ZfZvNde50mxvCRAw4mrmERu5CMVPqC7stcxsvsM7CosNWyzYi4JgKFQNKlvEBm8GhqON2obTn9RubeN6FUJQ%2FDMfvl4j%2Bgv3h%2BUZsSyI%2B%2Ftb61HcfLJdh7gGxMvl72&w=300&y=423 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 34.195.4.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-195-4-146.compute-1.amazonaws.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:21 GMT Server Apache Connection keep-alive Content-Length 0 Content-Type text/plain
GET H/1.1	200 OK	getjs.aspx Show response tag.contextweb.com/TagPublish/ Frame (E0B	1 KB 1 KB	25ms 19ms	Script application/x-javascript	151.101.112.166 Fastly
General Check archive.org Show headers Download Go to Full URL http://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=300x600&cwpid=560544&cwwidth=300&cwheight=600&cwpnet=1&cwtagid=512282 Requested by Host: cdn.chitika.net URL: http://cdn.chitika.net/getads.js Protocol HTTP/1.1 Server 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software Jetty(9.4.6.v20170531) / Resource Hash bfb92868f0ba29f9a5a1195c64cd576a37c90ee57d7a2a5dec2afa762bdbbcca Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:20 GMT Content-Encoding gzip Content-Type application/x-javascript Server Jetty(9.4.6.v20170531) Age 0 X-Served-By cache-hhn1539-HHN X-Cache MISS P3P policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" Via 1.1 varnish Cache-Control no-cache, no-store Connection keep-alive Accept-Ranges bytes X-Timer S1520006781.985726,VS0,VE14 Content-Length 690 X-Cache-Hits 0
GET H/1.1	200 OK	pageview.gif analytics.shareaholic.com/dough/1.0/	43 B 419 B	247ms 110ms	Image image/gif	34.206.79.23 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://analytics.shareaholic.com/dough/1.0/pageview.gif?id_sync=b05e7fde-ac08-403f-8641-8463a2b06f53&referrer=&canon=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&cl=en-US&site=e082f27f36e11730a61b863f4e030c39 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 34.206.79.23 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-206-79-23.compute-1.amazonaws.com Software Jetty(9.3.15.v20161220) / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Cache-Control no-cache Server Jetty(9.3.15.v20161220) Connection keep-alive P3P CP="OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC" Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	rtset Show response bh.contextweb.com/bh/ Frame (E0B Redirect Chain http://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc http://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_tc= http://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEGJL5686L-_VwoUHyRTzGO4&google_cver=1	0 872 B	30ms 24ms	Script application/x-javascript	151.101.112.166 Fastly
General Check archive.org Show headers Download Go to Full URL http://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEGJL5686L-_VwoUHyRTzGO4&google_cver=1 Requested by Host: blank URL: about:blank Protocol HTTP/1.1 Server 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software Jetty(9.4.6.v20170531) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:21 GMT Via 1.1 varnish Server Jetty(9.4.6.v20170531) Content-Language en-US P3P policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" Expires -1 Cache-Control private, max-age=0, no-cache, no-store X-Cache-Hits 0 X-Cache MISS Connection keep-alive Accept-Ranges bytes Content-Type application/x-javascript;charset=iso-8859-1 CW-Server ams-bh02 Content-Length 0 X-Served-By cache-hhn1541-HHN Redirect headers Pragma no-cache Date Fri, 02 Mar 2018 16:06:21 GMT Server HTTP server (unknown) P3P policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Location http://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEGJL5686L-_VwoUHyRTzGO4&google_cver=1 Cache-Control no-cache, must-revalidate Content-Type text/html; charset=UTF-8 Content-Length 305 X-XSS-Protection 1; mode=block Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	getjs.static.js Show response tag-st.contextweb.com/TagPublish/ Frame (E0B	33 KB 12 KB	11ms 5ms	Script application/x-javascript	151.101.112.166 Fastly
General Check archive.org Show headers Download Go to Full URL http://tag-st.contextweb.com/TagPublish/getjs.static.js?v=30 Requested by Host: tag.contextweb.com URL: http://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=300x600&cwpid=560544&cwwidth=300&cwheight=600&cwpnet=1&cwtagid=512282 Protocol HTTP/1.1 Server 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software Jetty(9.4.6.v20170531) / Resource Hash d9c83831c4fd8a292e99c3599fd935f6d9e95728e022d8903d983e816c8edfe6 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:21 GMT Content-Encoding gzip Age 526 X-Cache HIT P3P policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" Connection keep-alive Content-Length 11586 X-Served-By cache-hhn1537-HHN Server Jetty(9.4.6.v20170531) X-Timer S1520006781.217315,VS0,VE0 ETag 41ce410a657f6ff4203a5d7662febbe1b696d4a5 Content-Type application/x-javascript Via 1.1 varnish Cache-Control max-age=432000, public Accept-Ranges bytes X-Cache-Hits 320
GET S	200	/ www.facebook.com/impression.php/f3487697b63d34/	43 B 196 B	52ms 52ms	Image image/gif	185.60.216.35 Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/impression.php/f3487697b63d34/?lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol SPDY Server 185.60.216.35 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; content-encoding gzip x-content-type-options nosniff status 200 vary Origin, Accept-Encoding x-xss-protection 0 pragma no-cache x-fb-debug imY5lKxIpIbmneTfCgTTcpDkb38yS3XtpB/6ri4yC78hIaj9pabk2xvFb77nz/Fionh2GMeq9fWa3R1m49zO/A== date Fri, 02 Mar 2018 16:06:21 GMT expect-ct max-age=10, report-uri="http://reports.fb.com/expectct/" strict-transport-security max-age=15552000; preload access-control-allow-methods OPTIONS content-type image/gif access-control-allow-origin https://www.facebook.com access-control-expose-headers X-FB-Debug, X-Loader-Length cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	app.js Show response dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/apps/sharebuttons/ Frame (A03	275 KB 46 KB	7ms 7ms	Script application/javascript	216.137.61.71 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/apps/sharebuttons/app.js Requested by Host: dsms0mj1bbhn4.cloudfront.net URL: http://dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/shrMain.min.js Protocol HTTP/1.1 Server 216.137.61.71 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-216-137-61-71.fra2.r.cloudfront.net Software nginx / Resource Hash 838ee9f099d925d06b35ae1ad70fd5d4f37d5911fac6ab90e01032fcc1d75839 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 27 Feb 2018 01:06:07 GMT Content-Encoding gzip Age 313214 X-Cache Hit from cloudfront X-Hello-Human Join the fun! Apply at www.shareaholic.com/jobs Content-Length 46807 Access-Control-Allow-Origin * Last-Modified Tue, 27 Feb 2018 01:05:29 GMT Server nginx Cache-Control max-age=31536000, public ETag "c15bedc882d71f8fa8d39b136bc33d3b" Content-Type application/javascript Via 1.1 d2625240b33e8b85b3cbea9bb40abb10.cloudfront.net (CloudFront) Connection keep-alive Accept-Ranges bytes X-Amz-Cf-Id ibERhNAekb28aesdWFmUV4ua_AfVDyC4O9bRldAXtTrRM32FTc-23Q==
GET H/1.1	200 OK	app.js Show response dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/apps/recommendations/ Frame (A03	84 KB 14 KB	21ms 14ms	Script application/javascript	216.137.61.79 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/apps/recommendations/app.js Requested by Host: dsms0mj1bbhn4.cloudfront.net URL: http://dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/shrMain.min.js Protocol HTTP/1.1 Server 216.137.61.79 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-216-137-61-79.fra2.r.cloudfront.net Software nginx / Resource Hash 5af7ecfb59e1ef2ed8d01761a53c69569c92d8d3aca1e3b821303fcf62751b21 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 27 Feb 2018 01:06:09 GMT Content-Encoding gzip Age 313212 X-Cache Hit from cloudfront X-Hello-Human Join the fun! Apply at www.shareaholic.com/jobs Content-Length 13291 Access-Control-Allow-Origin * Last-Modified Tue, 27 Feb 2018 01:05:28 GMT Server nginx Cache-Control max-age=31536000, public ETag "f036ca17254816961043872292ea6e75" Content-Type application/javascript Via 1.1 7a5407bd3564d5f8494603c5f2d0661f.cloudfront.net (CloudFront) Connection keep-alive Accept-Ranges bytes X-Amz-Cf-Id tMOROkZnJIVddN67rLW5jeB1OXkr76POHG8l047wTXIExM5xQPRxcQ==
GET H/1.1	200 OK	app.js Show response dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/apps/cookieconsent/ Frame (A03	7 KB 3 KB	16ms 9ms	Script application/javascript	216.137.61.71 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/apps/cookieconsent/app.js Requested by Host: dsms0mj1bbhn4.cloudfront.net URL: http://dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/shrMain.min.js Protocol HTTP/1.1 Server 216.137.61.71 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-216-137-61-71.fra2.r.cloudfront.net Software nginx / Resource Hash 9249ddc6b74beb57df3a39459b3dd68f23625a0babd53ca0d90b29d959465b60 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 27 Feb 2018 01:06:07 GMT Content-Encoding gzip Age 313214 X-Cache Hit from cloudfront X-Hello-Human Join the fun! Apply at www.shareaholic.com/jobs Content-Length 2423 Access-Control-Allow-Origin * Last-Modified Tue, 27 Feb 2018 01:05:28 GMT Server nginx Cache-Control max-age=31536000, public ETag "2c51f03f820ca67f261239517e098f9e" Content-Type application/javascript Via 1.1 1a483cde6df004748f3e5c80dc46df26.cloudfront.net (CloudFront) Connection keep-alive Accept-Ranges bytes X-Amz-Cf-Id uXpVaNstS5ku8yvzH_OLrQNWftdA8-of5-ZYbIQDc76cbCtmmztXKg==
GET H/1.1	200 OK	vglnk.js Show response clickcdn.shareaholic.com/api/	78 KB 28 KB	22ms 16ms	Script text/javascript	104.16.161.13 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://clickcdn.shareaholic.com/api/vglnk.js Requested by Host: dsms0mj1bbhn4.cloudfront.net URL: http://dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/shrMain.min.js Protocol HTTP/1.1 Server 104.16.161.13 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 92efc665ebca8487dc337b4ad91d83a8f49d7b275b77903dc22a3c335adc12d9 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:21 GMT Content-Encoding gzip CF-Cache-Status HIT x-amz-request-id D578FFC61E0105EF Connection keep-alive Content-Length 27647 x-amz-id-2 E6izgLfwJCx//zMuuOmz8qmYbZ8qsQ5F+nNcKyE/div23Cpj8FkTVcXVY9FXW6U7rLgNeLJaYfQ= Last-Modified Tue, 27 Feb 2018 18:50:27 GMT Server cloudflare ETag "a3898990903acdbf47b8aa1eea719e0b" Vary Accept-Encoding Content-Type text/javascript Cache-Control public, max-age=60 Accept-Ranges bytes CF-RAY 3f551c2eb0989726-FRA Expires Fri, 02 Mar 2018 16:07:21 GMT
GET H/1.1	200 OK	asid Show response recs.shareaholic.com/ Frame (A03	100 B 357 B	637ms 217ms	XHR application/json	34.233.68.78 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://recs.shareaholic.com/asid?location=http%3A%2F%2Fnews.goshare.tk%2F&api_key=e082f27f36e11730a61b863f4e030c39 Requested by Host: cdn.ravenjs.com URL: https://cdn.ravenjs.com/3.15.0/raven.min.js Protocol HTTP/1.1 Server 34.233.68.78 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-233-68-78.compute-1.amazonaws.com Software Jetty(9.3.15.v20161220) / Resource Hash 476a7a3db0208b307a28fe04b14d7b4aa319c9aa1f9eb3e3885744ef84e9793f Request headers Accept */* Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Origin http://news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Access-Control-Allow-Origin http://news.goshare.tk Access-Control-Allow-Credentials true Server Jetty(9.3.15.v20161220) Connection keep-alive Content-Length 100 Vary Accept-Encoding, User-Agent Content-Type application/json
GET H/1.1	200 OK	partners.js Show response partner.shareaholic.com/	4 KB 2 KB	457ms 148ms	Script application/javascript	107.20.140.231 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&canonical=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&site=e082f27f36e11730a61b863f4e030c39&id_sync=b05e7fde-ac08-403f-8641-8463a2b06f53 Requested by Host: dsms0mj1bbhn4.cloudfront.net URL: http://dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/shrMain.min.js Protocol HTTP/1.1 Server 107.20.140.231 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-107-20-140-231.compute-1.amazonaws.com Software Jetty(9.3.15.v20161220) / Resource Hash c1ae911f23779d60168464b52eab62fa3cc91d7627548661f8728d96e5edc915 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Pragma no-cache Content-Encoding gzip Server Jetty(9.3.15.v20161220) Vary Accept-Encoding, User-Agent P3P CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC' Cache-Control no-cache, no-store, must-revalidate Connection close Content-Type application/javascript; charset=utf-8 Expires 0
GET H/1.1	200 OK	logo.svg dsms0mj1bbhn4.cloudfront.net/v2/4de109d5343df5fb666bc3fa34a8e8fd534773c7/images/badge/	743 B 962 B	8ms 7ms	Image image/svg+xml	216.137.61.79 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://dsms0mj1bbhn4.cloudfront.net/v2/4de109d5343df5fb666bc3fa34a8e8fd534773c7/images/badge/logo.svg Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 216.137.61.79 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-216-137-61-79.fra2.r.cloudfront.net Software nginx / Resource Hash 90fadc153cb3202eb4e63fa7f561f19d28ba6b66e1a91a57813c66c3032d54d9 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Mon, 22 Jan 2018 03:12:46 GMT Content-Encoding gzip Age 3416015 X-Cache Hit from cloudfront X-Hello-Human Join the fun! Apply at www.shareaholic.com/jobs Content-Length 360 Access-Control-Allow-Origin * Last-Modified Mon, 22 Jan 2018 03:11:59 GMT Server nginx Cache-Control max-age=31536000, public ETag "7a52dac630d29c308609b1fc7e2ae382" Content-Type image/svg+xml Via 1.1 7a5407bd3564d5f8494603c5f2d0661f.cloudfront.net (CloudFront) Connection keep-alive Accept-Ranges bytes X-Amz-Cf-Id En2lk0YE5Q1M6gLYIZnHZiZfKH2AcAn6FcRPudq9ddoV8ARunhM8cQ==
GET H/1.1	200 OK	amzn-nsa-sprite-2x.png wms-na.amazon-adsystem.com/panda/20070822/US/img/	4 KB 5 KB	316ms 7ms	Image image/png	54.230.95.122 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://wms-na.amazon-adsystem.com/panda/20070822/US/img/amzn-nsa-sprite-2x.png Requested by Host: URL: dynscript-1.js Protocol HTTP/1.1 Server 54.230.95.122 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-54-230-95-122.fra2.r.cloudfront.net Software Server / Resource Hash 3d363721e733cd455560f59c74cffdb28148623c7c716a23403bd6b85696b4fa Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Wed, 28 Feb 2018 10:47:41 GMT Via 1.1 60a935292c9892b0b7f9e56f65af863a.cloudfront.net (CloudFront) Last-Modified Thu, 11 Jan 2018 08:51:16 GMT Server Server Age 191920 ETag "10ef-5627c403c847f" X-Cache Hit from cloudfront Content-Type image/png Charset UTF-8 Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 4335 X-Amz-Cf-Id RSOgI3Q6TPel5Gueh8ykY5gDRc82uCopLiFPPxazyg48l3VjPNAr0g== Expires Wed, 07 Mar 2018 10:47:41 GMT
GET H/1.1	200 OK	user_info Show response shareaholic.com/v2/ Frame (A03	185 B 507 B	744ms 114ms	Script application/json	52.4.156.167 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://shareaholic.com/v2/user_info?callback=jQuery213023723476811602096_1520006780705&_=1520006780706 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js Protocol HTTP/1.1 Server 52.4.156.167 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-4-156-167.compute-1.amazonaws.com Software / Resource Hash 9af3bab7de9751d0c734eed1e55306b7e3f9e31ab18c56955783870ad341ba9b Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers X-Runtime 0.004848 ETag 726d13235a959d76e3b4bac169250535 Vary Origin Content-Type application/json; charset=utf-8 X-Git-Revision Cache-Control max-age=0, private, must-revalidate, no-transform Connection keep-alive Content-Length 185 X-Request-Id b2441fb4-fd49-458f-8dd3-a9bba421b316
GET H/1.1	200 OK	pixel.gif cdn.viglink.com/images/	43 B 689 B	16ms 10ms	Image image/gif	104.16.160.13 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://cdn.viglink.com/images/pixel.gif?ch=1&rn=0.5746770859453314 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 104.16.160.13 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:21 GMT CF-Cache-Status HIT Last-Modified Tue, 10 Feb 2015 03:29:39 GMT Server cloudflare x-amz-request-id 480FE8A16E8876C4 ETag "221d8352905f2c38b3cb2bd191d630b0" Vary Accept-Encoding Content-Type image/gif Cache-Control max-age=15, must-revalidate Connection keep-alive Accept-Ranges bytes CF-RAY 3f551c3003369804-FRA Content-Length 43 x-amz-id-2 nx4ztmy9xtXAq3L/qrp8U9wziVMxiZkMuViZzajHp7nDEQ+2Y3vyhXsWQbzGOoit6Yi0+tUL/1Y=
GET H/1.1	200 OK	pixel.gif cdn.viglink.com/images/	43 B 689 B	19ms 12ms	Image image/gif	104.16.161.13 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://cdn.viglink.com/images/pixel.gif?ch=2&rn=0.5746770859453314 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 104.16.161.13 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:21 GMT CF-Cache-Status HIT Last-Modified Tue, 10 Feb 2015 03:29:39 GMT Server cloudflare x-amz-request-id 480FE8A16E8876C4 ETag "221d8352905f2c38b3cb2bd191d630b0" Vary Accept-Encoding Content-Type image/gif Cache-Control max-age=15, must-revalidate Connection keep-alive Accept-Ranges bytes CF-RAY 3f551c3002e197b6-FRA Content-Length 43 x-amz-id-2 nx4ztmy9xtXAq3L/qrp8U9wziVMxiZkMuViZzajHp7nDEQ+2Y3vyhXsWQbzGOoit6Yi0+tUL/1Y=
GET DATA	200 OK	truncated / Frame (A03	37 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Response headers Access-Control-Allow-Origin * Content-Type image/gif
GET H/1.1	200 OK	GetAd.aspx Show response ads.contextweb.com/TagPublish/ Frame (E0B	5 KB 3 KB	25ms 18ms	Script application/x-javascript	151.101.112.166 Fastly
General Check archive.org Show headers Download Go to Full URL http://ads.contextweb.com/TagPublish/GetAd.aspx?tagver=1&ca=VIEWAD&cp=560544&ct=512282&cwod=&epid=&esid=&brk=false&ccid=&wp=0&cf=300x600&asv=30&rq=1&dw=300&cwu=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&cwr=&mrnd=48014306&if=1&tl=-1&pxy=1151,723&cxy=300,600&dxy=1585,2671&tz=0&ln=en-US&acid=pp_ad_container_0 Requested by Host: tag-st.contextweb.com URL: http://tag-st.contextweb.com/TagPublish/getjs.static.js?v=30 Protocol HTTP/1.1 Server 151.101.112.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software Jetty(9.4.6.v20170531) / Resource Hash dfe0479078924db83da5e7d6861a0dd023c4cdf6d9ea7372bc482c5f4ca5b8e6 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:21 GMT Content-Encoding gzip X-Cache MISS P3P policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" Connection keep-alive Content-Length 1905 X-Served-By cache-hhn1536-HHN Pragma no-cache Server Jetty(9.4.6.v20170531) CWDL 12/139 Via 1.1 varnish Expires Thu, 01 Jan 1970 00:00:00 GMT Cache-Control private, max-age=0, no-cache, no-store Accept-Ranges bytes Content-Type application/x-javascript; charset=utf-8 CW-Server AMS-PRTS00:8080 AMS-TAG11:8080 X-Cache-Hits 0
GET S	200	css fonts.googleapis.com/	461 B 429 B	16ms 16ms	Stylesheet text/css	172.217.18.170 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Shadows+Into+Light Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js Protocol SPDY Server 172.217.18.170 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s29-in-f10.1e100.net Software ESF / Resource Hash 3d2cd7fd783c67dba62b61dbfc529992f5de5a0c8eb6cfbfd4fcf7f94e332fcd Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 02 Mar 2018 16:06:21 GMT content-encoding gzip last-modified Fri, 02 Mar 2018 16:06:21 GMT server ESF link <https://fonts.gstatic.com>; rel=preconnect; crossorigin status 200 x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" x-xss-protection 1; mode=block expires Fri, 02 Mar 2018 16:06:21 GMT
GET H/1.1	200 OK	arrow_version_1.svg Show response dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/images/share-buttons/share-arrows/1/ Frame (A03	2 KB 2 KB	13ms 7ms	XHR image/svg+xml	216.137.61.177 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/images/share-buttons/share-arrows/1/arrow_version_1.svg?color= Requested by Host: cdn.ravenjs.com URL: https://cdn.ravenjs.com/3.15.0/raven.min.js Protocol HTTP/1.1 Server 216.137.61.177 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-216-137-61-177.fra2.r.cloudfront.net Software nginx / Resource Hash 79749f1725bf191cef4de7f1f92caa16a676b733221a74bc78af82bbc77b3dc1 Request headers Accept application/json, text/plain, */* Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Origin http://news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 27 Feb 2018 01:06:09 GMT Content-Encoding gzip Age 313212 X-Cache Hit from cloudfront Connection keep-alive Content-Length 992 Access-Control-Allow-Origin * Last-Modified Tue, 27 Feb 2018 01:05:32 GMT Server nginx X-Hello-Human Join the fun! Apply at www.shareaholic.com/jobs ETag "17e62e8877cc9dc1228b3aa04138c390" Access-Control-Max-Age 2000 Access-Control-Allow-Methods GET, HEAD, PUT, POST, DELETE Content-Type image/svg+xml Via 1.1 e72ed739d85b0c5633dfd1f214a1adca.cloudfront.net (CloudFront) Access-Control-Expose-Headers ETag, Access-Control-Allow-Origin Cache-Control max-age=31536000, public Accept-Ranges bytes X-Amz-Cf-Id bZ4RxecpYE5L8FDr73KNsP0XPxnDiTRwHfFvh8wy27i_WM6KFhF9Qw==
GET DATA	200 OK	truncated /	492 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4299f2aaa46eea61cff7da0f945e26cf0ace8a35ea912182e7df2a9958db8e10 Request headers Response headers Access-Control-Allow-Origin * Content-Type image/png
GET H/1.1	200 OK	demconf.jpg Show response dpm.demdex.net/ Frame (E0B Redirect Chain http://dpm.demdex.net/ibs:dpid=96678&dpuuid=L6we9SCyH1OV http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=L6we9SCyH1OV	42 B 767 B	49ms 36ms	Script image/gif	52.208.135.160 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=L6we9SCyH1OV Requested by Host: blank URL: about:blank Protocol HTTP/1.1 Server 52.208.135.160 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-208-135-160.eu-west-1.compute.amazonaws.com Software / Resource Hash 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers DCS irl1-prod-dcs-019be7bf1.edge-irl1.demdex.com 5.24.5.20180207092905 3ms Pragma no-cache Date Fri, 02 Mar 2018 16:06:21 GMT X-TID BIyC0frSQVo= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 42 Expires Thu, 01 Jan 2009 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 02 Mar 2018 16:06:21 GMT X-TID eY7oY/H0SVc= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location http://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=96678&dpuuid=L6we9SCyH1OV Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 2009 00:00:00 GMT
GET H/1.1	200 OK	400066.gif idsync.rlcdn.com/ Frame (E0B Redirect Chain http://idsync.rlcdn.com/400066.gif?partner_uid=L6we9SCyH1OV http://idsync.rlcdn.com/400066.gif?partner_uid=L6we9SCyH1OV&redirect=1	43 B 533 B	113ms 109ms	Image image/gif	34.204.246.70 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://idsync.rlcdn.com/400066.gif?partner_uid=L6we9SCyH1OV&redirect=1 Requested by Host: blank URL: about:blank Protocol HTTP/1.1 Server 34.204.246.70 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-204-246-70.compute-1.amazonaws.com Software / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Expires Thu, 01 Jan 1970 00:00:00 GMT Cache-Control no-cache, no-store Connection keep-alive P3P CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE" Content-Length 43 Content-Type image/gif; charset=ISO-8859-1 Redirect headers Location http://idsync.rlcdn.com/400066.gif?partner_uid=L6we9SCyH1OV&redirect=1 Expires Thu, 01 Jan 1970 00:00:00 GMT Cache-Control no-cache, no-store Connection keep-alive Content-Type image/gif; charset=ISO-8859-1 Content-Length 0 P3P CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
GET S	200	adc_txt_EvenTextersHateTexters_300x600.jpg images.chitika.net/creatives/txt/ Frame (428	10 KB 10 KB	30ms 6ms	Image image/jpeg	151.139.245.6 netDNA
General Check archive.org Show headers Download Go to Show image Full URL https://images.chitika.net/creatives/txt/adc_txt_EvenTextersHateTexters_300x600.jpg Requested by Host: blank URL: about:blank Protocol SPDY Server 151.139.245.6 Dallas, United States, ASN54104 (AS-STACKPATH - netDNA, US), Reverse DNS Software nginx / Resource Hash 12ac98a07a53d17d35f20bc296d95015068f9e6bb21376dce80dd0c612835e47 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 02 Mar 2018 16:06:21 GMT last-modified Mon, 06 Mar 2017 17:48:49 GMT server nginx x-amz-request-id 0CC72D3B0CDEF0BD etag "37286a2bcba478156cc2bc1b8d05f7b7" x-cache HIT content-type image/jpeg status 200 cache-control max-age=604800 accept-ranges bytes content-length 9861 x-amz-id-2 xtBpWkR9M65sI7P/ubgNrns9g+LNNZ/kmoETOPppOsFqMEM+CnNgoObBnXf9e00qjq6KdJw4ZRo= expires Fri, 09 Mar 2018 16:06:21 GMT
GET H/1.1	200 OK	shareaholic-icons.woff dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/fonts/	19 KB 19 KB	7ms 7ms	Font application/font-woff	216.137.61.177 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://dsms0mj1bbhn4.cloudfront.net/v2/8f37c900c0c9f23b72d23e4e13d948c9d1ee4921/fonts/shareaholic-icons.woff Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 216.137.61.177 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-216-137-61-177.fra2.r.cloudfront.net Software nginx / Resource Hash 2c9fbe1f35f01d54e6c8c55b2ac99b5040aa925d025e8d389498a806d3114afc Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Origin http://news.goshare.tk Response headers Date Tue, 27 Feb 2018 01:06:07 GMT Content-Encoding gzip Age 313214 X-Cache Hit from cloudfront X-Hello-Human Join the fun! Apply at www.shareaholic.com/jobs Content-Length 19061 Access-Control-Allow-Origin * Last-Modified Tue, 27 Feb 2018 01:05:29 GMT Server nginx Cache-Control max-age=31536000, public ETag "f03f5fb27f9e13a0c0f1017c9562e9dd" Content-Type application/font-woff Via 1.1 e72ed739d85b0c5633dfd1f214a1adca.cloudfront.net (CloudFront) Connection keep-alive Accept-Ranges bytes X-Amz-Cf-Id UGs6MUKh6SKkZEArsMY3_3GGo6kWEgR78yEHG2480Kx97t5Occgzfg==
GET S	200	UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD55TecYQ.woff2 fonts.gstatic.com/s/shadowsintolight/v7/	16 KB 16 KB	8ms 7ms	Font font/woff2	172.217.18.163 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/shadowsintolight/v7/UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD55TecYQ.woff2 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js Protocol SPDY Server 172.217.18.163 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s29-in-f3.1e100.net Software sffe / Resource Hash dc58d181a1ca8799768209864f5fa4a449a0234cb7f3aaab4e031c7c23e33457 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Shadows+Into+Light Origin http://news.goshare.tk Response headers date Mon, 12 Feb 2018 19:34:51 GMT x-content-type-options nosniff last-modified Tue, 10 Oct 2017 23:10:53 GMT server sffe age 1542690 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" content-length 15892 x-xss-protection 1; mode=block expires Tue, 12 Feb 2019 19:34:51 GMT
GET H/1.1	200 OK	/ Show response graph.facebook.com/ Frame (A03	272 B 793 B	83ms 76ms	Script application/json	185.60.216.15 Facebook
General Check archive.org Show headers Download Go to Full URL http://graph.facebook.com/?id=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&callback=jQuery213023723476811602096_1520006780707&_=1520006780708 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js Protocol HTTP/1.1 Server 185.60.216.15 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 545fb7a6e541a824219c5ad0315ef5dd0658f4f0a83a9c4544fb80817bc6d7b2 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Pragma no-cache X-FB-Debug YSzW+d/AECSCWwF8KZsrGZTCJJV8eXiPB3AuZ4Ef2R5pxnv2IMILJ7hi3m8U+DOl2DKVgdVM1S5jVq+8/xuF1A== Content-Encoding gzip x-fb-trace-id ADmsNv/pyNp ETag "f79382a89d874b46a492192393c2d9bd74c2d6de" Vary Accept-Encoding Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control private, no-cache, no-store, must-revalidate Date Fri, 02 Mar 2018 16:06:21 GMT x-fb-rev 3689654 Connection keep-alive Content-Length 220 facebook-api-version v2.5 Expires Sat, 01 Jan 2000 00:00:00 GMT
OPTIONS S	200	rpc Show response clients6.google.com/ Frame (A03	0 462 B	50ms 18ms	XHR text/plain	172.217.18.174 Google LLC
General Check archive.org Show headers Download Go to Full URL https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ Requested by Host: cdn.ravenjs.com URL: https://cdn.ravenjs.com/3.15.0/raven.min.js Protocol SPDY Server 172.217.18.174 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s29-in-f14.1e100.net Software GSE / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Access-Control-Request-Method POST Origin http://news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Access-Control-Request-Headers content-type Response headers date Fri, 02 Mar 2018 16:06:21 GMT x-content-type-options nosniff status 200 access-control-max-age 3600 alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" content-length 0 x-xss-protection 1; mode=block server GSE x-frame-options SAMEORIGIN access-control-allow-methods DELETE,GET,HEAD,PATCH,POST,PUT content-type text/plain; charset=UTF-8 access-control-allow-origin http://news.goshare.tk vary Origin, X-Origin cache-control private, max-age=0 access-control-allow-credentials true access-control-allow-headers content-type expires Fri, 02 Mar 2018 16:06:21 GMT
GET H/1.1	200 OK	count.json Show response api.pinterest.com/v1/urls/ Frame (A03 Redirect Chain http://api.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F... https://api.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2...	202 B 535 B	143ms 106ms	Script application/javascript	151.101.112.84 Fastly
General Check archive.org Show headers Download Go to Full URL https://api.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&callback=jQuery213023723476811602096_1520006780709&_=1520006780710 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 151.101.112.84 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash 9b6f11bdd9c0aeac9437f75ba0c7c01ebab5cd93ecffd36b6598f8f04c95e80b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:22 GMT X-Content-Type-Options nosniff Age 0 Content-Type application/javascript Access-Control-Allow-Origin * Pinterest-Generated-By Cache-Control private Connection keep-alive Content-Length 202 X-Pinterest-RID 962124685699 Expires Fri, 02 Mar 2018 16:21:22 GMT Redirect headers Location https://api.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&callback=jQuery213023723476811602096_1520006780709&_=1520006780710 Non-Authoritative-Reason HSTS
GET S	200	share Show response www.linkedin.com/countserv/count/ Frame (A03	236 B 1 KB	225ms 130ms	Script text/javascript	185.63.145.1 LinkedIn Corporation
General Check archive.org Show headers Download Go to Full URL https://www.linkedin.com/countserv/count/share?url=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&callback=jQuery213023723476811602096_1520006780711&_=1520006780712 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js Protocol SPDY Server 185.63.145.1 , United States, ASN14413 (LINKEDIN - LinkedIn Corporation, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash 9ff1970e2e79a1fe70e8007b63e324b81f7b8c465be07c039534c7a780856341 Security Headers Name Value Content-Security-Policy default-src *; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src static.licdn.com www.youtube.com; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; connect-src * lnkd-communities: voyager:; report-uri https://www.linkedin.com/lite/contentsecurity?f=l Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 02 Mar 2018 16:06:21 GMT content-encoding gzip x-content-type-options nosniff status 200 strict-transport-security max-age=2592000 vary Accept-Encoding x-li-uuid o7vDDRImGBUAkw3a8CoAAA== server Apache-Coyote/1.1 pragma no-cache x-li-pop prod-efr5 x-frame-options sameorigin content-type text/javascript;charset=UTF-8 x-xss-protection 1; mode=block cache-control no-cache, no-store content-security-policy default-src *; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src static.licdn.com www.youtube.com; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; connect-src * lnkd-communities: voyager:; report-uri https://www.linkedin.com/lite/contentsecurity?f=l x-li-proto http/2 x-li-fabric prod-lva1 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	sholic.js Show response px.owneriq.net/stas/s/	12 KB 4 KB	27ms 8ms	Script application/x-javascript	104.111.243.55 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL http://px.owneriq.net/stas/s/sholic.js Requested by Host: partner.shareaholic.com URL: https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&canonical=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&site=e082f27f36e11730a61b863f4e030c39&id_sync=b05e7fde-ac08-403f-8641-8463a2b06f53 Protocol HTTP/1.1 Server 104.111.243.55 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-111-243-55.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash d71650de5de6e2280a143aa40d57aaabf22f8489190e63ba4d3b8acd2c6a7496 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:21 GMT Content-Encoding gzip Last-Modified Tue, 28 Mar 2017 01:23:14 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding Content-Type application/x-javascript Connection keep-alive Content-Length 3466 Expires Sat, 03 Mar 2018 09:17:35 GMT
GET H/1.1	200 OK	YNMJrK4lsMAJlxSsJDb17LW8YmmHRLakZxkWagp6 Show response n-cdn.areyouahuman.com/play/	114 KB 38 KB	26ms 7ms	Script text/javascript	52.85.184.75 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://n-cdn.areyouahuman.com/play/YNMJrK4lsMAJlxSsJDb17LW8YmmHRLakZxkWagp6?AYAH_F2=news.goshare.tk&AYAH_P2=b05e7fde-ac08-403f-8641-8463a2b06f53&AYAH_F1=Lotame Requested by Host: partner.shareaholic.com URL: https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&canonical=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&site=e082f27f36e11730a61b863f4e030c39&id_sync=b05e7fde-ac08-403f-8641-8463a2b06f53 Protocol HTTP/1.1 Server 52.85.184.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-52-85-184-75.fra2.r.cloudfront.net Software / Express Resource Hash e876ae33eb6218bdb3a9916bec66812bce3a5f421be052e5eaa7bb98fd037694 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:05:13 GMT Content-Encoding gzip Age 68 X-Powered-By Express Vary Accept-Encoding X-Cache Hit from cloudfront P3P CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM" Via 1.1 ae322f9f82b436687f3bcaf36433b2bb.cloudfront.net (CloudFront) Cache-Control public, max-age=600 Transfer-Encoding chunked Connection keep-alive Content-Type text/javascript X-Amz-Cf-Id wGVAsTzmFJ5dgV3u7hB3gAW7mGeYDmssko9gHrTvari_mQiw2bVHnw==
GET H/1.1	200 OK	beacon.js Show response b.scorecardresearch.com/	1 KB 1 KB	12ms 7ms	Script application/x-javascript	2.16.186.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL http://b.scorecardresearch.com/beacon.js Requested by Host: partner.shareaholic.com URL: https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&canonical=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&site=e082f27f36e11730a61b863f4e030c39&id_sync=b05e7fde-ac08-403f-8641-8463a2b06f53 Protocol HTTP/1.1 Server 2.16.186.16 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-16-186-16.deploy.akamaitechnologies.com Software / Resource Hash d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:21 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type application/x-javascript Cache-Control private, no-transform, max-age=1209600 Connection keep-alive Content-Length 901 Expires Fri, 16 Mar 2018 16:06:21 GMT
GET S	200	afsh.js Show response cdn.tynt.com/	9 KB 4 KB	54ms 12ms	Script application/javascript	104.16.88.26 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdn.tynt.com/afsh.js Requested by Host: partner.shareaholic.com URL: https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&canonical=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&site=e082f27f36e11730a61b863f4e030c39&id_sync=b05e7fde-ac08-403f-8641-8463a2b06f53 Protocol SPDY Server 104.16.88.26 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 074ffd980e9f1dd87b5bf91e5c860ddb9c8d2cbb5acd88c27ab574435126f494 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 02 Mar 2018 16:06:22 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 23 Jan 2018 16:30:28 GMT server cloudflare etag W/"5a676324-2300" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=259200 cf-ray 3f551c338b3c63d3-FRA expires Mon, 05 Mar 2018 16:06:22 GMT
GET H/1.1	200 OK	ados.js Show response static.adzerk.net/	32 KB 8 KB	24ms 13ms	Script application/x-javascript	104.17.27.15 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://static.adzerk.net/ados.js Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 104.17.27.15 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 9a6356b85531f9e2b096721fce322874aa66fc9cf750f8c2ec86e65aab241a97 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:21 GMT Content-Encoding gzip CF-Cache-Status HIT x-amz-request-id 805E34EFBF3D7433 CF-RAY 3f551c33702226fc-FRA Connection keep-alive Content-Length 7800 x-amz-id-2 LL/8Plu7lw5VpZ0PL966uCKumFqHZB6q9ul+V+UG/BOOe7Im2i94Nr3FHOo6sYH5ebb+TPZy82U= Last-Modified Wed, 01 Nov 2017 20:31:39 GMT Server cloudflare ETag "54d1b5760cca6b6c640f0704c69e8281" Vary Accept-Encoding x-amz-version-id 9GqhtIWblaDDsZNJhvQxXvYx_5i3GH9o Cache-Control public, max-age=604800 Accept-Ranges bytes Content-Type application/x-javascript Expires Fri, 09 Mar 2018 16:06:21 GMT
POST H/1.1	200 OK	ping Show response api.viglink.com/api/	248 B 823 B	82ms 44ms	XHR text/javascript	52.48.254.224 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://api.viglink.com/api/ping Requested by Host: clickcdn.shareaholic.com URL: http://clickcdn.shareaholic.com/api/vglnk.js Protocol HTTP/1.1 Server 52.48.254.224 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-48-254-224.eu-west-1.compute.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash 47bab7ee1229098313bac3738a90ad5bef4da33b65d84682cf92104834d924ff Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Origin http://news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Pragma no-cache Date Fri, 02 Mar 2018 16:06:21 GMT Server Apache-Coyote/1.1 P3P CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI" Access-Control-Allow-Origin http://news.goshare.tk Cache-Control no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/javascript;charset=UTF-8 Content-Length 248 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	bk-coretag.js Show response tags.bkrtx.com/js/	38 KB 13 KB	22ms 8ms	Script application/javascript	104.111.243.128 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL http://tags.bkrtx.com/js/bk-coretag.js Requested by Host: partner.shareaholic.com URL: https://partner.shareaholic.com/partners.js?location=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&canonical=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&site=e082f27f36e11730a61b863f4e030c39&id_sync=b05e7fde-ac08-403f-8641-8463a2b06f53 Protocol HTTP/1.1 Server 104.111.243.128 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-111-243-128.deploy.static.akamaitechnologies.com Software / Resource Hash f6de9ced41ed54dbfc4f51abfeb65d843bd8dd33a45cbb773ecf5f92d065dd52 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:22 GMT Content-Encoding gzip Last-Modified Thu, 25 May 2017 21:04:06 GMT ETag "991c-5505f8fb7697f-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 13297 Expires Fri, 09 Mar 2018 16:06:22 GMT
POST S	200	rpc Show response clients6.google.com/ Frame (A03	468 B 591 B	31ms 28ms	XHR application/json	172.217.18.174 Google LLC
General Check archive.org Show headers Download Go to Full URL https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol SPDY Server 172.217.18.174 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s29-in-f14.1e100.net Software GSE / Resource Hash b08efbfdee0fd5ec33a116d153265ae2636bca91ecee0800920c1b7aadedc317 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Origin http://news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Content-Type application/json Response headers date Fri, 02 Mar 2018 16:06:22 GMT content-encoding gzip x-content-type-options nosniff status 200 alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" content-length 251 x-xss-protection 1; mode=block pragma no-cache server GSE x-frame-options SAMEORIGIN etag "7xOJMczQaoyf-s1SIKuKXuRa2AU/Xbl3w23h1bfL-9c97PAfZgOvZrE" vary Origin, X-Origin content-type application/json; charset=UTF-8 access-control-allow-origin http://news.goshare.tk access-control-expose-headers Cache-Control,Content-Encoding,Content-Length,Content-Type,Date,ETag,Expires,Pragma,Server,Vary,X-Google-GFE-Backend-Request-Cost cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	tpid=b05e7fde-ac08-403f-8641-8463a2b06f53 bcp.crwdcntrl.net/map/c=9193/tp=SHLC/	49 B 304 B	31ms 30ms	Image image/gif	34.248.254.218 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://bcp.crwdcntrl.net/map/c=9193/tp=SHLC/tpid=b05e7fde-ac08-403f-8641-8463a2b06f53 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 34.248.254.218 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-34-248-254-218.eu-west-1.compute.amazonaws.com Software / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Pragma no-cache Date Fri, 02 Mar 2018 16:06:22 GMT P3P CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV Cache-Control no-cache X-Server 10.26.12.144 Connection keep-alive Content-Type image/gif Content-Length 49 Expires 0
GET H/1.1	204 No Content	b b.scorecardresearch.com/	0 248 B	9ms 6ms	Image text/plain	2.16.186.16 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL http://b.scorecardresearch.com/b?c1=7&c2=19376307&c3=1&ns__t=1520006782078&ns_c=UTF-8&cv=3.1&c8=17-Year-Old%20MS%20Office%20flaw%20CVE-2017-11882%20could%20be%20exploited%20to%20remotely%20install%20malware%20without%20victim%20interaction%20-%20News%20N%20Share&c7=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F&c9= Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 2.16.186.16 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-16-186-16.deploy.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Pragma no-cache Date Fri, 02 Mar 2018 16:06:22 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	/ Show response px.owneriq.net/j/	866 B 846 B	13ms 9ms	Script application/x-javascript	104.111.243.55 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL http://px.owneriq.net/j/?pt=sholic&t=m%7C%22Microsoft%22,d%7C%22Government%2520Services%22&s=inte Requested by Host: px.owneriq.net URL: http://px.owneriq.net/stas/s/sholic.js Protocol HTTP/1.1 Server 104.111.243.55 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-111-243-55.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 6a2f89348a93e13d48c5e7fae6369112f2a071cf32a2b4866e33c016c6fb9865 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:22 GMT Content-Encoding gzip Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Connection keep-alive Content-Type application/x-javascript Content-Length 495
GET H/1.1	200 OK	ados Show response engine.adzerk.net/	0 684 B	484ms 359ms	Script application/javascript	54.243.149.87 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://engine.adzerk.net/ados?t=1520006782096&request={%22Placements%22:[{%22A%22:9604,%22S%22:879039,%22D%22:%22azkoutstreamvideoad%22,%22AT%22:163,%22Z%22:[163581]}],%22Keywords%22:%22undefined%22,%22Referrer%22:%22%22,%22IsAsync%22:true} Requested by Host: static.adzerk.net URL: http://static.adzerk.net/ados.js Protocol HTTP/1.1 Server 54.243.149.87 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-243-149-87.compute-1.amazonaws.com Software nginx/1.12.1 / adzerk bifrost/ Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Pragma no-cache Date Fri, 02 Mar 2018 16:06:22 GMT ETag W/"0-1B2M2Y8AsgTpgAmY7PhCfg" Server nginx/1.12.1 x-powered-by adzerk bifrost/ Access-Control-Allow-Methods GET, PUT, POST, DELETE, OPTIONS Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin undefined Expires 0 Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept, Origin, Content-Type, Content-Length Content-Length 0 x-served-by engine-i-0d4b77d16cea3bb95
GET H/1.1	200 OK	ados Show response engine.adzerk.net/	0 684 B	239ms 117ms	Script application/javascript	54.243.149.87 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://engine.adzerk.net/ados?t=1520006782116&request={%22Placements%22:[{%22A%22:9604,%22S%22:879039,%22D%22:%22azkinimagead%22,%22AT%22:163,%22Z%22:[164216]}],%22Keywords%22:%22undefined%22,%22Referrer%22:%22%22,%22IsAsync%22:true} Requested by Host: static.adzerk.net URL: http://static.adzerk.net/ados.js Protocol HTTP/1.1 Server 54.243.149.87 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-243-149-87.compute-1.amazonaws.com Software nginx/1.12.1 / adzerk bifrost/ Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Pragma no-cache Date Fri, 02 Mar 2018 16:06:22 GMT ETag W/"0-1B2M2Y8AsgTpgAmY7PhCfg" Server nginx/1.12.1 x-powered-by adzerk bifrost/ Access-Control-Allow-Methods GET, PUT, POST, DELETE, OPTIONS Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin undefined Expires 0 Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept, Origin, Content-Type, Content-Length Content-Length 0 x-served-by engine-i-0c7f4de3fd4e98485
GET H/1.1	200 OK	p ic.tynt.com/b/	35 B 626 B	222ms 110ms	Image image/gif	208.100.17.183 Steadfast
General Check archive.org Show headers Download Go to Show image Full URL http://ic.tynt.com/b/p?id=sh!sh&lm=0&ts=1520006782137&dn=AFSH&iso=0&img=http%3A%2F%2Fnews.goshare.tk%2Fwp-content%2Fuploads%2F2017%2F05%2F3b98efa19185dd7365b10cdca361547e.jpg&t=17-Year-Old%20MS%20Office%20flaw%20CVE-2017-11882%20could%20be%20exploited%20to%20remotely%20install%20malware%20without%20victim%20interaction%20-%20News%20N%20Share&cu=http%3A%2F%2Fnews.goshare.tk%2F17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction%2F Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 208.100.17.183 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US), Reverse DNS ip183.208-100-17.static.steadfastdns.net Software nginx/1.10.3 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:22 GMT Last-Modified Fri, 16 Apr 2010 15:38:20 GMT Server nginx/1.10.3 ETag "4bc8846c-23" P3P policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA Cache-Control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" Connection close Accept-Ranges bytes Content-Type image/gif Content-Length 35 Expires "Sat, 26 Jul 1997 05:00:00 GMT"
POST H/1.1	204 No Content	events Show response n-cdn-origin.areyouahuman.com/	0 420 B	2754ms 141ms	XHR text/plain	52.7.87.123 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://n-cdn-origin.areyouahuman.com/events?cb=1520006782178:3786399&ak=b49ed50d730737ed6207146832de33c04 Requested by Host: n-cdn.areyouahuman.com URL: http://n-cdn.areyouahuman.com/play/YNMJrK4lsMAJlxSsJDb17LW8YmmHRLakZxkWagp6?AYAH_F2=news.goshare.tk&AYAH_P2=b05e7fde-ac08-403f-8641-8463a2b06f53&AYAH_F1=Lotame Protocol HTTP/1.1 Server 52.7.87.123 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-7-87-123.compute-1.amazonaws.com Software / Express Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Origin http://news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin http://news.goshare.tk Date Fri, 02 Mar 2018 16:06:24 GMT Access-Control-Allow-Credentials true Connection keep-alive X-Powered-By Express Vary Origin P3P CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
GET H/1.1	200 OK	ep px.owneriq.net/	0 317 B	7ms 7ms	Image text/html	104.111.243.55 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL http://px.owneriq.net/ep?sid%5B%5D=3906811573&sid%5B%5D=4912014379&sid%5B%5D=3585802694&sid%5B%5D=3588953253&pt=sholic&uid=Q5732931821187865504J&jcs=1 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 104.111.243.55 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-111-243-55.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:22 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control max-age=22251 Connection keep-alive Content-Type text/html Content-Length 0
POST H/1.1	200 OK	domains Show response api.viglink.com/api/	56 B 502 B	33ms 32ms	XHR text/javascript	52.48.254.224 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://api.viglink.com/api/domains Requested by Host: clickcdn.shareaholic.com URL: http://clickcdn.shareaholic.com/api/vglnk.js Protocol HTTP/1.1 Server 52.48.254.224 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-48-254-224.eu-west-1.compute.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash dfb4e3fe8e8fccf0d05812240fb75aec46824ae1f0b757182fa08f4ff6d363b0 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Origin http://news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Pragma no-cache Date Fri, 02 Mar 2018 16:06:21 GMT Server Apache-Coyote/1.1 P3P CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI" Access-Control-Allow-Origin http://news.goshare.tk Cache-Control no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/javascript;charset=UTF-8 Content-Length 56 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200	v2 Show response de.tynt.com/deb/	709 B 1 KB	326ms 218ms	Script application/javascript	208.100.17.187 Steadfast
General Check archive.org Show headers Download Go to Full URL http://de.tynt.com/deb/v2?id=sh!sh&dn=AFSH&cc=1&r= Requested by Host: cdn.tynt.com URL: https://cdn.tynt.com/afsh.js Protocol HTTP/1.1 Server 208.100.17.187 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US), Reverse DNS ip187.208-100-17.static.steadfastdns.net Software / Resource Hash b3384b16dc687e1fef70a32a31228aced4e86d60f0b9c29a899dd6fc7c0a280d Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:22 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false Content-Type application/javascript Connection close P3P CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA Content-Length 709 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	ca.png s.cpx.to/ Redirect Chain http://ib.adnxs.com/getuid?http%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3D%26pid%3D11254%26adnxs_uid%3D%24UID http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%253A%252F%252Fs.cpx.to%252Fca.png%253Fref%253D%2526pid%253D11254%2526adnxs_uid%253D%2524UID http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=379713204515381955	95 B 499 B	61ms 30ms	Image image/png	52.50.56.65 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=379713204515381955 Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 52.50.56.65 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-50-56-65.eu-west-1.compute.amazonaws.com Software akka-http/2.4.17 / Resource Hash bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Pragma no-cache Date Fri, 02 Mar 2018 16:06:22 GMT Server akka-http/2.4.17 P3P CP="NOI DEV ADM" Cache-Control no-store, must-revalidate, private, max-age=0 Connection keep-alive Content-Type image/png Content-Length 95 Expires Fri, 02 Mar 2018 16:06:22 GMT Redirect headers Pragma no-cache Date Fri, 02 Mar 2018 16:06:24 GMT X-Proxy-Origin 148.251.45.254; 148.251.45.254; 244.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.8:80 AN-X-Request-Uuid de75d954-99da-4edd-a8b6-628a26e71e3f Server nginx/1.13.4 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=379713204515381955 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	405716.gif idsync.rlcdn.com/	43 B 533 B	110ms 109ms	Image image/gif	34.204.246.70 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://idsync.rlcdn.com/405716.gif?partner_uid=CmUMK1qZdn4DRwSXBY5RAg%3D%3D Requested by Host: news.goshare.tk URL: http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ Protocol HTTP/1.1 Server 34.204.246.70 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-204-246-70.compute-1.amazonaws.com Software / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers Referer http://news.goshare.tk/17-year-old-ms-office-flaw-cve-2017-11882-could-be-exploited-to-remotely-install-malware-without-victim-interaction/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Expires Thu, 01 Jan 1970 00:00:00 GMT Cache-Control no-cache, no-store Connection keep-alive P3P CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE" Content-Length 43 Content-Type image/gif; charset=ISO-8859-1
GET H/1.1	200 OK	close.png news.goshare.tk/wp-content/plugins/facebook-page-promoter-lightbox/includes/featherlight/	1 KB 2 KB	606ms 605ms	Image image/png	104.27.146.160 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://news.goshare.tk/wp-content/plugins/facebook-page-promoter-lightbox/includes/featherlight/close.png Requested by Host: news.goshare.tk URL: http://news.goshare.tk/wp-includes/js/jquery/jquery.js?ver=1.12.4 Protocol HTTP/1.1 Server 104.27.146.160 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash c39eed10adea9e22dce8b7ad09ed85c3ba7c4149b3906d7f3479ccda1fdf7833 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host news.goshare.tk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://news.goshare.tk/wp-content/plugins/facebook-page-promoter-lightbox/includes/featherlight/featherlight.css?ver=4.9.2 Cookie __cfduid=dc1b84554f1457c90ec5be3f185ec48791520006773; PHPSESSID=lkne0clo8ao311ktceinvqaer4; 2b39a1748c9f74e81822ac16a2d28fe5=4e18b2e5ce69a1c8530e9735fb08c1e8; ckon1803=sject1803_3a1fab76799a5; SJECT1803=CKON1803; splash_i=false; _ga=GA1.2.96894775.1520006780; _gid=GA1.2.1483968876.1520006780; _gat=1; _ga=GA1.3.96894775.1520006780; _gid=GA1.3.1483968876.1520006780; cookie_consent=seen Connection keep-alive Cache-Control no-cache Referer http://news.goshare.tk/wp-content/plugins/facebook-page-promoter-lightbox/includes/featherlight/featherlight.css?ver=4.9.2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 02 Mar 2018 16:06:23 GMT CF-Cache-Status REVALIDATED Last-Modified Sat, 30 Sep 2017 20:20:36 GMT Server cloudflare ETag "5ed-55a6ddfc94d00" Vary Accept-Encoding Content-Type image/png Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 3f551c39b59d2774-FRA Content-Length 1517 Expires Fri, 02 Mar 2018 20:06:23 GMT